Bringing control systems online

Andrew Cooke | 20 May 2015 | Comments

There have been a number of articles in the media recently highlighting the potential risks arising from implementing the European Rail Transport Management System (ERTMS) in the UK. ERTMS is the system that replaces traditional mechanical signalling systems with the IP-enabled systems.

The benefits of implementation are clear as it:

  • creates compatibility with European rail systems; important as increasingly rail journeys begin in the UK but end in Europe
  • brings efficiency with rail routing decisions being made centrally and implemented instantly
  • provides opportunity for greater business continuity with a number of national control centres offering redundancy
  • offers considerable capacity enhancement and much improved asset management and exploitation.

Of course if the control systems are managed across an IP network that is ultimately connected to the Internet then there is risk of compromise. The potential exists for someone to attempt to break in, whether they are hobbyist hackers, disaffected rail users or state-sponsored terrorists. The BBC recently quoted Professor David Stupples of City University pointing out that a hacker could cause a “nasty accident” or “major disruption.”

The vulnerabilities that could compromise ERTMS also threaten control systems managing infrastructure across the world, yet incidents to date have been few and far between. Furthermore control systems are not the only business management systems under threat as the ever growing reach of the Internet of Things (IoT) and Bring Your Own Device (BYOD) policies provide just as great a potential challenge.

Yet these threats and risks can all be mitigated. Good design lies at the heart of good security. While the ERTMS system is already complete, we do still have the opportunity to make sure the design of the systems around it and the way that people interact with them is effective.

An effective cyber security programme needs to be holistic; to consider risk from an organisational perspective. In this context, considering the risks to control systems as well as traditional enterprise IT is absolutely critical.

It also needs to consider employees and employee behaviours. Professor Stupples pointed out the potential impact of a disaffected employee taking maleficent action, yet in reality the consequences of discovery will be a significant deterrent to most. The greater risk is the prospect of unwitting employee behaviours resulting in vulnerabilities that could be exploited by outsiders. An assessment of employee risk should be used to identify particular areas of risk and specific targets for training. Comprehensive communications and training programmes can support this.

Ultimately, we can’t step away from building a more modern, efficient and effective infrastructure out of fear of the consequences. Avoiding a major security breach is a matter of careful threat and risk assessment, thorough vulnerability analysis and implementation of a planned programme of mitigation and protective measures. By embracing this approach we can safely leverage the benefits of implementing the most modern technology.