Resilience Management Concept for Railways and Metro Cyber-Physical Systems
Rajamäki, Jyri (2021)
Rajamäki, Jyri
Editoija
Eze, Thaddeus
Speakman, Lee
Onwubiko, Cyril
Academic Conferences International
2021
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi-fe2021082043794
https://urn.fi/URN:NBN:fi-fe2021082043794
Tiivistelmä
Railways and metros are good examples of cyber-physical systems (CPS). They are safe, efficient, reliable and environmentally friendly. However, being such critical infrastructures turns metro, railway and related intermodal transport operators into attractive targets for cyber and/or physical attacks. SAFETY4RAILS H2020 project of the European Commission delivers methods and systems to increase the safety and resilience of track-based inter-city railway and intra-city metro transportation. Safety engineers have established strategies over decades to remove risks and increase safety that become manifest in railway systems. On the other hand, resilience is a multifaced and not yet standardized concept so that a number of definitions and assessment methods exist, and until now, resilience management has largely focused on descriptive or diagnostic analytics following an expert judgment-based approach. This paper aims at introducing a conceptualization for resilience management of CPS and to bring the lessons to be learned from earlier projects for SAFETY4RAILS. The approach, earlier studied in the healthcare sector, is based on an integration of the concept of cyber-trust with cybersecurity science and resilience science. The paper proposes five principles that arise from the theory for resilience management processes of CPS: (1) design and implement a security management plan, (2) employ all appropriate security technologies, (3) ensure the adequacy and quality of security information, (4) make sure that situational awareness is always up to date, and (5) design and implement a resilience management plan that covers all four event management cycles (plan/prepare, absorb, recovery, adapt) and interdependencies with other systems. In addition, the paper discusses the meaning of these principles in the rail transportation sector. The paper represents the author’s views having taken part in SAFTEY4RAILS stakeholder workshops as part of the stakeholder needs and requirements analysis in the early stages of the project.