Railway Infrastructure Cybersecurity: An Overview

Authors

DOI:

https://doi.org/10.34190/eccws.23.1.2296

Keywords:

Railways, OT security, Cyber-physical systems, Cybersecurity, Critical infrastructure security

Abstract

The railway infrastructure constitutes a type of operational technology (OT)-based critical infrastructure, which is expected to work 24x7, 365 days a year, and where the life expectancy of operational equipment often exceeds 30 years. In this domain, an operational anomaly compromising the OT system can cause a train accident or interrupt traffic, with potentially significant impact in terms of business as well as for passenger safety. Due to their relevance, railways are strategic assets of national interest and, consequently, targets of interest for cybercriminals and cyberwarfare activities. For instance, service interruptions may trigger ripple effects resulting in product shortages and widespread supply chain disruptions, with severe impacts for both the economy and national security. In a bid to optimise and streamline operations. the railway industry has recently started taking a series of significant steps towards digitization, with infrastructures experiencing a significant paradigm shift which, for instance, makes it possible to have centralised interlockings and Radio Block Centre (RBC) for an entire country, with geographical redundancy, ensuring the utmost availability and punctuality by moving the control logic to the cloud. Nevertheless, these developments must always be carried on within the scope of established cybersecurity standards and frameworks. This paper presents an analysis of the state of the art on railway cybersecurity, focused on the existing solutions based on the application of the CENELEC “Technical specification 50701 - Railway Application – Cybersecurity”, which is currently the latest European specification addressing railways, being designed to help suppliers, integrators, and operators to implement a cybersecurity risk assessment plan, the necessary controls, and the management of the complete system life cycle. Special attention will be paid to the conduit between the rail signal interlocking system, that controls the line signalling, and the Automatic Train Supervision (ATS) that runs in the Operational Control Centre (OCC), as this has been identified by the European Union Agency for Cybersecurity (ENISA) as one of the most critical systems identified by the operators of essential services.

Author Biographies

João Nunes, University of Coimbra, CISUC, DEI, Portugal

João Nunes is a student of the MSc. in Informatics Security at the University of Coimbra, Portugal. He is currently researching about railway cybersecurity, with a particular focus on standardisation and cyber-physical infrastructure aspects.

Tiago Cruz, University of Coimbra, CISUC, DEI, Portugal

Tiago Cruz is an Associate Professor with the Department of Informatics Engineering of the University of Coimbra. His research interests cover areas such as management systems for communications infrastructures and services, critical infrastructure security, broadband access network device and service management, Internet of Things, software defined networking, and network function virtualization.

Paulo Simões, University of Coimbra, CISUC, DEI, Portugal

Paulo Simões is an Associate Professor with the University of Coimbra. He has over 180 journals and conference publications in his research areas. He is regularly involved in several European- and industry-funded research projects, with both technical and management activities. His research interests include security, network management, and critical infrastructure protection.

Downloads

Published

2024-06-21