Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

Published bySabina Marciniak Modified over 5 years ago

Similar presentations

Presentation on theme: "ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig"— Presentation transcript:

1 ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig
CYbersecurity in the RAILway sector : lessons learnt from EU SECRET project and EU CYRAIL Project ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig Bruno De Rosa UIC Security Division

2 INTERNATIONAL UNION OF RAILWAYS
What is the UIC? INTERNATIONAL UNION OF RAILWAYS THE MISSION NOWDAYS Promote rail transport at world level in order to meet both current and future challenges of mobility and sustainable development. Promote interoperability. Develop and facilitate all forms of international cooperation among Members (e.g. sharing of best practices). Support Members in their efforts to develop new businesses and new areas of activity. Propose new ways to improve technical and environmental performance of rail transport. ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

3 …some numbers about UIC
ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

4 Rail Security at UIC SECURITY WORKING GROUPS
SECURITY PLATFORM : GLOBAL LEVEL Current chair : DB AG (Germany), Gerd Neubeck. Current Vice chair : VIA Rail (Canada), Marc Beaulieu. SECURITY WORKING GROUPS HUMAN FACTORS Chaired by RZD (RUSSIA) SABOTAGE INTRUSIONS ATTACKS Chaired by DB (GERMANY) ANNUAL CONGRESS and SECURITY WEEK 2018 World Security Congress will be held in Slovenia, with a focus on “Crisis Management & resilience” 2018 Security Week will be held in UIC HQ in Paris, June. TECHNOLOGY Chaired by CZK (CZECH REPUBLIC) 3 PERMANENT WORKING GROUPS 2 THEMATIC WORKING GROUPS (UPON MEMBERS’ REQUEST) BORDERS CROSSING, INTERNATIONAL CORRIDORS Chaired by PKP PLK (POLAND) STEERING COMMITTEE (Quarterly) UIC Activities: UIC Regions: UIC Partners: STRATEGY, PROCEDURES AND REGULATIONS Chaired by SNCB (BELGIUM) ANNUAL CONGRESS, to capitalize on the activities carried out during the year and to propose new priorities. Rail system, Freight, Passenger, Fundamental Values. including Colpofer (Europe), Coordinating Council on Transiberian Transportation. UITP, RAILPOL, CER, EIM… ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

5 Railways have been so far generally considered as a ‘safe domain’ with regard to cybersecurity issues The shift towards inter-modal transports will require management systems capable of connecting previously separated layers and entities, but also of preventing malicious attacks directed to new potential weak spots in the chain. The need for a smarter mobility will call for a new generation of intelligent transportation services. Railways have been so far generally considered as a ‘safe domain’ with regard to cybersecurity issues mainly because they usually rely on proprietary, segregated networks, with specific protocols for management, communication and signalling… Customers are constantly seeking for reliable and seamless internet connectivity not only to plan, book and manage their journeys, but also to entertain themselves or work inside the stations and on the trains. ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

6 Cybersecurity on rail : the challenges
INCREASE OF THE POTENTIAL ATTACK SURFACE INCREASE OF THE NUMBER OF ATTACK VECTORS MANY LAYERS OF THE SYSTEM COULD BE EXPOSED TO BOTH CYBER AND CYBER-PHYSICAL ATTACKS. ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

7 Rail CYBER ATTACKS EU CYRAIL Project
UIC IS TACLKING DIFFERENT ASPECTS OF THESE CHALLENGES WITH THREE DIFFERENT ACTIONS: Rail EM (Electro Magnetic) ATTACKS EU SECRET Project Rail CYBER ATTACKS EU CYRAIL Project Exchange of experiences among railway companies and other third-party stakeholders, through: Working Groups, publications, initiatives (e.g. Workshop on Cybersecurity held during the UIC Security Week, 19 June 2018, Paris) ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

