Railway System Failure Scenario Analysis

  • William G. TempleEmail author
  • Yuan Li
  • Bao Anh N. Tran
  • Yan Liu
  • Binbin Chen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10242)


Cyber security has emerged as an important issue for urban railway systems (URS) due to the increasing usage of information and communication technologies (ICT). As a safety-critical public infrastructure with complex, interconnected, and often legacy systems, URS pose challenges for stakeholders seeking to understand cyber threats and their impact, and prioritize investments and hardening efforts. However, other critical infrastructure industries such as the energy sector offer best practices, risk assessment methodologies, and tools that may be both useful and transferable to the railway domain. In this work we consider one successful security initiative from the energy sector in North America, the development of common failure scenarios and impact analysis (NESCOR failure scenarios), and assess their applicability and utility in URS. We use a publicly-available software tool that supports failure scenario analysis to assess example failures on railway supervisory control systems and identify directions for further improving railway failure scenario analysis.


Railway Security assessment Risk assessment System modelling 



This work was supported in part by the National Research Foundation (NRF), Prime Minister’s Office, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-31) and administered by the National Cybersecurity R&D Directorate. It was also supported in part by the research grant for the Human-Centered Cyber-physical Systems Programme at the Advanced Digital Sciences Center from Singapore’s Agency for Science, Technology and Research (A*STAR).


  1. 1.
  2. 2.
  3. 3.
    Drools business rule management system.
  4. 4.
    Repository of industrial security incidents.
  5. 5.
    Secured urban transportation project.
  6. 6.
    Security of railways against electromagnetic attacks.
  7. 7.
    SecUTS: A cyber-phyiscal approach to securing urban transportation systems.
  8. 8.
    Smart grid protection against cyber attacks.
  9. 9.
    Trustworthy cyber infrastructure for the power grid.
  10. 10.
  11. 11.
    APTA security for transit systems standards program, July 2016.
  12. 12.
    Moxa EDR-G903 vulnerabilities, May 2016.
  13. 13.
  14. 14.
    Bloomfield, R., Bloomfield, R., Gashi, I., Stroud, R.: How secure is ERTMS? In: Proceedings of SAFECOMP (2012)Google Scholar
  15. 15.
    den Braber, F., Hogganvik, I., Lund, M., Stølen, K., Vraalsen, F.: Model-based security analysis in seven stepsa guided tour to the CORAS method. BT Technol. J. 25(1), 101–117 (2007)CrossRefGoogle Scholar
  16. 16.
    Electric Power Research Institute: Smart Grid Resource Center - NESCOR.
  17. 17.
    Haimes, Y.Y., Kaplan, S., Lambert, J.H.: Risk filtering, ranking, and management framework using hierarchical holographic modeling. Risk Anal. 22(2), 383–397 (2002)CrossRefGoogle Scholar
  18. 18.
    IEC 60812: Analysis techniques for system reliability - procedure for failure mode and effects analysis (FMEA) (2006)Google Scholar
  19. 19.
    Industrial Control Systems Cyber Emergency Response Team: ICS-CERT year in review.
  20. 20.
    Jauhar, S., Chen, B., Temple, W.G., Dong, X., Kalbarczyk, Z., Sanders, W.H., Nicol, D.M.: Model-based cybersecurity assessment with NESCOR smart grid failure scenarios. In: Proceedings of IEEE PRDC (2015)Google Scholar
  21. 21.
    National Electric Sector Cybersecurity Organization Resource (NESCOR) Technical Working Group (TWG) 1. Electric Sector Failure Scenarios and Impact Analyses, Version 3.0 (2015)Google Scholar
  22. 22.
    Refsdal, A., Solhaug, B., Stølen, K.: Cyber-Risk Management, pp. 33–47. Springer, Cham (2015). Google Scholar
  23. 23.
    Sindre, G.: Mal-activity diagrams for capturing attacks on business processes. In: Sawyer, P., Paech, B., Heymans, P. (eds.) REFSQ 2007. LNCS, vol. 4542, pp. 355–366. Springer, Heidelberg (2007). CrossRefGoogle Scholar
  24. 24.
    Stouffer, K., Falco, J., Scarfone, K.: Guide to industrial control systems (ICS) security. NIST special publication 800–82 (2011)Google Scholar
  25. 25.
    Vu, A.H., Tippenhauer, N.O., Chen, B., Nicol, D.M., Kalbarczyk, Z.: CyberSAGE: a tool for automatic security assessment of cyber-physical systems. In: Norman, G., Sanders, W. (eds.) QEST 2014. LNCS, vol. 8657, pp. 384–387. Springer, Cham (2014). Google Scholar
  26. 26.
    Winther, R., Johnsen, O.-A., Gran, B.A.: Security assessments of safety critical systems using HAZOPs. In: Voges, U. (ed.) SAFECOMP 2001. LNCS, vol. 2187, pp. 14–24. Springer, Heidelberg (2001). CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • William G. Temple
    • 1
    Email author
  • Yuan Li
    • 1
  • Bao Anh N. Tran
    • 1
  • Yan Liu
    • 1
  • Binbin Chen
    • 1
  1. 1.Advanced Digital Sciences Center, Illinois at SingaporeSingaporeSingapore

Personalised recommendations