Recommended Practice
Securing Control and Communications Systems in Rail Transit Environments
Part II: Defining a Security Zone Architecture for Rail Transit and Protecting Critical Zones
Abstract
This document covers recommended practices for securing control and communication systems in rail transit environments.
Document History
| Document Number | Version | Publication Date | Publication | Related Information |
|---|---|---|---|---|
| APTA SS-CCS-RP-002-13 | 06/28/2013 | Published | Current |
Keywords
communications based-train control (CBTC), control and communications security, cybersecurity, positive train control (PTC), radio, rail transit vehicle, SCADA (supervisory control and data acquisition), train control, signalling
Summary
This Recommended Practice is Part-II in a series of documents to be released. Part-I released in July 2010 addresses the importance of control and communications security to a transit agency, provides a survey of the various systems that constitute typical transit control and communication systems, identifies the steps that an agency would follow to set up a successful program, and establishes the stages in conducting a risk assessment and managing risk. Part-II presents Defense-In-Depth as a recommended approach for securing rail communications and control systems, defines security zone classifications, and defines a minimum set of security controls for the most critical zones, the, SAFETY CRITICAL SECURITY ZONE (SCSZ) and the FIRE, LIFE-SAFETY SECURITY ZONE (FLSZ). Later parts will cover recommended practices for less critical zones, the rail vehicles, and provide other guidance for a transit agency.
Get Involved
Want to participate in development of this document? Join the Working Group or Learn More
Related Documents
|
