Cyber security of railway cyber-physical system (CPS) – A risk management methodology

Abstract

Along with the increasing application of different cyber-physical systems (CPSs) to connect various components in the rail industry, rising connectivity through communication technologies has also introduced cyber threats against rail-CPSs, causing failures with huge consequences. Implementations of rail-CPSs demand proactive identification, clear-cut definition, and proper handling of their cyber security risks. In this paper, we formulate a risk management methodology for cyber security in rail-CPSs and conduct a retrospective case study on the Advanced Train Control System (ATCS) that has been deployed in many U.S. freight railways. The methodology provides two alternative approaches to fill knowledge gaps in contingency preparation, threat prevention, consequence analysis, and security risk mitigation. In the case study, we demonstrate two cyber threats of ATCS, using attack sequence modeling and consequence analysis, and provide recommendations for risk mitigation. By practicing the methodology with the case study, this work can be used as a general reference to conduct cyber risk management and cyber-robustness evaluations for other existing systems.