IT security risk analysis and threat mitigation for railway applications

Abstract : In this article, we present a best practise approach for the evaluation and assessment of IT security demands for railway applications. State-of-the-art standards and guidelines are used to identify and evaluate threats concerning the IT security of a given railway system and corresponding requirements are derived. Taking threat mitigation measures into account, the system under consideration is revised based on its technology and system architecture. Using combined " Top-Down " and " Bottom-Up " analysis techniques, the most relevant attack patterns and penetration paths are identified for each system component or function. The result of such an analysis may require iterative revisions and eventually extends IT security requirements as compared to the derivation from standards.
Type de document :
Communication dans un congrès
Fast abstracts at International Conference on Computer Safety, Reliability, and Security (SAFECOMP), 2016, Trondheim, Norway
Liste complète des métadonnées

Littérature citée [1 références]  Voir  Masquer  Télécharger

https://hal.laas.fr/hal-01370249
Contributeur : Jérémie Guiochet <>
Soumis le : jeudi 22 septembre 2016 - 11:46:24
Dernière modification le : vendredi 23 septembre 2016 - 10:30:24

Fichier

7-SafeComp_2016_Fast_Abstract_...
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01370249, version 1

Collections

Citation

Patric Birr, Martin Hetzer, Simon Petretti. IT security risk analysis and threat mitigation for railway applications. Fast abstracts at International Conference on Computer Safety, Reliability, and Security (SAFECOMP), 2016, Trondheim, Norway. 〈hal-01370249〉

Partager

Métriques

Consultations de la notice

91

Téléchargements de fichiers

59