Revealing Existing Attack Vulnerabilities in the Rail System

REAVRS-Logo.png

 

ORIGINAL TITLE OF PROJECT
Identifikation bestehender Angriffspotentiale für das System Bahn

PROJECT NUMBER
2020-23-S-1202

START DATE
01.04.2021

END DATE
30.06.2023


FUNDED BY

DZSF - Projekte - Cybersecurity - Identifikation bestehender Angriffspotentiale (bund.de)   

          eisenbahn-bundesamt.png

Project Scope

Due to a high level of technology as well as the increasing use of connected digital technologies, among other factors, the rail system has been observed to be susceptible to various types of attacks.

The overall system (consisting of people and technology) has been predominantly developed without special consideration of security requirements capable of opposing these attacks. A main reason for this can be found in the lack of a systematic identification and evaluation of attack potentials originating in the special characteristics of the rail system. Hence, there is little knowledge of possible points of attack within the existing system. Until the introduction of a comprehensive, long-term "railroad" safety concept, these weak spots should first be identified as extensively as possible. Building on this first step, a careful examination of underlying causes will be conducted, followed by an assessment of associated risks.

While a large number of attack potentials for railway subsystems have been already sufficiently investigated, there is still a lack of results for the overall system. Therefore, the aim of the project is the holistic identification of current vulnerabilities of the rail system to attacks on different levels. In particular, weaknesses in relation to cybersecurity, organization, voice and data communication and physical interventions are to be determined. The next step consists of an examination of the causes for the identified weak spots in order to carry out a well-founded assessment and prioritization of the underlying risks. Based on these insights, recommendations for security measures, counter-strategies for incident management as well as preventive measures will be developed, setting the foundation to implement them in the short and medium-term.

Project management

Logo UniBwM                 Logo Comtessa

Project Partner

 

Logo IVE mbH Hannover  

IVE mbH
Hannover


Logo CreaLab GmbH

CreaLab GmbH
Feldkirchen-Westerham



Logo Institut für Verkehrswesen, Eisenbahnbau und -betrieb der TU Braunschweig

Institut für Verkehrswesen, Eisenbahnbau und -betrieb
der TU Braunschweig

Contact

Project Office Project Office

Legende

  • 1: Project Office