Prioritising the cyber threats to ICS in rail

Source: RTM Feb/Mar 16

Dr John Easton, a lecturer working with the Birmingham Centre for Railway Research and Education at the University of Birmingham, discusses the growing threat to the railways from cyber-attacks.

Hardly a week goes by when there isn’t at least one major cyber security story in the news, and as recent incidents involving companies such as Sony have shown, even the big technology providers are not immune to this growing threat. 

When thinking about cyber-attacks many of us naturally focus on the familiar; in the case of ICT systems that means desktop PCs and servers, the types of equipment we see at home or in the office. In large industrial systems like the railways however, front and back-office IT systems are just one of a number of classes of ICT equipment involved in day-to-day operations. 

In the railways, as in many large infrastructure-based systems, Industrial Control Systems (ICS) are a key element in the delivery of business objectives (i.e. the provision of signalling and train control). ICS are distinct from more conventional ICT because they possess a combination of both cyber and physical components, such as sensors and actuators. 

ICS pose unique challenges from the perspective of security, as they commonly have long service lives, and comprise multiple generations of equipment from a wide range of suppliers. The software used to control ICS is often custom-written, so the use of older, unsupported operating systems is commonplace, and the rate of application of security patches (if available) is frequently much lower than is seen in conventional ICT systems due to the need to ensure availability of the infrastructure. 

Increasing exposure of ICS to attacks 

Traditionally, ICS have been considered as comparatively safe from cyber-attacks; this was largely because they were based around proprietary hardware, ran on physically separated networks, and often used custom communications protocols. 

In recent years however, ICS have begun to use larger numbers of standardised Commercial Off-The-Shelf (COTS) components, most of which use the same IP-based communications used in other ICT systems. 

While the use of COTS technology decreases costs and helps to make ICS more interoperable, it can also increase both the exposure of ICS to attack, and make it easier for attackers to transfer successful methods of attack from other ICT systems. 

An interesting differentiator between ICS and other ICT systems is that in an ICS there is the potential for real-world impacts to result from cyber-attacks. 

In 2014, a cyber-attack on a steel mill in Germany became one of the first confirmed instances of physical damage to the infrastructure, and while this might suggest that the threat to ICS from cyber-attacks is small, by far the most common impacts of attacks to ICS are denial of service leading to reputational and financial damage for the operators. 

Rather more worryingly, cyber-attacks do not need to be deliberately targeting a particular system to cause this type of disruption; in December 2011 an attack on the signalling system of a railway in US Pacific Northwest led to a 15-minute delay to services, but was later found to have been the result of a “random incident” and not a targeted attack.

The threat to rail is real 

The threat to the railways from cyber-attacks to their ICS is real, and the industry is responding to the challenge with strong leadership being provided by stakeholders such as RSSB and Network Rail. 

Despite this, with the roll out of new ICS, including the European Train Control System (ETCS) on the horizon, it’s important that every effort is made to provide industry ICT staff with the tools they need to fully understand and mitigate the risk of cyber-attack to this class of equipment. 

The Engineering and Physical Sciences Research Council funded SCEPTICS project, part of the Research Institute for Trustworthy Industrial Control Systems (RITICS), aims to do just that. The team are developing a three-stage process that will enable railway ICT staff to identify and prioritise the ICS that are most important to the delivery of railway operations, describe those systems and their interfaces using a standardised set of documents, and (in conjunction with security experts) assess the risk to those systems from cyber-attacks. 

Perhaps most importantly, the team hope that by providing processes for assessing ICS, they will raise awareness of this class of equipment within the industry, and where security is concerned ensuring stakeholder awareness of risks is a major step towards preventing attack.

Tell us what you think – have your say below or email [email protected]


Steve Robbins   29/03/2016 at 18:30

Dr Easton is right - real opportunity for intrusion comes when multiple discrete systems, which themselves may have been designed some time ago when the threat landscape was very different, are then networked together. There are at least two factors at work. The first is that the individual systems themselves may be vulnerable and subject to compromise when used in a different manner to that originally intended. The second is that, when systems are linked together in this way, no one supplier assumes responsibility for the overall security of the whole, due to technical (e.g. lack of security awareness) or economic (e.g. we're being paid for an xyz subsystem, but not for overall system security; that's someone else's problem) reasons. Steve Robbins MSc

Add your comment

rail technology magazine tv

more videos >

latest rail news

View all News

rail industry focus

Versatile coating system enhances Indestructible Paint rail industry role

12/08/2020Versatile coating system enhances Indestructible Paint rail industry role

A highly versatile and robust epoxy coating s... more >
Network Rail partners with Cycling UK for new initiative

03/08/2020Network Rail partners with Cycling UK for new initiative

Network Rail and Cycling UK have launched a p... more >

editor's comment

23/01/2018Out with the old...

Despite a few disappointing policy announcements, especially for the electrification aficionados amongst us, 2017 was, like Darren Caplan writes on page 20, a year generally marked by positive news for the rail industry. We polished off the iconic Ordsall Chord (p32), hit some solid milestones on Thameslink (p40), progressed on ambitious rolling stock orders (p16), and finally started moving forward on HS2 (p14) ‒ paving the way for a New Year with brand-new infrastructrure to... read more >

last word

Encouraging youngsters to be safe on the railway

Encouraging youngsters to be safe on the railway

This summer, Arriva Group's CrossCountry and the Scout Association joined to launch a new partnership to promote rail safety among young people. Chris Leech MBE, business community manager at the TOC, gives RTM an update on the innovative scheme. Recognising that young people are more likely to take a risk trespassing on railway tracks, C... more > more last word articles >

'the sleepers' daily blog

On the right track, Sulzer is awarded RISAS accreditation for Nottingham Service Centre

29/06/2020On the right track, Sulzer is awarded RISAS accreditation for Nottingham Service Centre

Following an independent audit, Sulzer’s Nottingham Service Centre has been accepted as part of the rail industry supplier approval scheme (RISAS). The accreditation reinforces the high-quality standards that are maintained by Sulzer’s network of independent repair facilities across the UK and further afield in its global network. ... more >
read more blog posts from 'the sleeper' >


Andrew Haines, CE of Network Rail, tells BBC News his organisation could issue future rail franchises

24/06/2019Andrew Haines, CE of Network Rail, tells BBC News his organisation could issue future rail franchises

Andrew Haines, the Chief Executive of Network Rail, has told the Today programme on Radio 4's BBC’s flagship news programme that he wo... more >
Advancing the rail industry with management degree apprenticeships

08/05/2019Advancing the rail industry with management degree apprenticeships

In answering the pressing questions of how current and future generations of managers can provide solutions to high-profile infrastructure projec... more >
Women in rail - is the industry on the right track?

12/03/2019Women in rail - is the industry on the right track?

RTM sits down with Samantha Smith, sole female member of the TransPennine Route Upgrade Alliance Leadership Team, to find out more about encourag... more >
TfN Strategic Transport Plan: not just for transport's sake

22/01/2019TfN Strategic Transport Plan: not just for transport's sake

Peter Molyneux, Transport for the North’s (TfN’s) strategic roads director, has been leading on the development of the seven economic... more >