The rail transport networks have become overwhelmingly digital, with a diverse range of data traffic flowing across systems to track, monitor, and control both electronic/electrical and mechanical subsystems. Introduction of advanced electronic platforms and communications across networks supporting mission-critical public services have significantly emphasized the challenge for detection, containment, and remediation of possible disruptions. Moreover, as the tendency for Internet-of-Things grows among field hardware and control systems, the added vulnerabilities further augment the potential for availability outages and hostile or non-premeditated disruptions to physical assets. Hence, there is a need to develop a cyber-physical perspective to analyze and assess cross-domain attack/defense scenarios and intricate physical repercussions of cyber breaches.
The presented research aims to elaborate on characteristics of a comprehensive, holistic, and integrated cyber-physical framework in the context of rail transportation, where instead of the traditional data protection and privacy concerns, the focus revolves around safety-oriented operational resilience and integrity. As a main contribution of the research, the planning challenges involved with implementation of an enterprise-wide cybersecurity vulnerability management methodology are investigated at both strategic and tactical levels. Based on lessons learned from practical real-life project scenarios, best practices recommendations are proposed to mitigate the cyber risk more efficiently and enhance safety, availability, and integrity of the protected network and physical assets.