Cyber Security Risk Management for Connected Railroads
This research develops a cyber security risk analysis methodology for communications-based connected railroad technologies. The methodology can be tailored to specific use cases and system designs. By implementing the methodological framework, the study can identify potential cyber attack threats, vulnerabilities, and consequences for each case, and thus assess the risk and recommend risk mitigation strategies. The selected connected railroad technology use cases in this project include a radio code line application of the Advanced Train Control System; a remotely controlled movable bridge; and a cyber security risk literature review on Positive Train Control systems. In each case study, the analysis summarized the cyber risk profiles and provided practical recommendations for cyber security improvement. Finally, the report discusses possible directions for rail-centric cyber security risk management in the future.