CLC/TS 50701:2021
(Main)Railway applications - Cybersecurity
Railway applications - Cybersecurity
This document provides to the railway operators, system integrators and product suppliers, with guidance and specifications on how cybersecurity will be managed in the context of the EN 50126-1 RAMS lifecycle process. This document aims at the implementation of a consistent approach to the management of the security of the railway systems. This document can also be applied to the security assurance of systems and components/equipment developed independently of EN 50126. This document applies to Communications, Signalling and Processing domain, to Rolling Stock and to Fixed Installations domains. It provides references to models and concepts from which requirements and recommendations can be derived and that are suitable to ensure that the residual risk from security threats is identified, supervised and managed to an acceptable level by the railway system duty holder. It presents the underlying security assumptions in a structured manner. This document does not address functional safety requirements for railway systems but rather additional requirements arising from threats and related security vulnerabilities and for which specific measures and activities need to be taken and managed throughout the lifecycle. The aim of this technical specification is to ensure that the RAMS characteristics of railway systems / subsystems / equipment cannot be reduced, lost or compromised in the case of intentional attacks. The security models, the concepts and the risk assessment process described in this document are based on or derived from IEC 62443 series standards. In particular, this document is consistent with the application of security management requirements contained within the IEC 62443-2-1 and which are based on EN ISO 27001 and EN ISO 27002
Bahnanwendungen - Cybersecurity
Applications ferroviaires - Cybersécurité
Železniške naprave - Kibernetska varnost
General Information
Relations
Standards Content (Sample)
SLOVENSKI STANDARD
01-september-2021
Železniške naprave - Kibernetska varnost
Railway applications - Cybersecurity
Bahnanwendungen - Cybersecurity
Applications ferroviaires - Cybersécurité
Ta slovenski standard je istoveten z: CLC/TS 50701:2021
ICS:
35.030 Informacijska varnost IT Security
45.020 Železniška tehnika na Railway engineering in
splošno general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
TECHNICAL SPECIFICATION CLC/TS 50701
SPÉCIFICATION TECHNIQUE
TECHNISCHE SPEZIFIKATION
July 2021
ICS 35.030; 45.020
English Version
Railway applications - Cybersecurity
Applications ferroviaires - Cybersécurité Bahnanwendungen - IT-Sicherheit
This Technical Specification was approved by CENELEC on 2021-05-11.
CENELEC members are required to announce the existence of this TS in the same way as for an EN and to make the TS available promptly
at national level in an appropriate form. It is permissible to keep conflicting national standards in force.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2021 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. CLC/TS 50701:2021 E
Contents Page
European foreword . 6
Introduction . 7
1 Scope . 8
2 Normative references . 8
3 Terms, definitions and abbreviations. 8
3.1 Terms and definitions . 8
3.2 Abbreviations .24
4 Railway system overview .26
4.1 Introduction .26
4.2 Railway asset model .27
4.3 Railway physical architecture model .28
4.4 High-level railway zone model .29
5 Cybersecurity within a railway application lifecycle .31
5.1 Introduction .31
5.2 Railway application and product lifecycles .31
5.3 Activities, synchronization and deliverables .31
5.4 Cybersecurity context and cybersecurity management plan .35
5.5 Relationship between cybersecurity and essential functions .35
5.5.1 General .35
5.5.2 Defence in depth .35
5.5.3 Security-related application conditions .36
5.5.4 Interfaces between the safety and the cybersecurity processes .37
5.6 Cybersecurity assurance process .38
6 System definition and initial risk assessment .39
6.1 Introduction .39
6.2 Identification of the system under consideration .40
6.2.1 Definition of the SuC.40
6.2.2 Overall functional description .41
6.2.3 Access to the SuC .41
6.2.4 Essential functions.41
6.2.5 Assets supporting the essential functions .42
6.2.6 Threat landscape .42
6.3 Initial risk assessment .42
6.3.1 Impact assessment.42
6.3.2 Likelihood assessment .43
6.3.3 Risk evaluation .44
6.4 Partitioning of the SuC .45
6.4.1 Criteria for zones and conduits breakdown . 45
6.4.2 Process for zones and conduits breakdown . 45
6.5 Output and documentation . 46
6.5.1 Description of the system under consideration . 46
6.5.2 Documentation of the initial risk assessment . 46
6.5.3 Definition of zones and conduits . 46
7 Detailed risk assessment . 47
7.1 General aspects . 47
7.2 Establishment of cybersecurity requirements . 48
7.2.1 General . 48
7.2.2 Threat identification and vulnerability identification . 49
7.2.3 Vulnerability identification . 51
7.2.4 Risk acceptance principles . 51
7.2.5 Derivation of SL-T by explicit risk evaluation . 53
7.2.6 Determine initial SL . 55
7.2.7 Determine countermeasures from EN IEC 62443-3-3 . 56
7.2.8 Risk estimation and evaluation . 56
7.2.9 Determine security level target . 58
7.2.10 Cybersecurity requirements specification for zones and conduits . 58
8 Cybersecurity requirements . 59
8.1 Objectives . 59
8.2 System security requirements . 59
8.3 Apportionment of cybersecurity requirements . 74
8.3.1 Objectives . 74
8.3.2 Break down of system requirements to subsystem level . 75
8.3.3 System requirement allocation at component level . 75
8.3.4 Specific consideration for implementation of cybersecurity requirement on components . 76
8.3.5 Requirement breakdown structure as verification . 76
8.3.6 Compensating countermeasures . 77
9 Cybersecurity assurance and system acceptance for operation . 78
9.1 Overview . 78
9.2 Cybersecurity case . 79
9.3 Cybersecurity verification . 80
9.3.1 General . 80
9.3.2 Cybersecurity integration and verification . 80
9.3.3 Assessment of results . 82
9.4 Cybersecurity validation . 82
9.5 Cybersecurity system acceptance . 83
9.5.1 Independence . 83
9.5.2 Objectives . 83
9.5.3 Activities . 83
9.5.4 Cybersecurity handover .83
10 Operational, maintenance and disposal requirements .83
10.1 Introduction .83
10.2 Vulnerability management .84
10.3 Security patch management .85
10.3.1 General .85
10.3.2 Patching systems while ensuring operational requirements .86
Annex A (informative) Handling conduits . 89
Annex B (informative) Handling legacy systems . 92
Annex C (informative) Cybersecurity design principles . 98
Annex D (informative) Safety and security .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.