A Security Architecture for Railway Signalling
This addresses cybersecurity risks for railway operators, but it is incremental as it builds on existing reference systems and taxonomies.
The paper tackles the problem of securing railway signalling systems against cyber-attacks by proposing a compartmentalized defence architecture for Deutsche Bahn's trackside safety-critical systems, based on modeling attack vectors specific to the railway environment.
We present the proposed security architecture Deutsche Bahn plans to deploy to protect its trackside safety-critical signalling system against cyber-attacks. We first present the existing reference interlocking system that is built using standard components. Next, we present a taxonomy to help model the attack vectors relevant for the railway environment. Building upon this, we present the proposed "compartmentalized" defence concept for securing the upcoming signalling systems.