Cybersecurity in the RAILway sector

Safety and security requirements of rail transport system in multi-stakeholder environments

According the different safety and security levels defined, it will identify and classify the rail functions in term of acceptability in case of disruption from the customer, the rail company and the other stakeholders view.

Communication and Exploitation Plan - Final version

Final version of the exploitation and sustainability strategy plan

Project Quality Assurance Plan

A plan to provide confidence that the project will satisfy the relevant quality standards from both scientific and management point of views

Protection Profiles Specifications

It aims to evaluate existing standards and frameworks related to protection profiles. This includes the Common Criteria (CC, ISO/IEC 15408) and EAL standards, existing projects such as D-MILS, TAPPS and other related projects like MILS-PP, as well as security concepts of related technical areas in the scope of cyber-physical systems. It will include the description of: • The operational environment (combination of threats, assumptions and policies that the components need to enforce) based on the operational scenario identified in WP2 and risk assessments in WP3 as well as identified threats in WP4 • Security objectives for the systems and the operational environment will be derived based on mitigation strategies and countermeasures identified in WP5 • Security functional requirements (SFRs) and security assurance requirements (SARs) will describe security functionality that need to be provided by specific system and evaluation activities to be performed to ensure that security mechanisms in these systems are sufficient and implemented correctly. The protection profiles developed in Task 6.2 will be compared to the security functionality provided by the operational railway system (Task 2.3).

Communication and Exploitation Plan - first version

A comprehensive dissemination strategy for the project will be defined in the document It will define The target audience to which the dissemination activities will be tailored as well as the communication channels to be used for reaching them The schedule of activities to be performed during the duration of the project

4-page Brochure (Project Presentation)

It will be distributed in international security and land transport events

Website and Private Workspace

Project repositoryCreation maintenance and regular updates of a public website wwwcyraileu hosted at UIC widely referenced on search engines and related sites Creation maintenance and regular updates of dedicated private workspace called CYRail in the UIC extranet system to share and stock documents plan meetings and discuss special issues online

Recommendations Brochure

It will include recommendations and lessons learned from the project with possible impact of the project recommendations on relevant existing standardization framework