🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BSI PD CLC/TS 50701:2021

BSI PD CLC/TS 50701:2021

$215.11

Railway applications. Cybersecurity

Published By Publication Date Number of Pages
BSI 2021 164
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Category:

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This document provides to the railway operators, system integrators and product suppliers, with guidance and specifications on how cybersecurity will be managed in the context of the EN 50126-1 RAMS lifecycle process. This document aims at the implementation of a consistent approach to the management of the security of the railway systems. This document can also be applied to the security assurance of systems and components/equipment developed independently of EN 50126. This document applies to Communications, Signalling and Processing domain, to Rolling Stock and to Fixed Installations domains. It provides references to models and concepts from which requirements and recommendations can be derived and that are suitable to ensure that the residual risk from security threats is identified, supervised and managed to an acceptable level by the railway system duty holder. It presents the underlying security assumptions in a structured manner. This document does not address functional safety requirements for railway systems but rather additional requirements arising from threats and related security vulnerabilities and for which specific measures and activities need to be taken and managed throughout the lifecycle. The aim of this technical specification is to ensure that the RAMS characteristics of railway systems / subsystems / equipment cannot be reduced, lost or compromised in the case of intentional attacks. The security models, the concepts and the risk assessment process described in this document are based on or derived from IEC 62443 series standards. In particular, this document is consistent with the application of security management requirements contained within the IEC 62443-2-1 and which are based on EN ISO 27001 and EN ISO 27002

