Securing the Future Railway System: Technology Forecast, Security Measures, and Research Demands
Author:
Unger Simon1ORCID, Heinrich Markus2ORCID, Scheuermann Dirk3ORCID, Katzenbeisser Stefan12, Schubert Max2, Hagemann Leon2, Iffländer Lukas4ORCID
Affiliation:
1. Chair of Computer Engineering, Faculty of Computer Science and Mathematics, University of Passau, 94032 Passau, Germany 2. INCYDE GmbH, 10117 Berlin, Germany 3. Fraunhofer SIT, 64295 Darmstadt, Germany 4. Deutsches Zentrum für Schienenverkehrsforschung beim Eisenbahn Bundesamt, 01219 Dresden, Germany
Abstract
The railway industry—traditionally a conservative industry with low adaption speed for innovation—is currently entering its digitization phase. The sector faces a challenge in integrating new technologies and approaches into the employed—often safety-critical—systems. Keeping the systems secure while conforming to the demanding safety norms creates previously unknown problems. In the last decades, the number of attacks on the railway system has increased. Furthermore, with standardized digital technologies, the attack surface will keep growing. Therefore, in this work, we look into the foreseeable future of the railway system and present 21 likely use cases. We analyze these use cases regarding possible threats, rate the severity of these threats, and deduce and rate necessary countermeasures. To this end, we model these use cases and the corresponding threats and countermeasures using Attack Graphs. We use a graphical solution for the risk and security analysis due to advantages over other methods, i.e., table-based solutions, like simplified presentation and an easier understanding of relationships, dependencies, and interactions between various elements. From these Attack Graphs, we extracted 14 commonly recurring attack strategies. After analyzing 49 countermeasures regarding their current maturity and further research and standardization demands, we identified 21 in need of further investigation. This implies that 21 necessary countermeasures to secure these future use cases require further research to apply to railway systems or require standardization. These results will help researchers focus on the necessary research and standardization and railway operators to ensure the security of their systems.
Funder
German Centre for Rail Traffic Research at the Federal Railway Authority
Subject
Electrical and Electronic Engineering,Automotive Engineering
Reference47 articles.
1. Redaktions Netzwerk Deutschland (2023, July 11). Ein Drittel Mehr Kapazität bei der Deutschen Bahn-so Soll es Klappen. Available online: https://www.rnd.de/wirtschaft/ein-drittel-mehr-kapazitat-bei-der-deutschen-bahn-so-soll-es-klappen-X6M3WDPHKVIEFVMDHIIOQAXOZU.html. 2. Rebhan, C. (2023, July 11). Obwohl Regierung Mehr für Klimaschutz Tun Will: Erst 2022 Gibt der Bund Mehr Geld Für Schienen Aus Als Für Straßen. Available online: https://www.businessinsider.de/politik/deutschland/obwohl-regierung-mehr-fuer-klimaschutz-tun-will-erst-2022-gibt-der-bund-mehr-geld-fuer-schienen-aus-als-fuer-strassen/. 3. Iffländer, L., Buder, T., Loreth, T., Villota, M.A., Schmitz, W., Neubecker, K.A., and Pickl, S. (2023). Physical Attacks on the Railway System. arXiv. 4. Prentkovskis, O., Yatskiv (Jackiva), I., Skačkauskas, P., Maruschak, P., and Karpenko, M. (2023). Proceedings of the TRANSBALTICA XIII: Transportation Science and Technology, Springer International Publishing. 5. Survey on Driverless Train Operation for Urban Rail Transit Systems;Wang;Urban Rail Transit,2016
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
|
|