8 EU Project SECRET This project has received funding from the European Union’s Seventh Framework Programme for research, technological development and demonstration under grant agreement n° Duration: 01 August 2012 for 36 Months Budget : 4,268 M€ (3,059 M€ funding by EU) Coordinator : IFSTTAR (France) Partners : 10 Partners from 5 countries Protection of railway infrastructure against EM attacks through: Assessing the risks and consequences of EM attacks on the rail infrastructure Identifying preventive and recovery measures Developing protection solutions for EM attacks Producing technical recommendations to reinforce the railway infrastructure ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

9 Rail networks: attractive targets for EM attacks
Railways are a mass transport system, easy to access, open, potentially high economic and security impacts Many vulnerable components in the railway system : Sensors (balises), antennas, communication systems Multiplication of emission devices, antennas and amplifiers accessible to the general public Easy to design emissions devices able to disrupt rail technologies ERTMS homogenizes the technologies in Europe and so the vulnerabilities Facilitates the implementation of organized and simultaneous attacks. CASE 1: THE TARGET IS AN ELECTRONIC DEVICE Permanent or Temporary Default on electronic devices with HIGH FREQUENCY EM emission = damaging or disrupting, confusing ELECTRONIC DEVICE Electro-Magnetic SIGNAL ANTENNA ELECTRONIC DEVICE CASE 2: THE TARGET IS TO AVOID THE DATA TRANSMISSION Jamming the data transmission between the devices with LOW FREQUENCY EM emission = disrupting or confusing the system ELECTRONIC DEVICE DATA TRANSMISSION Electro-Magnetic SIGNAL ANTENNA ELECTRONIC DEVICE EU SECRET PROJECT scope

10 Scope of the SECRET Project
SECRET considers any system of emission, authorized or not, available on the public domain market producing low-frequecy electro-magnetic emissions, such as jammers, remote controls, etc. but does not consider High Power Intentional Electromagnetic Sources. WHY? Because low power intentional interferences can be sufficient to break the communication links; Their effects would be diagnosed as a technical failure Bad impact on operator/railways image Explain that the train stop in emergency ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

11 Public Results : WHITE PAPER
This project has received funding from the European Union’s Seventh Framework Programme for research, technological development and demonstration under grant agreement n° Public Results : WHITE PAPER CONTENTS: 3 categories of recommendations covering: Prevention from EM jamming effects Detection of EM attacks Mitigation of EM jamming effect About 40 recommendations on: - Organisation - Standardization - Technical aspects PREVENTION from EM jamming effects Methodology recommendations Planning security risk assessment study to define wether existing risks are tolerable and that risk control measures are adequate (incorporates risk analysis and risk evaluation phases) Ensuring its interoperability with Risk Analysis Methods Operational recommendations Minimizing the emergency brake impact Engineering Recommendations DETECTION OF EM JAMMING Jammer detection techniques Detection based on Error Vector Magnitude monitoring on monitoring the frequency spectrum occupation on monitoring QoS Jammer Detection Application ON-board vehicle fixed detector On board portable detector Trackside BTS proximity detector Trackside mobile detector Train station detector Methodology Recommendations Harmonized indicators and reference conditions Inputs to be considered when designing a dedicated EM attack detection solution MITIGATION OF EM JAMMING EFFECTS ON TRAIN TO GROUND COMMUNICATIONS Operational Recommendations Ground BTS ---- Increase temporarily the ground BT output Train Antenna ---- SPACE DIVERSITY (Switching from train front cab radio equipment to the rear equipment when a jamming situation is detected) Radio Network Decision Criteria for Mitigation Activation Document available online at: ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

12 CYbersecurity in the RAILway sector
Duration: 1 Oct Sept. 2018 Budget : 1,5 M Coordinator : Evoleo Technologies Consortium : 6 Partners from 5 countries Small but multidisciplinary consortium: members from different domains bring benefits from other domains (IT, aerospace, Stakeholders, Academia) They use the solutions in their domain, and the project will assess the existing solutions and find which are the most adapted for the rail sector ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

