The rail transport networks have become overwhelmingly digital, with a diverse range of data traffic flowing across systems to track, monitor, and control both electronic/electrical and mechanical subsystems. Introduction of advanced electronic platforms and communications across networks supporting mission-critical public services have significantly emphasized the challenge for detection, containment, and remediation of possible disruptions. Moreover, as the tendency for Internet-of-Things grows among field hardware and control systems, the added vulnerabilities further augment the potential for availability outages and hostile or non-premeditated disruptions to physical assets. Hence, there is a need to develop a cyber-physical perspective to analyze and assess cross-domain attack/defense scenarios and intricate physical repercussions of cyber breaches.

The presented research aims to elaborate on characteristics of a comprehensive, holistic, and integrated cyber-physical framework in the context of rail transportation, where instead of the traditional data protection and privacy concerns, the focus revolves around safety-oriented operational resilience and integrity. As a main contribution of the research, the planning challenges involved with implementation of an enterprise-wide cybersecurity vulnerability management methodology are investigated at both strategic and tactical levels. Based on lessons learned from practical real-life project scenarios, best practices recommendations are proposed to mitigate the cyber risk more efficiently and enhance safety, availability, and integrity of the protected network and physical assets.

This content is only available via PDF.
You do not currently have access to this content.