PDF Catalog

PDF Pages PDF Title
2 undefined
10 1 Scope
2 Normative references
3 Terms, definitions and abbreviations
3.1 Terms and definitions
26 3.2 Abbreviations
28 4 Railway system overview
4.1 Introduction
29 4.2 Railway asset model
30 4.3 Railway physical architecture model
31 4.4 High-level railway zone model
33 5 Cybersecurity within a railway application lifecycle
5.1 Introduction
5.2 Railway application and product lifecycles
5.3 Activities, synchronization and deliverables
37 5.4 Cybersecurity context and cybersecurity management plan
5.5 Relationship between cybersecurity and essential functions
5.5.1 General
5.5.2 Defence in depth
38 5.5.3 Security-related application conditions
39 5.5.4 Interfaces between the safety and the cybersecurity processes
5.5.4.1 Principles
5.5.4.2 Possible implementation through high level cybersecurity objectives
40 5.6 Cybersecurity assurance process
41 6 System definition and initial risk assessment
6.1 Introduction
42 6.2 Identification of the system under consideration
6.2.1 Definition of the SuC
43 6.2.2 Overall functional description
6.2.3 Access to the SuC
6.2.4 Essential functions
44 6.2.5 Assets supporting the essential functions
6.2.6 Threat landscape
6.3 Initial risk assessment
6.3.1 Impact assessment
45 6.3.2 Likelihood assessment
46 6.3.3 Risk evaluation
47 6.4 Partitioning of the SuC
6.4.1 Criteria for zones and conduits breakdown
6.4.2 Process for zones and conduits breakdown
48 6.5 Output and documentation
6.5.1 Description of the system under consideration
6.5.2 Documentation of the initial risk assessment
6.5.3 Definition of zones and conduits
49 7 Detailed risk assessment
7.1 General aspects
50 7.2 Establishment of cybersecurity requirements
7.2.1 General
51 7.2.2 Threat identification and vulnerability identification
7.2.2.1 Overview
52 7.2.2.2 Objectives
7.2.2.3 Activities/ Requirement or Recommendation
53 7.2.2.4 Deliverables
7.2.3 Vulnerability identification
7.2.3.1 Overview
7.2.3.2 Objectives
7.2.3.3 Activities / requirement or recommendation
7.2.3.4 Deliverables
7.2.4 Risk acceptance principles
7.2.4.1 General
54 7.2.4.2 Application of codes of practice
7.2.4.3 Reference systems
55 7.2.5 Derivation of SL-T by explicit risk evaluation
57 7.2.6 Determine initial SL
7.2.6.1 Overview
7.2.6.2 Objectives
7.2.6.3 Activities / Requirement or Recommendation
7.2.6.4 Deliverables
58 7.2.7 Determine countermeasures from EN IEC 6244333
7.2.7.1 Overview
7.2.7.2 Objectives
7.2.7.3 Activities / Requirement or Recommendation
7.2.7.4 Deliverables
7.2.8 Risk estimation and evaluation
7.2.8.1 Overview
59 7.2.8.2 Objectives
7.2.8.3 Activities / requirement or recommendation
7.2.8.4 Deliverables
60 7.2.9 Determine security level target
7.2.9.1 Overview
7.2.9.2 Objectives
7.2.9.3 Activities / Requirement or Recommendation
7.2.9.4 Deliverables
7.2.10 Cybersecurity requirements specification for zones and conduits
61 8 Cybersecurity requirements
8.1 Objectives
8.2 System security requirements
76 8.3 Apportionment of cybersecurity requirements
8.3.1 Objectives
77 8.3.2 Break down of system requirements to subsystem level
8.3.3 System requirement allocation at component level
78 8.3.4 Specific consideration for implementation of cybersecurity requirement on components
8.3.5 Requirement breakdown structure as verification
79 8.3.6 Compensating countermeasures
80 9 Cybersecurity assurance and system acceptance for operation
9.1 Overview
81 9.2 Cybersecurity case
82 9.3 Cybersecurity verification
9.3.1 General
9.3.2 Cybersecurity integration and verification
84 9.3.3 Assessment of results
9.4 Cybersecurity validation
85 9.5 Cybersecurity system acceptance
9.5.1 Independence
9.5.2 Objectives
9.5.3 Activities
9.5.4 Cybersecurity handover
10 Operational, maintenance and disposal requirements
10.1 Introduction
86 10.2 Vulnerability management
87 10.3 Security patch management
10.3.1 General
88 10.3.2 Patching systems while ensuring operational requirements
91 Annex A (informative)Handling conduits
A.1 Introduction
92 A.2 Requirements for conduits in IEC 62443
A.3 Protection profiles for conduits
94 Annex B (informative)Handling legacy systems
B.1 Introduction
B.2 Basic security risks
B.2.1 Denial of service attacks and vulnerability exploits
B.2.2 Impersonation attack
95 B.3 Basic process activities
B.3.1 General
B.3.2 Zoning
B.3.3 Defence in depth
96 B.3.4 Basic risk analysis
B.3.5 (Re-)Commissioning
B.3.6 Site acceptance test (SAT)
97 B.3.7 Operation
B.3.8 Training of personnel
B.3.9 Asset inventory
B.4 Basic security countermeasures
B.4.1 General
B.4.2 Protect installation
98 B.4.3 Regular inspection of installation
B.4.4 Closed network / perimeter protection
B.4.5 Network segmentation / restricted data flow
B.4.6 Network monitoring system
B.4.7 Intrusion detection / SIEM
99 B.4.8 Virtual private networks (VPN)
B.4.9 Redundant communication
B.4.10 Security gateway
B.4.11 Handling mobile devices
100 Annex C (informative)Cybersecurity design principles
C.1 Introduction
C.2 Secure the weakest link
102 C.3 Defence-in-depth
104 C.4 Fail secure
105 C.5 Grant least privilege
107 C.6 Economize mechanism
110 C.7 Authenticate requests
111 C.8 Control access
113 C.9 Assume secrets not safe
115 C.10 Make security usable
117 C.11 Promote privacy
118 C.12 Audit and monitor
120 C.13 Proportionality principle
121 C.14 Precautionary principle
123 C.15 Continuous protection
124 C.16 Secure metadata
125 C.17 Secure defaults
127 C.18 Trusted components
129 Annex D (informative)Safety and security
D.1 Introduction
D.2 The differences between safety and security
130 D.3 Security from a safety perspective
D.4 Co-engineering of safety and security
131 D.5 Quantification of security
D.6 The relationship between safety integrity levels and security levels
132 D.7 Responsibility for security
133 Annex E (informative)Risk acceptance methods
E.1 Introduction
E.2 Example based on EN 501261
E.2.1 Introduction
E.2.2 Impact assessment
134 E.2.3 Likelihood assessment
135 E.2.4 Risk acceptance
E.2.5 Justification
E.3 Example method – system integrator
E.3.1 Introduction
136 E.3.2 Impact Assessment
137 E.3.3 Likelihood assessment
138 E.3.4 Risk acceptance
E.3.5 Justification
E.4 Example method – infrastructure manager
E.4.1 Introduction
139 E.4.2 Impact assessment
140 E.4.3 Likelihood assessment
E.4.4 Risk acceptance
141 E.4.5 Justification
142 Annex F (informative) Railway architecture and zoning
F.1 Glossary to railway system overview
144 F.2 Zoning examples
F.2.1 Introduction
145 F.2.2 Landside (fixed installations and signalling)
F.2.2.1 Zone criticality
149 F.2.2.2 Zoning and segmentation
151 F.2.2.3 Communication rules
152 F.2.3 Rolling stock
F.2.3.1 Zone criticality, zoning and segmentation
F.2.3.2 Zone criticality and communication matrix in the rolling stock domain
153 F.2.3.3 Communication rules
155 F.2.4 Communication rules between rolling stock and landside
F.2.4.1 Rolling stock and landside mapping table
158 F.2.4.2 General rules
F.2.4.3 Rules for business IT
F.2.4.4 Rules for operational technology (OT)
160 Annex G (informative)Cybersecurity deliverables content
G.1 Introduction
G.2 Cybersecurity management plan
161 G.3 Cybersecurity case

Related products

BSI PD CLC/TS 50701:2021
$215.11