PRICES include / exclude VAT
Sponsored link
!! NEW !!Released: 2021

CLC/TS 50701

Railway applications - Cybersecurity

Format
Availability
Price and currency
English PDF
Immediate download
268.24 USD
Buy including changes
English Hardcopy
in stock
268.24 USD
Buy including changes
Number of Standard:CLC/TS 50701
Category:333555
Released:2021
DESCRIPTION

CLC/TS 50701:2021


This document provides to the railway operators, system integrators and product suppliers, with guidance and specifications on how cybersecurity will be managed in the context of the EN 50126-1 RAMS lifecycle process. This document aims at the implementation of a consistent approach to the management of the security of the railway systems. This document can also be applied to the security assurance of systems and components/equipment developed independently of EN 50126. This document applies to Communications, Signalling and Processing domain, to Rolling Stock and to Fixed Installations domains. It provides references to models and concepts from which requirements and recommendations can be derived and that are suitable to ensure that the residual risk from security threats is identified, supervised and managed to an acceptable level by the railway system duty holder. It presents the underlying security assumptions in a structured manner. This document does not address functional safety requirements for railway systems but rather additional requirements arising from threats and related security vulnerabilities and for which specific measures and activities need to be taken and managed throughout the lifecycle. The aim of this technical specification is to ensure that the RAMS characteristics of railway systems / subsystems / equipment cannot be reduced, lost or compromised in the case of intentional attacks. The security models, the concepts and the risk assessment process described in this document are based on or derived from IEC 62443 series standards. In particular, this document is consistent with the application of security management requirements contained within the IEC 62443-2-1 and which are based on EN ISO 27001 and EN ISO 27002

The price of the Standard included all amendments and correcturs.

