Cyber security requirements for railway control systems according to standard IEC 62443

• Autorzy: Tworek Bartłomiej

Identyfikatory

DOI

10.5604/01.3001.0014.8197

• Języki publikacji: EN

Abstrakty

EN

Modern railway control systems are based on computer and embedded systems. This components are connected directly via ICT networks, it is also possible to use wireless industrial networks. Cyber security attacks in automation control systems are becoming more dangerous and common. To protect these safety critical systems, the standard IEC 62443 has been developed. This standard provides guidelines and requirements for industrial automation and control systems which also apply to railway systems. This article is mainly focused on chapter IEC 62443-4-2 which provides Technical security requirements for IACS components. Proper protection against cyber attacks is also important for maintaining RAMS parameters (Reliability, Availability, Maintainability and Safety). Railway control systems performs mainly safety critical functionality which are related with railway traffic management. Safety related control algorithms and vital modules cannot be disturbed by security mechanisms and functions. The analysis of cyber threats should be performed by railway infrastructure operators in cooperation with manufacturers of railway control systems. It is important to determine what level of requirements fulfilment according to standard IEC 62443 must be met (security level). Railway traffic control systems are long life and high availability systems, therefore they should be properly maintained during lifecycle. The manufacturer of railway control systems and end user should together develop a policy and guidelines for securing the systems against cyber attacks.

Słowa kluczowe

EN

cyber security; railway control system; cyberattack; security level; industrial automation; control system

PL

bezpieczeństwo cybernetyczne; system sterowania koleją; cyberatak; poziom bezpieczeństwa; automatyka przemysłowa; system sterowania

• Wydawca: Oficyna Wydawnicza Politechniki Warszawskiej
• Czasopismo: Prace Naukowe Politechniki Warszawskiej. Transport
• Rocznik: 2020
• Tom: z. 131
• Strony: 79--86
• Opis fizyczny: Bibliogr. 8 poz., rys.

Twórcy

autor

Tworek Bartłomiej

• Silesian University of Technology

• https://orcid.org/0000-0002-8624-6110

Bibliografia

• 1. EN 50126:2017 Railway applications – The specification and demonstration of Reliability, Availability, Maintainability and Safety (RAMS).
• 2. EN 50128:2011 Railway applications – Communication, signaling and processing systems – Software for railway control and protection system.
• 3. EN 50159:2010 Railway applications – Communication, signaling and processing systems – Safety-related communication in transmission systems.
• 4. EN IEC 62443‑4‑2:2019 security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components.
• 5. EN IEC 62443-3-3:2019 Industrial communication networks – Network and system security - Part 3-3: System security requirements and security levels.
• 6. Gunter, D., Medoff, M., O'Brien, P. (2018). Implementing IEC 62443 - A Pragmatic Approach to Cybersecurity. Exida.
• 7. Ackerman, P., (2017). Industrial Cybersecurity: Efficiently secure critical infrastructure systems. Packt.
• 8. Kochan, A., Koper, E. (2017). Cyberbezpieczeństwo systemów kierowania i sterowania ruchem kolejowym, Technika 12/2017.

Uwagi

PL

Opracowanie rekordu ze środków MNiSW, umowa Nr 461252 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2021).