Critical Incident Response in Rail Control Centers: Research

For the Signal & Telecoms dept. of a major passenger railway, we developed a research report for an executive audience describing at a functional level the command and control systems under their purview, and documented existing incident response procedures and plans for the purposes of a security audit.  At the time, senior leadership were reviewing existing organizational structures, specifically regarding which hardware, software, and network maintenance functions were a core part of railway operations and maintenance, were support functions that belong in corporate I.T., or were performed by outside vendors.  We were successful in establishing and documenting that the operation and maintenance of signal and power control systems, although they utilize certain commodity hardware components, were so tightly integrated with low-level embedded railway operating devices (such as vital interlocking processors, high voltage circuit breakers, and positive train control communication systems) that it would have undue negative impacts on railway operations to have a separate team responsible for their maintenance.  We also demonstrated that the existing critical cyber security incident response procedures were at least as effective as those utilized by corporate I.T. security, and that the system is capable of operating with temporarily degraded functionality without compromising the safety of railway operations.