Contents
European foreword
Introduction
1 Scope
2 Normative references
3 Terms, definitions and abbreviations
3.1 Terms and definitions
3.2 Abbreviations
4 Railway system overview
4.1 Introduction
4.2 Railway asset model
4.3 Railway physical architecture model
4.4 High-level railway zone model
5 Cybersecurity within a railway application lifecycle
5.1 Introduction
5.2 Railway application and product lifecycles
5.3 Activities, synchronization and deliverables
5.4 Cybersecurity context and cybersecurity management plan
5.5 Relationship between cybersecurity and essential functions
5.5.1 General
5.5.2 Defence in depth
5.5.3 Security-related application conditions
5.5.4 Interfaces between the safety and the cybersecurity processes
5.6 Cybersecurity assurance process
6 System definition and initial risk assessment
6.1 Introduction
6.2 Identification of the system under consideration
6.2.1 Definition of the SuC
6.2.2 Overall functional description
6.2.3 Access to the SuC
6.2.4 Essential functions
6.2.5 Assets supporting the essential functions
6.2.6 Threat landscape
6.3 Initial risk assessment
6.3.1 Impact assessment
6.3.2 Likelihood assessment
6.3.3 Risk evaluation
6.4 Partitioning of the SuC
6.4.1 Criteria for zones and conduits breakdown
6.4.2 Process for zones and conduits breakdown
6.5 Output and documentation
6.5.1 Description of the system under consideration
6.5.2 Documentation of the initial risk assessment
6.5.3 Definition of zones and conduits
7 Detailed risk assessment
7.1 General aspects
7.2 Establishment of cybersecurity requirements
7.2.1 General
7.2.2 Threat identification and vulnerability identification
7.2.3 Vulnerability identification
7.2.4 Risk acceptance principles
7.2.5 Derivation of SL-T by explicit risk evaluation
7.2.6 Determine initial SL
7.2.7 Determine countermeasures from EN IEC 62443-3-3
7.2.8 Risk estimation and evaluation
7.2.9 Determine security level target
7.2.10 Cybersecurity requirements specification for zones and conduits
8 Cybersecurity requirements
8.1 Objectives
8.2 System security requirements
8.3 Apportionment of cybersecurity requirements
8.3.1 Objectives
8.3.2 Break down of system requirements to subsystem level
8.3.3 System requirement allocation at component level
8.3.4 Specific consideration for implementation of cybersecurity requirement on components
8.3.5 Requirement breakdown structure as verification
8.3.6 Compensating countermeasures
9 Cybersecurity assurance and system acceptance for operation
9.1 Overview
9.2 Cybersecurity case
9.3 Cybersecurity verification
9.3.1 General
9.3.2 Cybersecurity integration and verification
9.3.3 Assessment of results
9.4 Cybersecurity validation
9.5 Cybersecurity system acceptance
9.5.1 Independence
9.5.2 Objectives
9.5.3 Activities
9.5.4 Cybersecurity handover
10 Operational, maintenance and disposal requirements
10.1 Introduction
10.2 Vulnerability management
10.3 Security patch management
10.3.1 General
10.3.2 Patching systems while ensuring operational requirements
Annex A (informative) Handling conduits
Annex B (informative) Handling legacy systems
Annex C (informative) Cybersecurity design principles
Annex D (informative) Safety and security
Annex E (informative) Risk acceptance methods
Annex F (informative) Railway architecture and zoning
Annex G (informative) Cybersecurity deliverables content
Bibliography
Figures
Figure 1 — Segregation of IT and OT
Figure 2 — Railway asset model (example)
Figure 3 — Railway physical architecture model (example)
Figure 4 — Generic high-level railway zone model (example)
Figure 5 — Defence in depth with example of measures
Figure 6 — Relationship TRA and SA
Figure 7 — Initial risk assessment flowchart
Figure 8 — Detailed risk assessment flowchart
Figure 9 — Explicit risk evaluation flowchart
Figure 10 — Handling of SL-C
Figure 11 — Cybersecurity assurance
Figure 12 — Cybersecurity case concept
Figure 13 — Cybersecurity assurance during integration and validation activities
Figure 14 — General vulnerability handling flowchart
Figure 15 — Vulnerability and outage time during system update (maintenance phase) [example]
Figure 16 — Vulnerability and outage time during system update with observation phases [example]
Figure A.1 — Zones and conduits example
Figure D.1 — Security as an environmental condition for safety
Figure F.1 — Adopted generic high-level railway zone model (example)
Figure F.2 — Example of a railway system zone model
Tables
Table 1 — Security-related activities within a railway application lifecycle (EN 50126-1)
Table 2 — Examples of function related supporting assets in regard to the defence in depth layers
Table 3 — Qualitative Impact Assessment example
Table 4 — Likelihood assessment matrix – Example
Table 5 — Risk matrix example
Table 6 — System Security Requirements and Foundational Classes
Table E.1 — Risk acceptance categories acc. EN 50126-1
Table E.2 — Mapping severity categories acc. EN 50126-1 to cybersecurity severity
Table E.3 — Likelihood assessment criteria
Table E.4 — Mapping Likelihood to accessibility and Probability
Table E.5 — Impact assessment matrix – Example 2
Table E.6 — Likelihood assessment matrix – Example 2
Table E.7 — Risk acceptance matrix – Example 2
Table E.8 — Impact assessment matrix – Example 3
Table E.9 — Likelihood assessment matrix – Example 3
Table E.10 — Likelihood conversion table – Example 3
Table E.11 — Risk acceptance matrix – Example 3
Table E.12 — Risk Severity / Mitigation matrix – Example 3
Table F.1 — Railway system glossary
Table F.2 — Example – Evaluating groups of criticalities for landside-landside communication
Table F.3 — Example – Zone criticality definition for landside-landside communication
Table F.4 — Example – Landside-landside communication matrix basic structure
Table F.5 — Example – Communication matrix - landside to landside
Table F.6 — Example – Rolling stock zone model
Table F.7 — Example – Communication matrix - rolling stock to rolling stock
Table F.8 — Example – Communication matrix - landside to rolling stock
Table F.9 — Example – Communication matrix - rolling stock to landside

Related products
English PDF
Immediate download
197.65 USD
English Hardcopy
in stock
197.65 USD