The security of IoT systems in railway transport
Abstract
The widespread adoption of Internet of Things (IoT) devices in the railway industry is creating new cybersecurity challenges. These devices, which collect and transmit data on train movements, infrastructure and passengers, can be vulnerable to cyberattacks, which can lead to disruption of operations, security threats or compromise of sensitive data. A wide range of potential threats have been described, such as unauthorised access, data misuse and denial of service (DoS) attacks. These threats can have serious consequences, such as train accidents, data theft, or disruption of supply chains. The article is devoted to the study of the cybersecurity aspects of IoT systems in railway transport and the identification of the necessary measures to ensure the safety and reliability of these systems. Potential threats to IoT on the railway, including vulnerabilities of network devices and insufficient protection of network traffic, are considered. Simple and effective cybersecurity measures are proposed, including authentication and authorisation of IoT devices, network connection protection, and monitoring of potential threats. Threat modeling using the Microsoft Threat Modeling Tool allowed us to identify the main security issues and propose solutions. The conclusions of the article emphasise the importance of investing additional resources in ensuring the cybersecurity of IoT systems in railway transport and recommend active cooperation with experts in this field for the successful implementation of digital transformation in the railway industry.
Keywords