Click here to flash read.
Technological advances in the telecommunications industry have brought
significant advantages in the management and performance of communication
networks. The railway industry is among the ones that have benefited the most.
These interconnected systems, however, have a wide area exposed to
cyberattacks. This survey examines the cybersecurity aspects of railway systems
by considering the standards, guidelines, frameworks, and technologies used in
the industry to assess and mitigate cybersecurity risks, particularly regarding
the relationship between safety and security. To do so, we dedicate specific
attention to signaling, which fundamental reliance on computer and
communication technologies allows us to explore better the multifaceted nature
of the security of modern hyperconnected railway systems. With this in mind, we
then move on to analyzing the approaches and tools that practitioners can use
to facilitate the cyber security process. In detail, we present a view on cyber
ranges as an enabling technology to model and emulate computer networks and
attack-defense scenarios, study vulnerabilities' impact, and finally devise
countermeasures. We also discuss several possible use cases strongly connected
to the railway industry reality.
