Developing cyber-resilience together: Industry cooperation for more security

Author: Alexander Patton
Day: Aspect Day One
Session: Cyber Resilience
Shortly after ASPECT 2017, the industrial control systems community received a stark reminder of the cyber threat to critical infrastructure. An energy plant in Saudi Arabia had been shut down by malware. Except, this malware was different: It had successfully infected the SIL-rated Safety Instrumented System and attempted to cause a wrong-side failure. All that stood between the plant and violent tragedy were a couple of small coding mistakes on the part of the attackers.
Like in the wider industrial control systems community, railway digitalisation is rapidly introducing commercial information technologies to signalling and train control systems. While this provides for significant opportunities, it introduces new risks. The security risks posed by digitalisation are unique because of the increased exposure to, and/or magnified impact of, a cyber-attack.
As cyber threats continue to grow, governments are beginning to introduce security regulations that  impact the signalling and train control industry. The best example is probably the EU Network and Information Systems (NIS) Directive -- the world’s first inter-governmental initiative on cyber security -- which came in to effect in May 2018. It places legal obligations on the operators of essential services, including railway infrastructure, to:
  • Manage Cyber Security Risk
  • Protect Critical Infrastructure Systems from Cyber-Attack
  • Detect Cyber Security Incidents
  • Minimise the Impact of Cyber Security Incidents
The signalling industry is still in the early stages of addressing these objectives, and stakeholders are at varying levels of maturity. Currently, S&TCS asset owners take different approaches to security management. Individual system suppliers consider security architecture within their own limited scope. Vendors build products to varying levels of security and sometimes with incompatible technologies. When security functionality does finally make it to the railway, it can become obsolete long before the end of the system lifespan.
To efficiently and effectively manage security risk across the railway, stakeholders must work together to overcome this maturity gap. Like has been done with safety, the industry needs to collaborate on a standard approach, agree clearly defined baselines and create interoperable security architecture. To achieve this, stakeholders will need to overcome challenges including protecting one’s intellectual property and commercial position while openly cooperating on cyber security. This paper examines why industry cooperation is an essential part of building a more secure and resilient railway, how we can leverage it and what challenges there are to implementing such cooperation.