Transformation of cyber security/safety assurance

George Bearfield, Coen van Gulijk, Simon Parkinson, Richard J Thomas

Research output: Chapter in Book/Report/Conference proceedingConference contribution

298 Downloads (Pure)

Abstract

In the past decade rapid digitalisation of railway assets-including signalling and rolling stock -has occurred in parallel with a rising cyber security threat to critical national infrastructure. Rail safety requirements remain stringent and legacy standards for delivering safe, high integrity, complex digital systems exist. Security standards are emerging which implement some of the same principles of design and assurance as these safety standards, but do not do so in an integrated way with the safety discipline. There are two fundamental challenges emerging. The first is that safety design requirements and security design requirements have parallel principles and constraints related to segregation and partitioning of systems and networks in the design, but no proven good practice exists for how to meet both sets of requirementsin an integrated way for any given asset. The second is that the verification and validation life cycle used in functional safety standards and emerging cyber security design standards is idealised. It assumes a top-down cascade of requirements for each delivery project. It is increasingly difficult to meet these requirements in practice. This paper explains the many challenges in order to inform subsequent research, standardisation and industry activity needed to address them.
Original languageEnglish
Title of host publicationWorld Congress on Railway Research (WCRR) 2022, Birmingham, UK
PublisherSPARK
Publication statusE-pub ahead of print - 10 Jan 2023
EventWorld Congress on Railway Research 2022: WCRR2022 - Birmingham, Birmingham, United Kingdom
Duration: 6 Jun 202210 Jun 2022
https://www.wcrr2022.co.uk/website/938/homepage/

Publication series

NameWCRR Papers

Conference

ConferenceWorld Congress on Railway Research 2022
Abbreviated titleWCRR2022
Country/TerritoryUnited Kingdom
CityBirmingham
Period6/06/2210/06/22
Internet address

Fingerprint

Dive into the research topics of 'Transformation of cyber security/safety assurance'. Together they form a unique fingerprint.

Cite this