Abstract
The railway system has benefited from the rapid technology revolution since the 1990s. The mechanical and manpower intensive railway system has gradually evolved into a centralize- and digital-controlled, information- and communication-based system. IT security was not considered during the system (re)design. This paper begins with discussing the need and absence of procedures to sustain operations when an IT security breach has occurred or is suspected.
Then operational security is introduced. It is a new research field which focuses on operational procedures taking into account the effects of safety as well as security-related changes in the system e.g. due to failures or threats. The scope of operational security and general requirements on operational procedures will then be discussed. Lastly, we give an outline of a proposed project with its planned work packages.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Security of Railways against Electromagnetic Attacks, http://www.secret-project.eu.
- 2.
Secured Urban Transportation – European Demonstration, http://www.secur-ed.eu.
- 3.
Original in German: IT-Sicherheitsgesetz.
References
Gesetz zur Erhöhung der Sicherheit informationstechnischer Systeme (IT-Sicherheitsgesetz). Bundesgesetzblatt Jahrgang 2015 Teil I Nr. 31, Bonn (2015)
Lèvy, C.-B.: Cyber security for railway signalling (presentation). In: Workshop on “How to Protect Signalling System Against Cybercrime,” Paris (2015)
Antoni, M.: ARGUS – Security & safety analysis for electric and computerized signalling systems (presentation). In: DKE Meeting 2014, Frankfurt (2014)
DIN VDE V 0831-102 Electric signalling systems for railways - part 102: protection profile for technical functions in railway signalling (2013)
DIN VDE V 0831-104 Electric signalling systems for railways - part 104: IT Security Guideline based on IEC 62443. (2015)
Cyber Security Strategy. Network Rail, London (2013)
Cybersecurity for Industrial Control Systems – Detailed Measures. The French Network and Security Agency (ANSSI), Paris (2014)
APTA: Cybersecurity Considerations for Public Transit. APTA (American Public Transportation Association), USA (2014)
Railway safety performance in the European Union 2014. European Railway Agency, Valenciennes (2014)
Huang, P.-C., Milius, B.: IT-Security für einen sicheren Bahnbetrieb. Deine Bahn. 2/2016, 13–16 (2016)
Raspotnig, C., Opdahl, A.: Comparing risk identification techniques for safety and security requirements. J. Syst. Softw. 86, 1124–1151 (2013)
Huang, P.-C., Milius, B.: Why do we need operational security? (presentation). In: 8th Workshop on “Safety in Transportation,” Braunschweig (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Huang, PC., Milius, B. (2016). Operational Security – A Coming Evolution of Railway Operational Procedures Under the IT Security Threat. In: Lecomte, T., Pinger, R., Romanovsky, A. (eds) Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification. RSSRail 2016. Lecture Notes in Computer Science(), vol 9707. Springer, Cham. https://doi.org/10.1007/978-3-319-33951-1_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-33951-1_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-33950-4
Online ISBN: 978-3-319-33951-1
eBook Packages: Computer ScienceComputer Science (R0)