The Risk Assessment of ERTMS-Based Railway Systems from a Cyber Security Perspective: Methodology and Lessons Learned | SpringerLink
Skip to main content
Springer Nature Link
Log in

The Risk Assessment of ERTMS-Based Railway Systems from a Cyber Security Perspective: Methodology and Lessons Learned

  • Conference paper
  • First Online:
Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification (RSSRail 2016)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9707))

Abstract

The impact that cyber issues might have on the safety and resilience of railway systems has been studied for more than five years by industry specialists and government agencies. This paper presents some of the work done by Adelard in this area, ranging from an analysis of potential vulnerabilities in the ERTMS specifications through to a high-level cyber security risk assessment of a national ERTMS implementation and detailed analysis of particular ERTMS systems on behalf of the GB rail industry. The focus of the paper is on our overall methodology for security-informed safety and hazard analysis. Lessons learned will be presented but of course our detailed results remain proprietary or sensitive and cannot be published.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 5719
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 7149
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Bloomfield, R., Bloomfield, R., Gashi, I., Stroud, R.: How secure is ERTMS? In: Ortmeier, F., Daniel, P. (eds.) SAFECOMP Workshops 2012. LNCS, vol. 7613, pp. 247–258. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  2. Network Rail, Strategic Business plan for 2014/2019, January 2013

    Google Scholar 

  3. Wikipedia, Eschede train disaster. http://en.wikipedia.org/wiki/Eschede_train_disaster

  4. Wikipedia, Amagasaki rail crash. http://en.wikipedia.org/wiki/Amagasaki_rail_crash

  5. Wikipedia, Santiago de Compostela derailment. http://en.wikipedia.org/wiki/Santiago_de_Compostela_derailment

  6. Department for Transport, Rail Cyber Security, Guidance to Industry, February 2016. http://www.rssb.co.uk/Library/improving-industry-performance/2016-02-cyber-security-rail-cyber-security-guidance-to-industry.pdf

  7. SESAMO – Security and Safety Modelling, ARTEMIS Embedded Computing Systems Initiative 2011, Project Number 295354, May 2012

    Google Scholar 

Download references

Acknowledgements

We are grateful to our sponsors for their permission to publish this summary of our work over the last five years. We would also like to acknowledge the contribution of Richard Bloomfield and Ilir Gashi to our initial analysis of the ERTMS specifications.

Author information

Authors and Affiliations

  1. Adelard LLP, London, UK

    Robin Bloomfield, Marcus Bendele, Peter Bishop & Robert Stroud

  2. Porterbrook Leasing Company, Derby, UK

    Simon Tonks

Authors
  1. Robin Bloomfield
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marcus Bendele
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Peter Bishop
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Robert Stroud
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Simon Tonks
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Robin Bloomfield .

Editor information

Editors and Affiliations

  1. ClearSy, Aix en Provence, France

    Thierry Lecomte

  2. Siemens AG, Braunschweig, Niedersachsen, Germany

    Ralf Pinger

  3. Newcastle University, Newcastle upon Tyne, United Kingdom

    Alexander Romanovsky

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Bloomfield, R., Bendele, M., Bishop, P., Stroud, R., Tonks, S. (2016). The Risk Assessment of ERTMS-Based Railway Systems from a Cyber Security Perspective: Methodology and Lessons Learned. In: Lecomte, T., Pinger, R., Romanovsky, A. (eds) Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification. RSSRail 2016. Lecture Notes in Computer Science(), vol 9707. Springer, Cham. https://doi.org/10.1007/978-3-319-33951-1_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-33951-1_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-33950-4

  • Online ISBN: 978-3-319-33951-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation