Cognitive and Socio-Technical Cybersecurity in Modern Railway System (CoSTCMoRS)

L I M

The CoSTCMoRS project is developing a hybrid and adaptive approach to combining AI and a socio-technical model to identify and detect cyberattacks and create a holistic & fast response to cyber incidents to ensure the security, safety, and functionality of a modern railway system (MRS). The project focuses on the Signalling and Control System (SCS), on which an attack tree analysis will be given. The project also aims to provide a socio-technical security roadmap and IoT plan for business continuity to mitigate the potential impact of cyber incidents on MRSs, considering the operations, human-factors, organisational structures, regulation and policies.

A modern railway system (MRS) tries to resolve the variety of emerging functionalities, performance aspects, and productivity needs of operators and users, enabled by IoT infrastructure on board of rolling stock. However, the attack surface of MRS is enlarging due to the presence of new solutions, and the vulnerabilities are exposed on the entire transport supply chain. Malicious cyber-attacks on systems used in rail infrastructure could have far more serious implications, including danger to life.

The digitalisation of railway systems makes it impossible to ensure the cybersecurity of MRS manually. The consortium works with East-West Rail (EWR) to explore security automation for MRS, thus ensuring safe services and business continuity for any anomalous situations caused by cyber-attacks.  A project advice board (PAB) will be created to facilitate the engagement with industry stakeholders and governmental organisations, provide expert advice on cyberthreat scenarios and recommendations.  Birmingham Centre for Railway Research and Education (BCRRE) will join the PAB to provide expert guidance in the cybersecurity of railway control systems.