IT security risk analysis and threat mitigation for railway applications

Abstract : In this article, we present a best practise approach for the evaluation and assessment of IT security demands for railway applications. State-of-the-art standards and guidelines are used to identify and evaluate threats concerning the IT security of a given railway system and corresponding requirements are derived. Taking threat mitigation measures into account, the system under consideration is revised based on its technology and system architecture. Using combined " Top-Down " and " Bottom-Up " analysis techniques, the most relevant attack patterns and penetration paths are identified for each system component or function. The result of such an analysis may require iterative revisions and eventually extends IT security requirements as compared to the derivation from standards.
Document type :
Conference papers
Fast abstracts at International Conference on Computer Safety, Reliability, and Security (SAFECOMP), 2016, Trondheim, Norway
Liste complète des métadonnées

Cited literature [1 references]  Display  Hide  Download

https://hal.laas.fr/hal-01370249
Contributor : Jérémie Guiochet <>
Submitted on : Thursday, September 22, 2016 - 11:46:24 AM
Last modification on : Friday, September 23, 2016 - 10:30:24 AM

File

7-SafeComp_2016_Fast_Abstract_...
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01370249, version 1

Collections

Citation

Patric Birr, Martin Hetzer, Simon Petretti. IT security risk analysis and threat mitigation for railway applications. Fast abstracts at International Conference on Computer Safety, Reliability, and Security (SAFECOMP), 2016, Trondheim, Norway. 〈hal-01370249〉

Share

Metrics

Record views

70

Files downloads

49