13 Cybersecurity on rail : the challenges
Rail Networks are Critical Infrastructures. Their nature is heterogeneous and geographically-distributed. Older technologies are slowing down the evolutionary process (e.g. circuit-switching, GSM-R) Rail Systems are more and more (inter-)connected and open. Rail Technologies are becoming increasingly interoperable and harmonized. Threats (human- and technology-based) - are adapting quicker than traditional security detection methods. Rail Networks are Critical Infrastructures. National, international and thus direct and/or indirect interdependancies are in place. Escalating or Cascading transnational effects can be foreseen in certain cases. Old technologies are slowing down the evolutionary process. (such as Circuit-switching and GSM-R) but new technologies often bring new vulnerabilities. Rail Systems are more and more connected and open. On the other hand the potential attack surface increases dramatically. Rail Technologies are becoming more and more interoperable and harmonized. Threats (human and technology based) - are adapting quicker that traditional security detection methods. Attackers are a multitude smart, motivated (various motivations) , agile (they adapt quicker their attack methods because they are flexible, they don’t have policies and procedures and regulations to respect). These could expose many layers of the system to both cyber and cyber-physical attacks (explain), potentially involving or triggering domino effects within the same or different domains ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

14 Project Goals Perform a cyber security assessment of the Railway systems; Deliver a taxonomy of threats targeting rail management and control systems; Assess and select innovative rail management systems attack detection techniques; Specify Countermeasures and Mitigation strategies for improved quality levels; Achieve Security by Design, by selecting a development framework and specifying Protection Profiles with Evaluation of Assurance Levels. What are the most critical railway services, zones and communications? What are the threats? WP4 threat taxonomy (ACTOR, TARGET, CONTEXT, ATTACK, IMPACT), anaysis of past attacks against rail and against other sectors, comparative study, future cyber threat scenarios. How to detect attacks targeting rail management systems? The challenge here is to …. To specify adapted techniques to detect attacks as early as possible, with the least impact on operation and at an acceptable cost TO DO SO: assess the existing CYBER ATTACK detection techniques, ANOMALY detection techniques, PHYSICAL INTRUSION detection techniques ) combining these techniques to be able to detect complex/multi-steps cyber attacks on rail infrastructures. Assessment of 30+ existing solutions (both railway and non railway focused) How to prevent attacks and how to make the system resilient? WP 5 countermeasures to prevent threats from impacting the systems, definition of mitigation strategies to minimize the impact, definition of resilience mechanisms to ensure system availability in presence of a security breach Pprofiles: A Protection Profile (PP) is a document used as part of the certification process according to ISO/IEC and the Common Criteria (CC). As the generic form of a Security Target (ST), it is typically created by a user or user community and provides an implementation independent specification of information assurance security requirements. A PP is a combination of threats, security objectives, assumptions, security functional requirements (SFRs), security assurance requirements (SARs) and rationales. ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

15 Further information on
CYRAIL Final Conference well be held on September 18, 2018 at UIC HQ in Paris. Website : Coordinator of the project : ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

16 THANKS FOR YOUR KIND ATTENTION
SAVE THE DATE OF NEXT EVENT: CYBERSECURITY WORKSHOP will be held on 19 June, during the UIC SECURITY WEEK in Paris, UIC HQ. SECRET Project : CYRAIL Project : UIC Security Division : Contact point : ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig

Download ppt "ITF/UIC/UNECE Workshop on Rail Security, 23 May 2018, Leipzig"

Similar presentations

WP4 – 4.1 and 4.2 Preparatory activities for the creation of the WATERMODE permanent network 1 Technical Committee Meeting Venice, June 24-25, 2010 VENETO.

WP4 – 4.1 and 4.2 Preparatory activities for the creation of the WATERMODE permanent network 1 Technical Committee Meeting Venice, June 24-25, 2010 VENETO.
SECURITY RESEARCH SEVENTH FRAMEWORK PROGRAMME 2007-2013 Mark Stroud Home Office Scientific Development Branch UK Security Programme Committee Member.

