Railway applications - Cybersecurity

This document provides to the railway operators, system integrators and product suppliers, with guidance and specifications  on how cybersecurity will be managed in the context of the EN 50126-1 RAMS lifecycle process. This document aims at the implementation of a consistent approach to the management of the security of the railway systems. This document can also be applied to the security assurance of systems and components/equipment developed independently of EN 50126.
This document applies to Communications, Signalling and Processing domain, to Rolling Stock and to Fixed Installations domains. It provides references to models and concepts from which requirements and recommendations can be derived and that are suitable to ensure that the residual risk from security threats is identified, supervised and managed to an acceptable level by the railway system duty holder. It presents the underlying security assumptions in a structured manner.
This document does not address functional safety requirements for railway systems but rather additional requirements arising from threats and related security vulnerabilities and for which specific measures and activities need to be taken and managed throughout the lifecycle. The aim of this technical specification is to ensure that the RAMS characteristics of railway systems / subsystems / equipment cannot be reduced, lost or compromised in the case of intentional attacks.
The security models, the concepts and the risk assessment process described in this document are based on or derived from IEC 62443 series standards. In particular, this document is consistent with the application of security management requirements contained within the IEC 62443-2-1 and which are based on EN ISO 27001 and EN ISO 27002

Bahnanwendungen - IT-Sicherheit

Applications ferroviaires - Cybersécurité

Železniške naprave - Kibernetska varnost

Ta dokument podaja smernice in specifikacije za upravljavce železniških naprav, integratorje sistemov in dobavitelje izdelkov v zvezi z upravljanjem kibernetske varnosti v kontekstu procesa življenjskega cikla RAMS iz standarda EN 50126-1. Cilj tega dokumenta je uvedba doslednega pristopa k upravljanju varnosti železniških sistemov. Uporabiti ga je mogoče tudi za zagotavljanje varnosti sistemov, komponent in opreme, razvitih neodvisno od standarda EN 50126.
Ta dokument se uporablja za komunikacijo, signaliziranje in obdelavo signalov, železniška vozna sredstva ter fiksne postroje. Vsebuje sklice na modele in koncepte, iz katerih je mogoče izpeljati zahteve oziroma priporočila in ki so primerni za zagotovitev, da oseba, ki je odgovorna za železniški sistem, zmore ustrezno prepoznati, nadzirati in upravljati preostalo tveganje zaradi varnostnih groženj. Osnovne varnostne predpostavke so v tem dokumentu strukturirano predstavljene.
Ta dokument ne obravnava zahtev glede funkcionalne varnosti za železniške sisteme, temveč dodatne zahteve, ki izhajajo iz varnostnih groženj in povezanih ranljivosti ter za katere je treba sprejeti posebne ukrepe in dejavnosti ter jih upravljati skozi celoten življenjski cikel. Namen te tehnične specifikacije je zagotoviti, da značilnosti RAMS železniških sistemov, podsistemov in opreme v primeru namernih napadov ni mogoče zmanjšati, izgubiti ali ogroziti.
Modeli varnosti, koncepti in postopek ocenjevanja tveganja, opisani v tem dokumentu, temeljijo na skupini standardov IEC 62443 oziroma iz nje izhajajo. Ta dokument je zlasti skladen z uporabo zahtev za upravljanje varnosti, ki jih vsebuje standard IEC 62443-2-1 ter ki temeljijo na standardih EN ISO 27001 in EN ISO 27002.

General Information

Status
Published
Publication Date
12-Dec-2023
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
15-Nov-2023
Due Date
20-Jan-2024
Completion Date
13-Dec-2023

Relations

Buy Standard

Technical specification
TS CLC/TS 50701:2024 - BARVE
English language
164 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST-TS CLC/TS 50701:2024
01-januar-2024
Železniške naprave - Kibernetska varnost
Railway applications - Cybersecurity
Bahnanwendungen - IT-Sicherheit
Applications ferroviaires - Cybersécurité
Ta slovenski standard je istoveten z: CLC/TS 50701:2023
ICS:
35.030 Informacijska varnost IT Security
45.020 Železniška tehnika na Railway engineering in
splošno general
SIST-TS CLC/TS 50701:2024 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST-TS CLC/TS 50701:2024

---------------------- Page: 2 ----------------------
SIST-TS CLC/TS 50701:2024


TECHNICAL SPECIFICATION CLC/TS 50701

SPÉCIFICATION TECHNIQUE

TECHNISCHE SPEZIFIKATION August 2023
ICS 35.030; 45.020 Supersedes CLC/TS 50701:2021
English Version
Railway applications - Cybersecurity
Applications ferroviaires - Cybersécurité Bahnanwendungen - Cybersecurity
This Technical Specification was approved by CENELEC on 2023-06-19.

CENELEC members are required to announce the existence of this TS in the same way as for an EN and to make the TS available promptly
at national level in an appropriate form. It is permissible to keep conflicting national standards in force.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Türkiye and the United Kingdom.


European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2023 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
 Ref. No. CLC/TS 50701:2023 E

---------------------- Page: 3 ----------------------
SIST-TS CLC/TS 50701:2024
CLC/TS 50701:2023 (E)
Contents Page
European foreword . 6
Introduction . 7
1 Scope . 8
2 Normative references . 8
3 Terms, definitions and abbreviations . 8
3.1 Terms and definitions . 8
3.2 Abbreviations . 24
4 Railway system overview . 27
4.1 Introduction 27
4.2 Railway asset model 28
4.3 Railway physical architecture model 29
4.4 High-level railway zone model 30
5 Cybersecurity within a railway application lifecycle . 32
5.1 Introduction 32
5.2 Railway application and product lifecycles 32
5.3 Activities, synchronization, and deliverables 32
5.4 Cybersecurity context and cybersecurity management plan 36
5.5 Relationship between cybersecurity and essential functions 36
5.5.1 General . 36
5.5.2 Defence in depth . 36
5.5.3 Security-related application conditions . 37
5.5.4 Interfaces between cybersecurity and design team. 38
5.5.5 Interfaces between the safety and the cybersecurity processes . 38
5.6 Cybersecurity assurance process 41
6 System definition and initial risk assessment . 42
6.1 Introduction 42
6.2 Identification of the system under consideration 43
6.2.1 Definition of the SuC . 43
6.2.2 Overall functional description .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.