Transformation of cyber security/safety assurance

  • George Bearfield (Speaker)
  • Richard Thomas (Contributor to Paper or Presentation)
  • Parkinson, S. (Contributor to Paper or Presentation)
  • Coen Van Gulijk (Contributor to Paper or Presentation)

Activity: Talk or presentation typesOral presentation

Description

In the past decade rapid digitalisation of railway assets-including signalling and rolling stock -has occurred in parallel with a rising cyber security threat to critical national infrastructure. Rail safety requirements remain stringent and legacy standards for delivering safe, high integrity, complex digital systems exist. Security standards are emerging which implement some of the same principles of design and assurance as these safety standards, but do not do so in an integrated way with the safety discipline. There are two fundamental challenges emerging. The first is that safety design requirements and security design requirements have parallel principles and constraints related to segregation and partitioning of systems and networks in the design, but no proven good practice exists for how to meet both sets of requirements in an integrated way for any given asset. The second is that the verification and validation life cycle used in functional safety standards and emerging cyber security design standards is idealised. It assumes a top-down cascade of requirements for each delivery project. It is increasingly difficult to meet these requirements in practice. This paper explains the many challenges in order to inform subsequent research, standardisation and industry activity needed to address them.
Period8 Jun 2022
Event title13th World Congress on Railway Research: Reshaping our railways post-pandemic: Research with an impact
Event typeConference
LocationBirmingham, United KingdomShow on map
Degree of RecognitionInternational