Freight Rail Security

Freight Rail Security

NCHRP 20-59(48): Effective Practices for The Protection of Transportation Infrastructure From Cyber Incidents Transportation Research Board 94th Annual Meeting January 13, 2015 Ron Frazier, David Fletcher Co-Principal Investigators Key Presentation Take-Away Awareness of this major transportation cybersecurity research initiative Advance look at project deliverables Opportunity to contribute to the research NCHRP 20-59(48) Overview

$300k Research Project Sponsors: NCHRP, TCRP Scope: Cybersecurity of industrial control, transportation control and enterprise data systems Deliverables available Q2 2015 - Executive PP briefing template - Cybersecurity primer/best practices - Cybersecurity webinar Transportation Systems Type Category Highways

Transit Operational Systems Control Systems Advanced Traffic Management System (ATMS) Autonomous Vehicles Road/Weather Systems Traffic Monitoring and Surveillance RR Crossings Train Control System

Highway Signals Advance Traveller Information System (ATIS) Electronic Toll Collection (ETC) Train Signals Communications HVAC/Building Management HVAC Tunnel Ventilation HVAC systems (not integral part, but loss could result in failure of critical systems)

Enterprise Data Systems Business/Revenue/3rd Party systems: Finance, HR, Messaging (email), Archives Driver, Vehicle and Crash systems Asset Management Asset Management Engineering Systems Design, Construction

CADD, Electronic Bidding, Work Zones Track Inspection SCADA Signaling Communications Fare Collection Systems Traction Power Emergency Ventilation System Monitoring (Pumps, Alarms)

Entry/Exit Gates Ticket Vending Machines, Fare Boxes, Fare Validators, Ticket Encoding 4 EFFECTIVE PRACTICES FOR THE P R O T E C T I O N O F T R A N S P O R TAT I O N INFRASTRUCTURE FROM CYBER INCIDENTS EXECUTIVE BRIEFING Cybersecurity Primer Introduction: What is Cybersecurity and Why It Matters to Transportation Section 1 - Top Myths of Transportation Cybersecurity

Section 2 - Risk Management Principles and Risk Management Approaches Section 4 Plans and Strategies, Establishing Priorities, Organizing Roles and Responsibilities Section 5 Transportation Operations Systems Section 6 Countermeasures: Protection of Operational Systems Section 7 Training: Building a Cybersecurity Culture Section 8 Security Programs and Support Frameworks CASE, LLC and WMC, LLC Cybersecurity domains CASE, LLC and WMC, LLC 7 Transportation cybersecurity webinars

60 minute in-depth discussions Cybersecurity risks Countermeasures Resources Tailored for Highways and Transit operations staff Will be conducted 1Q - 2Q 2015 Dates still being negotiated with sponsors. CASE, LLC and WMC, LLC 8 How you can contribute Provide additional cyber incidents Provide additional business case material Provide examples of cyber plans, policies, training, etc. Co-sponsor webinars

CASE, LLC and WMC, LLC 9 Thank You For additional information or to contribute additional material, please contact: Dave Fletcher Co-Principal Investigator, NCHRP 20-59(48) Western Management and Consulting, LLC 505-379-6499 [email protected]

Recently Viewed Presentations

  • Jury Instructions

    Jury Instructions

    Q: In premises liability case, jury advised the bailiff it had a question about Verdict Form B, which allowed a verdict for plaintiff, but reduced the award by plaintiff's comparative fault. A: Without notice to the attorneys, the judge entered...
  • Coloring the Periodic Table - Families

    Coloring the Periodic Table - Families

    Families on the Periodic Table Elements on the periodic table can be grouped into families bases on their chemical properties. Each family has a specific name to differentiate it from the other families in the periodic table.
  • Position-Time and Velocity-Time Graphs

    Position-Time and Velocity-Time Graphs

    What is a velocity-time graph? How do features on one graph translate into features on the other? Distance-Time Graphs Show an object's position as a function of time. x-axis: time y-axis: distance Distance-Time Graphs Imagine a ball rolling along a...
  • Fall in LOVE with your iPad Thoughts on

    Fall in LOVE with your iPad Thoughts on

    Show Off Your iPad. Use Splashtop to control your projector-connected computer wirelessly. Walk around your room while seeing and using your computer on your iPad
  • Chapter 4 Authentication Applications 1 Outline  Security Concerns

    Chapter 4 Authentication Applications 1 Outline Security Concerns

    A Kerberos realm consists of : A Kerberos server, with all user IDs and their passwords in its DB A number of clients, registered with the Kerberos server A number of application servers, sharing a key and registered with the...
  • Unit 1 - Central Bucks School District

    Unit 1 - Central Bucks School District

    Unit 1 What is science. The Scientific Method. ... The Scientific Method. Why is it so important to follow this method? Scientific ideas MUST be testable and repeatable. ... Place 3 marigold seeds together in the soil in the center...
  • Doublethink Is Good

    Doublethink Is Good

    the aggie says asucd is too unselfish "deep throat" is a thoughtcriminal support bush! are your professors un-american liberals? ignorance is strength war is peace freedom is slavery telescreens are plusgood ignorance is strength re-elect bush! a compassionate conservative prevent...
  • American Transcendentalism

    American Transcendentalism

    Romanticism is the name for the literary period that followed the Age of Reason (The Revolutionary Period) in America. ... Edgar Allen Poe with Hawthorne and Melville known as anti-Transcendentalists or Dark Romantics. Had much in common with Transcendentalists.