TY - GEN
T1 - Taxonomy of Emerging Security Risks in Digital Railway
AU - Al-Mhiqani, Mohammed
AU - Ani, Uchenna
AU - Watson, Jeremy
AU - He, Hongmei
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2024.
PY - 2024/2/18
Y1 - 2024/2/18
N2 - The railway industry has embraced digitisation and interconnectivity by introducing Information and Communication Technologies into traditional operational technology infrastructure. This convergence has brought numerous advantages, including improved visibility, reliability, operational efficiency, and better passenger experience. But it has also introduced new cyber risks and amplified the existing ones in Digital Railways (DRs) and the entire supply chain. The threat and vulnerability landscape has become wider than ever. To better understand the scope of security risks, impacts on normal operations, and appropriate solutions, a security taxonomy that covers the broader views and contexts around DRs can help. Recorded attacks show that railway systems/networks are clearly intolerant to network interference, and require strong security, resilience, and safety. Cyber attack impacts on DRs can take economic or financial, reputational, environmental, and/or physical dimensions, and can target rail Operational Technology OT data and functionality, rail Information Technology IT data and functionality, rail IT and OT workforce, and rail organisational structures, cultures, and exploit policies, especially when they are either weak or non-existent. Attacks can come from a range of malicious threat actors driven by their diverse motives. DR is a socio-technical system that is complex, large, and distributed, comprising technologies, humans, organisational structures, policies elements and attributes, etc. Thus, a socio-technical security approach is required to effectively mitigate cyber threat impacts. DR stakeholders must collaborate to make the system functions work properly so that a successful implementation of change, security, resilience, and safety operations depends on the ‘joint optimisation’ of the system’s organisational/operational, technology, physical, and human or people security controls.
AB - The railway industry has embraced digitisation and interconnectivity by introducing Information and Communication Technologies into traditional operational technology infrastructure. This convergence has brought numerous advantages, including improved visibility, reliability, operational efficiency, and better passenger experience. But it has also introduced new cyber risks and amplified the existing ones in Digital Railways (DRs) and the entire supply chain. The threat and vulnerability landscape has become wider than ever. To better understand the scope of security risks, impacts on normal operations, and appropriate solutions, a security taxonomy that covers the broader views and contexts around DRs can help. Recorded attacks show that railway systems/networks are clearly intolerant to network interference, and require strong security, resilience, and safety. Cyber attack impacts on DRs can take economic or financial, reputational, environmental, and/or physical dimensions, and can target rail Operational Technology OT data and functionality, rail Information Technology IT data and functionality, rail IT and OT workforce, and rail organisational structures, cultures, and exploit policies, especially when they are either weak or non-existent. Attacks can come from a range of malicious threat actors driven by their diverse motives. DR is a socio-technical system that is complex, large, and distributed, comprising technologies, humans, organisational structures, policies elements and attributes, etc. Thus, a socio-technical security approach is required to effectively mitigate cyber threat impacts. DR stakeholders must collaborate to make the system functions work properly so that a successful implementation of change, security, resilience, and safety operations depends on the ‘joint optimisation’ of the system’s organisational/operational, technology, physical, and human or people security controls.
KW - Digital railways
KW - Rail cyber security
KW - Rail security risks
KW - Railway
KW - Railway cyber incidents
KW - Taxonomy
UR - http://www.scopus.com/inward/record.url?scp=85187768633&partnerID=8YFLogxK
U2 - 10.1007/978-981-99-6974-6_15
DO - 10.1007/978-981-99-6974-6_15
M3 - Conference contribution
AN - SCOPUS:85187768633
SN - 9789819969739
SN - 9789819969760
T3 - Springer Proceedings in Complexity
SP - 251
EP - 281
BT - Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media
A2 - Onwubiko, Cyril
A2 - Rosati, Pierangelo
A2 - Rege, Aunshul
A2 - Erola, Arnau
A2 - Bellekens, Xavier
A2 - Hindy, Hanan
A2 - Jaatun, Martin Gilje
PB - Springer Singapore
T2 - International Conference on Cybersecurity, Situational Awareness and Social Media
Y2 - 3 July 2023 through 4 July 2023
ER -