Challenges and Approaches in Securing Safety-Relevant Railway Signalling

Abstract

The railway domain is a complex critical infrastructure (CI) linking communication and control elements, and susceptible to multiple security threats similar to those encountered by industrial control systems. However, protecting modern railway signalling systems is a challenging task given the rigorous human safety standards that must be adhered to while augmenting the systems with security mechanisms. As railway CIs are subject to strong regulation and also cannot be adequately protected by physical security given that they are distributed over large areas, the strong interplay of security and safety requirements results in both unique problems and solutions. In this paper, we describe the current state of railway signalling, the obstacles to consider when protecting signalling using state of the art information security, and also outline contemporary approaches to address such obstacles. Overall, we propose a shell concept as an approach to decouple safety and security.