Towards Reconciling Safety and Security Risk Analysis Processes in Railway Remote Driving

Abstract

Modern control systems, and particularly railway systems are heavily rooted on Safety practices in terms of risk analysis and architecture modelling. Often supported by standards such as CENELEC EN50126. However, railway systems are becoming increasingly interconnected and complex as they incorporate telecommunications and information treatment. These additions have opened these previously isolated systems as they become exposed to potential malevolence. The strategic stakes of railway systems instigate major concerns as attacks can cause substantial impacts on infrastructures and human safety. These new risks fall under the banner of Security and more specifically Cyber-security. Traditionally, Safety and Security have been treated either separately, or as the latter integrated in the former. However, the increasing awareness of mutual impacts requires to come up with joint ways to deal with accidental and malevolent risks that compromise the functioning of trains. In this paper, we provide bases for a combined Safety and Security risk assessment and analysis approach that reconciles risk analysis processes from both Safety and Security by making relevant connections at different stages of the two processes and by adding cross-cutting steps common to Safety and Cybersecurity.