Taxonomy of Emerging Security Risks in Digital Railway

Mohammed Al-Mhiqani, Uchenna Ani, Jeremy Watson, Hongmei He

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


The railway industry has embraced digitisation and interconnectivity by introducing Information and Communication Technologies into traditional operational technology infrastructure. This convergence has brought numerous advantages, including improved visibility, reliability, operational efficiency, and better passenger experience. But it has also introduced new cyber risks and amplified the existing ones in Digital Railways (DRs) and the entire supply chain. The threat and vulnerability landscape has become wider than ever. To better understand the scope of security risks, impacts on normal operations, and appropriate solutions, a security taxonomy that covers the broader views and contexts around DRs can help. Recorded attacks show that railway systems/networks are clearly intolerant to network interference, and require strong security, resilience, and safety. Cyber attack impacts on DRs can take economic or financial, reputational, environmental, and/or physical dimensions, and can target rail Operational Technology OT data and functionality, rail Information Technology IT data and functionality, rail IT and OT workforce, and rail organisational structures, cultures, and exploit policies, especially when they are either weak or non-existent. Attacks can come from a range of malicious threat actors driven by their diverse motives. DR is a socio-technical system that is complex, large, and distributed, comprising technologies, humans, organisational structures, policies elements and attributes, etc. Thus, a socio-technical security approach is required to effectively mitigate cyber threat impacts. DR stakeholders must collaborate to make the system functions work properly so that a successful implementation of change, security, resilience, and safety operations depends on the ‘joint optimisation’ of the system’s organisational/operational, technology, physical, and human or people security controls.

Original languageEnglish
Title of host publicationProceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media
Subtitle of host publicationCyber Science 2023; 03–04 July; University of Aalborg, Copenhagen, Denmark
EditorsCyril Onwubiko, Pierangelo Rosati, Aunshul Rege, Arnau Erola, Xavier Bellekens, Hanan Hindy, Martin Gilje Jaatun
PublisherSpringer Singapore
Number of pages31
ISBN (Electronic)9789819969746
ISBN (Print)9789819969739, 9789819969760
Publication statusPublished - 18 Feb 2024
Externally publishedYes
EventInternational Conference on Cybersecurity, Situational Awareness and Social Media - Copenhagen, Denmark
Duration: 3 Jul 20234 Jul 2023

Publication series

NameSpringer Proceedings in Complexity
PublisherSpringer Singapore
ISSN (Print)2213-8684
ISSN (Electronic)2213-8692


ConferenceInternational Conference on Cybersecurity, Situational Awareness and Social Media
Abbreviated titleCYBER SCIENCE 2023

Cite this