Security analysis of urban railway systems: The need for a cyber-physical perspective

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 9338, Issue , 2015, Pages 277-290

  Chen, Binbin ^a   Schmittner, Christoph ^b   Ma, Zhendong ^b   Temple, William G ^a   Dong, Xinshu ^a   Jones, Douglas L ^a,c   Sanders, William H ^c  

^a ADVANCED DIGITAL SCIENCES CENTER   (Singapore)

^b AIT AUSTRIAN INSTITUTE OF TECHNOLOGY   (Austria)

^c University of Illinois at Urbana Champaign   (United States)

Author keywords

Cyber physical systems; Security analysis; Urban railway systems

Indexed keywords

RAILROAD TRANSPORTATION; RAILROADS; RELIABILITY; SAFETY ENGINEERING; SECURITY SYSTEMS; SOFTWARE RELIABILITY; SYSTEMS ENGINEERING; TRANSPORTATION;

CYBER PHYSICAL SYSTEMS (CPSS); CYBER PHYSICALS; CYBER SECURITY; ICT SECURITIES; INFORMATION AND COMMUNICATIONS TECHNOLOGY; SECURITY ANALYSIS; TRAIN CONTROL SYSTEMS; URBAN RAILWAY;

EMBEDDED SYSTEMS;

EID: 84969790733     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-319-24249-1_24     Document Type: Conference Paper

References (22)

1. Ansaldo STS, “CBTC Communication Based Train Control”. http://www. ansaldo-sts.com/sites/ansaldosts.message-asp.com/files/imce/cbtc.pdf
2. Siemens, A.G.: Trainguard sirius CBTC (2013). http://www.mobility.siemens.com/mobility/global/SiteCollectionDocuments/en/rail-solutions/rail-automation/train-control-systems/trainguard-sirius-cbtc-en.pdf
3. MyTransport.SG App. http://www.mytransport.sg/mobile/mytransport mobile.Html
4. Massachusetts Bay Transportation Authority Apps. http://www.mbta.com/ridertools/
5. Schmittner, C., Gruber, T., Puschner, P., Schoitsch, E.: Security application of failuremode and effect analysis (FMEA). In: Bondavalli, A., DiGiandomenico, F. (eds.) SAFECOMP 2014. LNCS, vol. 8666, pp. 310–325. Springer, Heidelberg (2014)
6. Schneier, B.: Attack trees: modeling security threats. Dr. Dobb’s J. 24(12), 21–29 (1999)
7. IEEE Vehicular Technology Society, “IEEE Standard for Communications-Based Train Control (CBTC) Performance and Functional Requirements (1474.1-2004)” (2004)
8. Thales, INOV, “Secur-ed cyber-security roadmap for ptos”. http://www.secur-ed.eu/wp-content/uploads/2014/11/SECUR-ED Cyber security roadmapv3.pdf
9. EN 50129, Railway applications–Communication, signalling and processing systems–Safety related electronic systems for signalling (2010)
10. Chudleigh, M., Catmur, J.: Safety assessment of computer systems using hazop and audit techniques. In: Proceedings of the Conference on Computer Safety, Reliability and Security (SAFECOMP) (1992)
11. IEC 60812, Analysis techniques for system reliability - procedure for failure mode and effects analysis (FMEA) (2006)
12. Winther, R., Johnsen, O.-A., Gran, B.A.: Security assessments of safety critical systems using HAZOPs. In: Voges, U. (ed.) SAFECOMP 2001. LNCS, vol. 2187, p. 14. Springer, Heidelberg (2001)
13. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of the IEEE Symposium on Security and Privacy (2002)
14. Ou, X., Boyer, W., McQueen, M.: A scalable approach to attack graph generation. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2006)
15. LeMay, E., Ford, M., Keefe, K., Sanders, W.H., Muehrke, C.: Model-based security metrics using ADversary VIew Security Evaluation (ADVISE). In: Proceedings of the Conference on Quantitative Evaluation of SysTems (QEST) (2011)
16. Chen, B., Kalbarczyk, Z., Nicol, D.M., Sanders, W.H., Tan, R., Temple, W.G., Tippenhauer, N.O., Vu, A.H., Yau, D.K.: Go with the flow: toward workflow-oriented security assessment. In: Proceedings of the New Security Paradigms Workshop (NSPW) (2013)
17. APTA Standards Development Program, Securing Control and Communications Systems in Rail Transit Environments: Part IIIa (2014). http://www.apta.com/resources/standards/public-comment/Documents/APTASS CCWPSecuringCandCSystemsinRailTransitEnvironmentsPartIIIaPC4Q2014.doc
18. Vu, A.H., Tippenhauer, N.O., Chen, B., Nicol, D.M., Kalbarczyk, Z.: CyberSAGE: a tool for automatic security assessment of cyber-physical systems. In: Norman, G., Sanders,W. (eds.) QEST 2014. LNCS, vol. 8657, pp. 384–387. Springer, Heidelberg (2014)
19. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of attack– defense trees. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 80–95. Springer, Heidelberg (2011)
20. ISO 26262, Road vehicles - Functional safety (2011)
21. Bowtie Method. http://www.caa.co.uk/bowtie
22. Legara, E.F., Monterola, C., Lee, K.K., Hung, G.G.: Critical capacity, travel time delays and travel time distribution of rapid mass transit systems. Physica A Stat. Mech. Appl. 406, 100–106 (2014)