Design Lessons for Cybersecurity in the Rail Control System Environment
Following the revolutionary evolution of railways and their signalling and communications technologies, there has been a subsequent and equally exciting period of refinement in both train and rail control systems in which emergent computer devices, software programming and network systems have been deployed with myriad benefits and efficiencies for the operator and passengers alike. Unfortunately, accompanying these leaps in sophistication of the new systems has been the grim, costly and threatening ‘black cloud’ of malicious and targeted cyber attack of system vulnerabilities or, possibly more worryingly, the reality of unintended, unexpected and seemingly random cyber security breaches. In this article, the author outlines some lessons learned from a case study of the delivery of a distributed, computer-based metro signalling, control and communications system. The aim is to illuminate not just what was done well and not so well to achieve a secured design for this complex system, but also what practically can be done in future to ensure that the rail industry not only builds in defences against existing threats, but becomes even more fortress-like in anticipating whatever new ones the ‘big, bad wolf’ may come up with.
Please sign in or register for FREE
Sign in to E&T Cyber Security Hub
Register to E&T Cyber Security Hub
E&T Cyber Security Hub brings together engineers and cyber security specialists to share practical know-how. With content created ‘by engineers, for engineers,’ it provides peer-reviewed technical information, real-world insights, lessons learnt and case studies, as well as tools for networking and knowledge-sharing, profiles of experts and the opportunity for companies to showcase their expertise.