Advanced solutions to Improve Cybersecurity in Railway
Minimize the risk of cyber threats and to quantify them. The main goal of the research undertaken is to minimize the risk of cyber threats and to quantify them.
Projects status and results
Railway maintenance based on information and communications technologies (ICT), generally depends on Internet infrastructure, and this makes it vulnerable to cybersecurity threats. These cyber threats may have negative impact on railway stakeholders e.g., threat to the safety, loss of railway data integrity and confidentiality, reputational damage, monetary loss, service unavailability, loss of dependability, etc. Therefore, there is a need to develop advance cybersecurity solutions for railway to minimize the risk of these cyber threats. This research is using both qualitative and quantitative methods for collecting cybersecurity data. Collecting cybersecurity data is really a challenging task because of its sensitivity due to its safety and security issues.
In the current research, we have identified various issues and challenges that can be faced by railway organizations. We have also estimated the cybersecurity maturity levels of railway organizations and proposed cybersecurity framework for railways. Next, we have conducted a systematic review and outline cybersecurity emerging trends and approaches, and identified possible solutions by querying literature, academic and industrial, for future directions (see Figure 1). In addition, we have proposed a methodology on how to deals with OT security in the railway signalling using Failure Mode, Effects and Criticality Analysis (FMECA) and ISA/IEC 62443 security risk assessment methodologies to quantify cyber threats.
Sponsor: Trafikverket
Researchers: Ravdeep Kour, Ramin Karim (PL)
Duration: 2021-22
Updated: