Towards an IT Security Risk Assessment Framework for Railway Automation
نویسنده
چکیده
Some recent incidents have shown that possibly the vulnerability of IT systems in railway automation has been underestimated. Fortunately, so far, almost only denial-of-service attacks were successful, but due to several trends, such as the use of commercial IT and communication systems or privatization, the threat potential could increase in the near future. However, up to now, no harmonized IT security risk assessment framework for railway automation exists. This paper defines an IT security risk assessment framework which aims to separate IT security and safety requirements as well as certification processes as far as possible. It builds on the well-known safety and approval processes from IEC 62425 and integrates IT security requirements based on the ISA99/IEC62443 standard series. While the detailed results are related to railway automation the general concepts are also applicable to other safety-critical application areas.
منابع مشابه
ارائه الگویی برای ارزیابی ریسک آتشسوزیهای عمدی
Background & Objectives : It is not possible to live without using fire. However, fire could destruct human properties in a short time. One of the most important types of fire is intentional fire. This type of fire has become a great problem for insurance companies, fire departments, industries, government and business in the recent years. This study aimed to provide a framework for risk assess...
متن کاملRapid Risk Assessment of Technical Systems in Railway Automation
The European Railway Agency (ERA) has the challenging task of establishing Common Safety Targets and Common Safety Methods throughout Europe. In this context, the harmonization of risk assessment methods is also discussed. The purpose of this paper is to present a new approach to risk assessment of technical systems in railway automation, which allows a rapid risk assessment while at the same t...
متن کاملTowards Empirical Evaluation of Automated Risk Assessment Methods
Security risk assessment methods are numerous, and it might be confusing for organizations to select one. Researchers have conducted empirical studies with established methods in order to find factors that influence their effectiveness and ease of use. In this paper we evaluate the recent TREsPASS semi-automated risk assessment method with respect to the factors identified as critical in severa...
متن کاملTowards Legal Privacy Risk Assessment Automation in Social Media
End users activities in social media lead to regular changes in the overall privacy impact because they continually encounter or meddle in all forms of private data associations. Users are exposed to regular changes in risk level as a result of regular updates. To keep an overview over risk exposure, privacy risk assessments, in theory, should be re-done upon every update in a user’s network. E...
متن کاملAn Intelligent Railway Safety Risk Assessment Support System for Railway Operation and Maintenance Analysis
The paper presents the development of an intelligent railway safety risk assessment based support system. The proposed method can evaluate qualitative and quantitative safety risk data and information in a uniform manner for railway safety risk assessment. It permits the safety risk analysts to assess the risks associated with the failure modes directly using linguistic terms, i.e. qualitative ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1704.01175 شماره
صفحات -
تاریخ انتشار 2017