Abstract
Urban railway systems are increasingly relying on information and communications technologies (ICT). This evolution makes cybersecurity an important concern, in addition to the traditional focus on reliability, availability, maintainability and safety. In this paper, we examine two examples of cyber-intensive systems in urban railway environments—a communications-based train control system, and a mobile app that provides transit information to commuters—and use them to study the challenges for conducting security analysis in this domain. We show the need for a cyber-physical perspective in order to understand the cross-domain attack/defense and the complicated physical consequence of cyber breaches. We present security analysis results from two different methods that are used in the safety and ICT security engineering domains respectively, and use them as concrete references to discuss the way to move forward.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ansaldo STS, “CBTC Communication Based Train Control”. http://www.ansaldo-sts.com/sites/ansaldosts.message-asp.com/files/imce/cbtc.pdf
Siemens, A.G.: Trainguard sirius CBTC (2013). http://www.mobility.siemens.com/mobility/global/SiteCollectionDocuments/en/rail-solutions/rail-automation/train-control-systems/trainguard-sirius-cbtc-en.pdf
MyTransport.SG App. http://www.mytransport.sg/mobile/mytransport_mobile.html
Massachusetts Bay Transportation Authority Apps. http://www.mbta.com/rider_tools/
Schmittner, C., Gruber, T., Puschner, P., Schoitsch, E.: Security application of failure mode and effect analysis (FMEA). In: Bondavalli, A., Di Giandomenico, F. (eds.) SAFECOMP 2014. LNCS, vol. 8666, pp. 310–325. Springer, Heidelberg (2014)
Schneier, B.: Attack trees: modeling security threats. Dr. Dobb’s J. 24(12), 21–29 (1999)
IEEE Vehicular Technology Society, “IEEE Standard for Communications-Based Train Control (CBTC) Performance and Functional Requirements (1474.1-2004)” (2004)
Thales, INOV, “Secur-ed cyber-security roadmap for ptos”. http://www.secur-ed.eu/wp-content/uploads/2014/11/SECUR-ED_Cyber_security_roadmap_v3.pdf
EN 50129, Railway applications–Communication, signalling and processing systems–Safety related electronic systems for signalling (2010)
Chudleigh, M., Catmur, J.: Safety assessment of computer systems using hazop and audit techniques. In: Proceedings of the Conference on Computer Safety, Reliability and Security (SAFECOMP) (1992)
IEC 60812, Analysis techniques for system reliability - procedure for failure mode and effects analysis (FMEA) (2006)
Winther, R., Johnsen, O.-A., Gran, B.A.: Security assessments of safety critical systems using HAZOPs. In: Voges, U. (ed.) SAFECOMP 2001. LNCS, vol. 2187, p. 14. Springer, Heidelberg (2001)
Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of the IEEE Symposium on Security and Privacy (2002)
Ou, X., Boyer, W., McQueen, M.: A scalable approach to attack graph generation. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2006)
LeMay, E., Ford, M., Keefe, K., Sanders, W.H., Muehrke, C.: Model-based security metrics using ADversary VIew Security Evaluation (ADVISE). In: Proceedings of the Conference on Quantitative Evaluation of SysTems (QEST) (2011)
Chen, B., Kalbarczyk, Z., Nicol, D.M., Sanders, W.H., Tan, R., Temple, W.G., Tippenhauer, N.O., Vu, A.H., Yau, D.K.: Go with the flow: toward workflow-oriented security assessment. In: Proceedings of the New Security Paradigms Workshop (NSPW) (2013)
APTA Standards Development Program, Securing Control and Communications Systems in Rail Transit Environments: Part IIIa (2014). http://www.apta.com/resources/standards/public-comment/Documents/APTA SS_CC_WPSecuringCandCSystemsinRailTransitEnvironmentsPartIIIaPC4Q2014.doc
Vu, A.H., Tippenhauer, N.O., Chen, B., Nicol, D.M., Kalbarczyk, Z.: CyberSAGE: a tool for automatic security assessment of cyber-physical systems. In: Norman, G., Sanders, W. (eds.) QEST 2014. LNCS, vol. 8657, pp. 384–387. Springer, Heidelberg (2014)
Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of attack–defense trees. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 80–95. Springer, Heidelberg (2011)
ISO 26262, Road vehicles - Functional safety (2011)
Bowtie Method. http://www.caa.co.uk/bowtie
Legara, E.F., Monterola, C., Lee, K.K., Hung, G.G.: Critical capacity, travel time delays and travel time distribution of rapid mass transit systems. Physica A Stat. Mech. Appl. 406, 100–106 (2014)
Acknowledgments
This work was supported in part by the National Research Foundation (NRF), Prime Minister’s Office, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-31) and administered by the National Cybersecurity R&D Directorate, and supported in part by Singapore’s Agency for Science, Technology, and Research (A*STAR) under the Human Sixth Sense Programme (HSSP). The work of Schmittner and Ma was partially funded by the European Commission through the project Creating an Agenda for Research ON Transportation sEcurity (CARONTE).
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Chen, B. et al. (2015). Security Analysis of Urban Railway Systems: The Need for a Cyber-Physical Perspective. In: Koornneef, F., van Gulijk, C. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science(), vol 9338. Springer, Cham. https://doi.org/10.1007/978-3-319-24249-1_24
Download citation
DOI: https://doi.org/10.1007/978-3-319-24249-1_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24248-4
Online ISBN: 978-3-319-24249-1
eBook Packages: Computer ScienceComputer Science (R0)