Cybersecurity Risk Assessment of Virtually Coupled Train Sets

Mirzai, Aria; Avula, Ramana Reddy; Damschen, Marvin

Simple search

Advanced search

Statistics

Change search

Cite ExportLink to record

Permanent link

https://urn.kb.se/resolve?urn=urn:nbn:se:ri:diva-76277

Direct link

http://ri.diva-portal.org/smash/record.jsf?pid=diva2:1921535

Cite

Citation style

apa
ieee
modern-language-association-8th-edition
vancouver
Other style

More styles

Language

de-DE
en-GB
en-US
fi-FI
nn-NO
nn-NB
sv-SE
Other locale

More languages

Output format

html
text
asciidoc
rtf

Cybersecurity Risk Assessment of Virtually Coupled Train Sets

Mirzai, Aria

RISE Research Institutes of Sweden, Safety and Transport, Electrification and Reliability.ORCID iD: 0009-0003-0563-079X

Avula, Ramana Reddy

RISE Research Institutes of Sweden, Safety and Transport, Electrification and Reliability.ORCID iD: 0000-0001-9672-2689

Damschen, Marvin

RISE Research Institutes of Sweden, Safety and Transport, Electrification and Reliability.ORCID iD: 0000-0002-6236-5799

2024 (English)In: xxArticle in journal (Refereed) Epub ahead of print

Abstract [en]

In recent years, the increasing digitalisation and interconnectedness of railway systems have underscored the critical importance of robust cybersecurity measures. Notable cybersecurity incidents, such as the sabotage of more than 20 trains in Poland via simple "radio-stop" commands using low-cost equipment, highlight the vulnerability of these complex systems to disruptions that can have far-reaching consequences. Moreover, the evolving threat landscape, characterised by increasingly sophisticated ransomware and distributed denial-ofservice (DDoS) attacks, poses ongoing challenges that demand continuous vigilance and adaptation. The regulatory response, including stringent EU directives such as the Cybersecurity Act and the NIS 2 Directive, reflects a concerted effort to elevate the cybersecurity standards that impact the transportation sector. The objective of this work is to provide a cybersecurity risk assessment of the Virtually Coupled Train Set (VCTS) design that is developed within the R2DATO EU Rail project. This work leverages the methodologies developed under the Shift2Rail (S2R) initiative, particularly the X2Rail-5 project. The assessment aims to identify potential vulnerabilities and assess the impact of potential threats. Risk and target security level evaluations for VCTS are presented for identifying applicable security requirements from IEC 62443. By applying a risk assessment tool based on IEC 62443-3-2 and CLC/TS 50701 towards regulatory compliance measures, this work seeks to fortify the cybersecurity of railway systems, ensuring safer and more reliable operations in an increasingly digital landscape.

Place, publisher, year, edition, pages

2024.

National Category

Electrical Engineering, Electronic Engineering, Information Engineering

Identifiers

URN: urn:nbn:se:ri:diva-76277OAI: oai:DiVA.org:ri-76277DiVA, id: diva2:1921535

Available from: 2024-12-16 Created: 2024-12-16 Last updated: 2025-02-21Bibliographically approved

Open Access in DiVA

fulltext(972 kB)

71 downloads

File information

File name FULLTEXT01.pdfFile size 972 kBChecksum SHA-512

10afbabbd818109a90d1e2f3ab8761681dea4123342716ca6ff19c35dca66690615e8fa457d7499a26a79e4c4c31480c4ad79fff4dc0df6ead49a7cf19eae510

Type fulltextMimetype application/pdf

Authority records

Mirzai, Aria Avula, Ramana Reddy Damschen, Marvin

Search in DiVA

Total: 71 downloads

The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Total: 204 hits