Cybersecurity for Signaling Solutions: How to Properly Protect Rail Communications
While cyberattacks are not frequent for any specific business, when they do occur, the resulting consequences can be catastrophic. For rail, they also involve substantial safety risks since cyber-attacks on rail signaling systems might affect mission-critical equipment utilized for train control. With the introduction of modern digital signaling solutions, the potential surface for cyber-attacks has only increased. As smart cities become more widely adopted, we can anticipate a further increase in connectivity with transportation networks.
In the past five years, the rail industry has seen a noticeable surge in hacker activity. Fortunately, there are now numerous security solutions available to combat this issue. By implementing robust cybersecurity measures, the risk of attack can be mitigated, and the potential damage to sensitive data can be minimized. According to Security Directive 1580-21-01 taken by TSA, every rail owner and operator must have a cybersecurity coordinator, report every case of a cybersecurity incident, develop an incident response plan, and assess the current cybersecurity status and vulnerabilities of the existing cybersecurity measures. CENELEC has developed guidance for rail companies on how to manage cybersecurity.
The rail industry has finally realized the criticality of cyber-attacks and the need to respond promptly with preventive security measures. Despite this, many signaling solutions are being developed without due consideration to cybersecurity. As a leading signaling solutions company, PSA is fully committed to promoting cybersecurity in rail operations. Keep reading to discover how to safeguard train control operations.
Why It Is Important to Secure Communications within Signaling Solutions?
Signaling solutions in rail guarantees rail transportation safety whereas digital signaling systems also provide optimized capacity. Having different architectures, modern signaling systems are built through similar principles and technologies that allow them to identify their common vulnerabilities and approaches to mitigate them. The most vulnerable points here are train-to-ground communication, dispatching, and onboard security must be protected against denial of service, a man-in-the-middle attack, rogue access points, and other attacks.
Signaling systems transport critical data to provide reliable and safe train control, within activities like monitoring train speeds, managing traffic signals, and controlling brakes. Thus, a breach can disrupt operations for the whole rail network and endanger passengers and crew. We identified common factors that reveal security gaps in rail signaling solutions:
1. Modern Signaling Solutions Are Not Designed to Be Secure
When developing signaling solutions for the railway network, proprietary protocols are used, but information encryption functionality is not provided. The use of off-the-shelf cyber protection solutions for railways may not consider the needs of the rail, and the individuality of the signaling infrastructure, which may cause insufficient protection and false positives.
2.Train-to-Ground Communication Is Provided Wirelessly
A wireless network is more vulnerable than a wired network due to the fact that the signal propagates beyond the participants in the communication. Some protocols, such as GSM-R that is used for ETCS, are generally outdated and insecure standards. Since they can transmit mission-critical information, such as authorities and restrictions, ATP data, interlocking communications, and so on, the communication must be particularly secure.
3. Interoperable Nature of Signaling Solutions
The rail signaling system, in fact, touches all the critical rail assets within the wayside, onboard, and dispatching. It brings a wider surface for cyber-attacks, and, subsequently, a bigger volume of potential damage. Issues arise not only over the modern signaling systems but also when connecting new assets to the legacy infrastructure.
4. Interlocking Commands Can Be Given from a Computer
If dispatchers have control over interlockings, any disturbance to their workplace can greatly affect the rail network's operations.
Cyber-attacks on rail signaling systems can be expressed in the interception of information, changing critical instruction, reconfiguring a system, transferring false data, and so on.
How to Secure Data within Signaling Solutions?
Since signaling data is transferring over various rail assets, it requires consideration of cyber security in two main directions – encryption of the data, and authentication. For all the digital signaling systems, namely, CBTC, PTC, ETCS, and CTC, we recommend focusing on the following cybersecurity activities.
Key Management System for Encrypting Sensitive Data
To protect train-to-ground communication, Key Management Systems (KMS) are used to distribute the cryptographic keys between railway devices. To transfer dynamic information between distant wayside devices and moving trains, the system had to enable stable and secure wireless communication, making any data breach impossible. KMS generates, distributes, revokes, and manages cryptographic keys that are used while transmitting messages between rail units. In this way, it verifies the secure connection while saving cryptographic keys up to date. The system also involves secure key storage and a third-party authenticator – the Certification Authority (CA) that validates the security and relevance of the keys. The system can be deployed as an on-premises and cloud solution, which increases its flexibility.
However, while developing any rail cybersecurity solution, it is crucial to ensure that it does not increase the latency within the entire system. The high latency gives intruders more time to roam over the system, and therefore, causes harm. By the way, various rail systems are then connected to CBTC/PTC/ETCS units, such as Traffic Management, or Supervision system, which brings hazards to more rail operations.
Authentication Measures to Prevent Unauthorized Access
Modern signaling systems can be attributed to the ecosystems of the Industrial Internet of Things since they involve a large number of distributed assets and can transmit data via Internet protocols. For such systems, access control is critical, since it is required to make sure that the assigned person has access to the sensitive data. In such cases, it is most reliable to use MFA solutions, which certify from all respondents that the access is reliable. One of our latest projects – Passwordless MFA System – is aimed at developing a new authentication standard – Full Duplex Authentication that allows for verification of all sides of the interaction, both services and the users. Indeed, it is critical to secure access to all rail applications that generate, store, or transport critical data.
Signaling Solutions & Cybersecurity: Summing Up
- The market for cybersecurity solutions in rail has grown recently, which is naturally associated with an increase in the number of cyber-attacks and an increase in the potential vulnerability of modern signaling systems.
- Modern signaling solutions, such as CBTC, PTC, or ETCS are not designed with cybersecurity in mind and often require custom solutions considering their specific architectures.
- An additional vulnerability to digital signaling systems creates a wireless way of transferring critical data, the interconnectivity between all the assets, and the possibility to manage critical operations from a computer.
- To secure train-to-ground communication, it is necessary to apply data encryption by implementing a Key Management System. Particular attention should also be paid to authentication solutions to secure access to rail apps.