Europe's transportation networks remain vulnerable to attack. An EU project helped to close gaps in this area and improve holistic Europe-wide transportation security.

Digital Economy

Transportation networks and infrastructure in Europe have previously suffered security attacks, and they remain vulnerable. Furthermore, Europe's transportation is fully interconnected, meaning that security threats affecting one node potentially affect all. Therefore, the 'Strategic risk assessment and contingency planning in interconnected transport networks' (STAR-TRANS) project aimed to develop a holistic transportation security risk assessment framework. The 11-member consortium ran from November 2009 to April 2012, during which it received EUR 2.1 million in EU funding. The project aimed to formalise the connection between risk incidents, transportation network assets and dependencies between assets. The purpose was to assess the impact of security incidents on the entire European network of transportation networks. Project members set the following specific goals: to establish a common risk-assessment framework, to develop and validate formal risk-assessment language, and to propose a risk-propagation model. Other goals included designing and validating a modelling language and impact assessment tool (IAT), applying the IAT in Athens and Bologna, and disseminating the project's results. To begin, the project reviewed existing vulnerability and risk assessments to identify the most relevant approaches to developing its own framework. The project also typed network assets in terms of security status, leading to identification of the weakest network links. Subsequently, the project developed its risk-assessment framework, which included application procedures and lists of threats, incidents and consequences. STAR-TRANS defined user requirements for the IAT, and created two modelling languages that express security impacts and assessment processes. The IAT was later designed and implemented as a pilot demonstrator. The demonstrations were performed in Athens and Bologna and then evaluated, as was the software. The project also devised exploitation and marketing plans. Dissemination efforts focused on organisations likely to invest in the results. Media included the project website, brochures and fact sheets, which were presented at events, including conferences and workshops. STAR-TRANS work will mainly allow assessment of security threats and impacts affecting Europe's transportation networks. This understanding will help close the security gaps and improve security overall.

Keywords

Transportation, security threat, integrated assessment, risk assessment, contingency planning