Peer Reviewed

Design Lessons for Cybersecurity in the Rail Control System Environment

Following the revolutionary evolution of railways and their signalling and communications technologies, there has been a subsequent and equally exciting period of refinement in both train and rail control systems in which emergent computer devices, software programming and network systems have been deployed with myriad benefits and efficiencies for the operator and passengers alike. Unfortunately, accompanying these leaps in sophistication of the new systems has been the grim, costly and threatening ‘black cloud’ of malicious and targeted cyber attack of system vulnerabilities or, possibly more worryingly, the reality of unintended, unexpected and seemingly random cyber security breaches. In this article, the author outlines some lessons learned from a case study of the delivery of a distributed, computer-based metro signalling, control and communications system. The aim is to illuminate not just what was done well and not so well to achieve a secured design for this complex system, but also what practically can be done in future to ensure that the rail industry not only builds in defences against existing threats, but becomes even more fortress-like in anticipating whatever new ones the ‘big, bad wolf’ may come up with.

Go to the profile of Douglas B. Milligan
Oct 24, 2016

Please sign in or register for FREE

Register to E&T Cyber Security Hub

E&T Cyber Security Hub brings together engineers and cyber security specialists to share practical know-how. With content created ‘by engineers, for engineers,’ it provides peer-reviewed technical information, real-world insights, lessons learnt and case studies, as well as tools for networking and knowledge-sharing, profiles of experts and the opportunity for companies to showcase their expertise.


No comments yet.