kth.sePublications
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Optimizing Cyber Security Gap Analysis for Legacy Railway Control Systems: A Proposed New Gap Analysis Process using CIS Benchmarks™
KTH, School of Electrical Engineering and Computer Science (EECS).
2023 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesisAlternative title
Optimera cybersäkerhets gapanalys för äldre järnvägs kontrollsystem : En föreslagen ny process för gapanalys med CIS Benchmarks™ (Swedish)
Abstract [en]

The global concern over cyber security threats to railway control systems is growing due to the factual and potential threats that could lead to severe consequences, including disruption, derailment, and collision. Legacy railway control systems, which were not originally designed with cyber security in mind, are particularly vulnerable to common cyber attacks. It is important and urgent for both operators and asset owners of railway control systems to determine and understand the cyber security capabilities and gaps in their current railway systems. This report proposes a new gap analysis process to optimize cyber security gap analysis process for legacy railway control systems by using the CIS benchmarks produced by Center for Internet Security (CIS). The proposed process includes an efficient verification testing approach to cover most of the IEC 62443-4-2 requirements. Furthermore, we compared the proposed new process with the traditional gap analysis process and show that the new process has advantages in efficiency, cost-effectiveness, and standardization.
Abstract [sv]

Den globala oro för cybersäkerhetshot mot järnvägskontrollsystem ökar på grund av faktiska och potentiella hot som kan leda till allvarliga konsekvenser, inklusive störningar, avspårning och kollisioner. Legacy järnvägskontrollsystem, som inte ursprungligen designades med hänsyn till cybersäkerhet, är särskilt sårbara för vanliga cyberattacker. Det är viktigt och brådskande för både operatörer och tillgångsägare till järnvägskontrollsystem att fastställa och förstå cybersäkerhetskapaciteterna och bristerna i sina nuvarande järnvägssystem. Denna rapport föreslår en ny gap-analysprocess för att optimera cybersäkerhetsgapanalysprocessen för legacy järnvägskontrollsystem genom att använda CISstandarder producerade av CIS. Den föreslagna processen inkluderar ett effektivt verifieringstestningsapproach för att täcka de flesta av IEC 62443- 4-2 kraven. Dessutom jämför vi den föreslagna nya processen med den traditionella gap-analysprocessen och visar att den nya processen har fördelar i effektivitet, kostnadseffektivitet och standardisering.
Place, publisher, year, edition, pages
2023. , p. 53
Series
TRITA-EECS-EX ; 2023:953
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:kth:diva-344525OAI: oai:DiVA.org:kth-344525DiVA, id: diva2:1845302
External cooperation
ALSTOM Transportation Sweden AB
Examiners
Available from: 2024-03-20 Created: 2024-03-18 Last updated: 2024-03-20Bibliographically approved

Open Access in DiVA

fulltext(1909 kB)324 downloads
File information
File name FULLTEXT01.pdfFile size 1909 kBChecksum SHA-512
cf68faa385d14544b76a25f745e56765cffb5e6d95ea16464fb76575644308376b6de32e95f16325b47f86c47394a042c1c45db4430dedd9bd3eba6d1e760ad4
Type fulltextMimetype application/pdf

By organisation
School of Electrical Engineering and Computer Science (EECS)
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 328 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 619 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.46.0
|
WCAG
|
KTH Library
|
DiVA support
|
Register in DiVA
|
Posting your thesis
|
SwePub