| Download details |
 2022 - November - Hunter - Cybersecurity in the Railway Industry |
||||||||||||||||||||||||||||||||||
Hugh HunterMSc MBCS MIRSE MIET Independent Safety Assessor Lead, SESA Lead and Cybersecurity Assessor SEL Safety and Cybersecurity Cybersecurity is a hot topic worldwide with regular attacks being performed against multiple domains. Over the past 5 years there has been a major increase of attacks on the railway system with a large number of denial of service and ransomware attacks being announced. The railway industry is clearly a target for cyber criminals, and it is clearly hard to defend due to the inherent geographical distribution Also, technologically speaking, railway systems are primarily designed with safety and availability in mind rather than any detailed focus on cybersecurity. Noting also that when cybersecurity is addressed it may influence safety. Further to this, the railway industry becomes more of a target now as it starts to move to computer-based systems using IP protocols and wireless communication and networking. There has been a recent release of a CENELEC Standard (TS 50701 [21]) in May 2021 to deal with Cybersecurity for Railway Applications where this builds on the underlying standards such as ISO 27001 [36] and IEC 62443 [26]. Railway suppliers and operators are supplementing their safety assessments with cybersecurity assessments, and the security aspects of the systems and networks are now an integral part of the safety cases being produced in alignment with the latest EN 50129 standard [29]. |
|
|||||||||||||||||||||||||||||||||