Metrics-Driven Evaluation of Cybersecurity for Critical Railway Infrastructure

TitleMetrics-Driven Evaluation of Cybersecurity for Critical Railway Infrastructure
Publication TypeConference Paper
Year of Publication2018
AuthorsNeema, H., B. Potteiger, X. D. Koutsoukos, C. Y. Tang, and K. Stouffer
Refereed DesignationRefereed
Conference NameIEEE Resilience Week
Date Published08/2018
Conference LocationDenver, Colorado

In the past couple of years, railway infrastructure has been growing more connected, resembling more of a traditional Cyber-Physical System model. Due to the tightly coupled nature between the cyber and physical domains, new attack vectors are emerging that create an avenue for remote hijacking of system components not designed to withstand such attacks. As such, best practice cybersecurity techniques need to be put in place to ensure the safety and resiliency of future railway designs, as well as infrastructure already in the field. However, traditional large-scale experimental evaluation that involves evaluating a large set of variables by running a design of experiments (DOE) may not always be practical and might not provide conclusive results. In addition, to achieve scalable experimentation, the modeling abstractions, simulation configurations, and experiment scenarios must be designed according to the analysis goals of the evaluations. Thus, it is useful to target a set of key operational metrics for evaluation and configure and extend the traditional DOE methods using these metrics. In this work, we present a metrics-driven evaluation approach for evaluating the security and resilience of railway critical infrastructure using a distributed simulation framework. A case study with experiment results is provided that demonstrates the capabilities of our testbed.