USA Banner

Official US Government Icon

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure Site Icon

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

U.S. Department of Transportation U.S. Department of Transportation Icon United States Department of Transportation United States Department of Transportation

Cyber Security Risk Management for Connected Railroads

Document Series
Technical Reports
Author
Federal Railroad Administration
Report Number
DOT/FRA/ORD-20/25
Office
RDI-23
Subject Communications
Keywords
Cyber security, communications, risk, connected railroad

This research develops a cyber security risk analysis methodology for communications-based connected railroad technologies. The methodology can be tailored to specific use cases and system designs. By implementing the methodological framework, the study can identify potential cyber attack threats, vulnerabilities, and consequences for each case, and thus assess the risk and recommend risk mitigation strategies. The selected connected railroad technology use cases in this project include a radio code line application of the Advanced Train Control System; a remotely controlled movable bridge; and a cyber security risk literature review on Positive Train Control systems. In each case study, the analysis summarized the cyber risk profiles and provided practical recommendations for cyber security improvement. Finally, the report discusses possible directions for rail-centric cyber security risk management in the future.


Last updated: Monday, June 22, 2020