Model-Based Risk Analysis Approach for Network Vulnerability and Security of the Critical Railway Infrastructure.

This study focuses on threat modeling, vulnerability analysis, and risk management within the critical railway transportation infrastructure. The Railway Transportation System is a highly complex, national critical infrastructure and its cybersecurity evaluation is crucial, but is still an extremely hard problem. In this paper, a novel threat modeling and risk management approach using a domain-specific modeling environment is presented. Two risk analysis techniques based on attack trees are developed to systematically model the potential risks in a cyber-physical system and provide quantitative analysis of the vulnerabilities. The automated risk assessment tool can prioritize component level vulnerabilities for potential mitigation actions. A scenario language and associated tools in the framework allow modeling and evaluation of cyber-games using a library of system exploits and mitigation actions. Cyber-games enable assessment of system-level risks and development of comprehensive risk management plans. Another key capability is the handling of dynamic network connections with variable vulnerability propagation in railway communication networks where locomotives and its devices are mobile. These capabilities are demonstrated with a case study in the railway transportation domain.