SECURITY RESEARCH SEVENTH FRAMEWORK PROGRAMME Mark Stroud Home Office Scientific Development Branch UK Security Programme Committee Member.
CIRAS PROJECT OVERVIEW

CIRAS PROJECT OVERVIEW
GAMMA Overview. Key Data Grant Agreement n° 312382 Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget: 14.837.981.

GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.

WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
EU Wetland conservation policy. Communication on the Wise Use and Conservation of Wetlands (1995) => first European document dedicated exclusively.

EU Wetland conservation policy. Communication on the Wise Use and Conservation of Wetlands (1995) => first European document dedicated exclusively.
6th Framework Programme Thematic Priority Aeronautics and Space.

6th Framework Programme Thematic Priority Aeronautics and Space.
119 October 2010CER The Voice of European Railways The European & rail sector’s perspective: an increased interest for Climate Change Adaptation Adapting.

119 October 2010CER The Voice of European Railways The European & rail sector’s perspective: an increased interest for Climate Change Adaptation Adapting.
C-LIEGE Contract N°: IEE/10/154/SI2.589407 Project duration: from 1 st June 2011 to 30 st November 2013 Date of creation: 4 th July 2011 Clean Last mile.

C-LIEGE Contract N°: IEE/10/154/SI Project duration: from 1 st June 2011 to 30 st November 2013 Date of creation: 4 th July 2011 Clean Last mile.
The URBACT II Programme General Presentation Vilnius, 20 January 2011.

The URBACT II Programme General Presentation Vilnius, 20 January 2011.
Overview of ITU-T Study Group 5 “Environment and Climate Change” Cristina Bueti, Adviser, ITU.

Overview of ITU-T Study Group 5 “Environment and Climate Change” Cristina Bueti, Adviser, ITU.
A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.
A project implemented by the HTSPE consortium This project is funded by the European Union SUSTAINABLE GROWTH LIFE2014-2020.

A project implemented by the HTSPE consortium This project is funded by the European Union SUSTAINABLE GROWTH LIFE
Mitigation matrices for derailment prevention Railway Days| Bucuresti| 8 th - 9 th Oct. 2013. Theme [SST.2011.4.1-3] Development of the Future Rail System.

Mitigation matrices for derailment prevention Railway Days| Bucuresti| 8 th - 9 th Oct Theme [SST ] Development of the Future Rail System.
UIC presentation North South Conference, Catania, 27 April 2013 Jacques COLLIARD, head of UIC security Division.

UIC presentation North South Conference, Catania, 27 April 2013 Jacques COLLIARD, head of UIC security Division.
EU Funding opportunities 2014-2020: Rights, Equality and Citizenship Programme Justice Programme Jose Ortega European Commission DG Justice.

EU Funding opportunities : Rights, Equality and Citizenship Programme Justice Programme Jose Ortega European Commission DG Justice.
WebCast 5 May 2003 Proposed NERC Cyber Security Standard Presentation to IT Standing Committee Stuart Brindley, IMO May 26, 2003.

WebCast 5 May 2003 Proposed NERC Cyber Security Standard Presentation to IT Standing Committee Stuart Brindley, IMO May 26, 2003.
The European agenda on improving the efficiency of employment and social policies: Bratislava, December 2011 The example of social experimentation.

The European agenda on improving the efficiency of employment and social policies: Bratislava, December 2011 The example of social experimentation.
Piemonte Workshop 1 11 September 2006 Paolo Salieri European Commission DG ENTR-H4 Security research in FP7.

Piemonte Workshop 1 11 September 2006 Paolo Salieri European Commission DG ENTR-H4 Security research in FP7.
UIC Safety Unit activities – UNECE Railway Safety Workshop Geneva, 24 November 2015 Peter Gerhardt, Manager of UIC Safety Unit.

UIC Safety Unit activities – UNECE Railway Safety Workshop Geneva, 24 November 2015 Peter Gerhardt, Manager of UIC Safety Unit.

Similar presentations

Ads by Google