| 1. |
|
|
| 2. |
|
|
| 3. |
- Kour, Ravdeep, 1981-, et al.
(författare)
-
A cybersecurity approach for improved system resilience
- 2022
-
Ingår i: Proceedings of the 32nd European Safety and Reliability Conference (ESREL 2022). - : Research Publishing Services. ; , s. 2514-2521
-
Konferensbidrag (refereegranskat)abstract
- The ongoing digitalisation of industrial systems is bringing new challenges in managing, monitoring, and predicting the overall reliability performance. The overall reliability of a cyber-physical system, such as railways, is highly influenced by the level of resilience in its inherent digital items. The objective of this paper is to propose a systematic approach, based on an enhanced Cyber Kill Chain model, to improve the overall system resilience through monitoring and prediction. The proposed cybersecurity approach can be used to assess the future cyberattack penetration probabilities based on the present security controls. With the advancement in cybersecurity defensive controls, cyberattacks have continued to evolve through the exploitation of vulnerabilities within the cyber-physical systems. Assuming the possibility of a cyberattack it is necessary to select appropriate security controls so that this attack can be predicted, prevented, or detected before any catastrophic consequences to retain the resilience of the system. Insufficient cybersecurity in the context of cyber-physical systems, such as railways, might have a fatal effect on the whole system availability performance and sometimes may lead to safety risks. However, to improve the overall resilience of a cyber-physical system there is a need of a systematic approach to continuously monitor, predict, and manage the health of the system’s digital items with respect to security. Furthermore, the paper will provide a case-study description in railway sector, which has been used for the verification of the proposed approach.
|
|
| 4. |
- Kour, Ravdeep, 1981-, et al.
(författare)
-
A Human-Centric Model for Sustainable Asset Management in Railway: A Case Study
- 2022
-
Ingår i: Sustainability. - : MDPI. - 2071-1050. ; 14:2
-
Tidskriftsartikel (refereegranskat)abstract
- The ongoing digital transformation is changing asset management in the railway industry. Emerging digital technologies and Artificial Intelligence is expected to facilitate decision-making in management, operation, and maintenance of railway by providing an integrated data-driven and model-driven solution. An important aspect when developing decision-support solutions based on AI and digital technology is the users’ experience. User experience design process aims to create relevance, context-awareness, and meaningfulness for the end-user. In railway contexts, it is believed that applying a human-centric design model in the development of AI-based artefacts, will enhance the usability of the solution, which will have a positive impact on the decision-making processes. In this research, the applicability of such advanced technologies i.e., Virtual Reality, Mixed Reality, and AI have been reviewed for the railway asset management. To carry out this research work, literature review has been conducted related to available Virtual Reality/Augmented Reality/Mixed Reality technologies and their applications within railway industry. It has been found that these technologies are available, but not applied in railway asset management. Thus, the aim of this paper is to propose a human-centric design model for the enhancement of railway asset management using Artificial Intelligence, Virtual Reality, and Mixed Reality technologies. The practical implication of the findings from this work will benefit in increased efficiency and effectiveness of the operation and maintenance processes in railway
|
|
| 5. |
- Kour, Ravdeep, 1981-, et al.
(författare)
-
A Methodology for Cybersecurity Risk Assessment – A Case-study in Railway
- 2022
-
Ingår i: International Journal of COMADEM. - : COMADEM International. - 1363-7681. ; 25:2, s. 5-12
-
Tidskriftsartikel (refereegranskat)abstract
- Digitalisation is changing the railway globally. One of the major concerns in digital transformation of the railway is the increased exposure to cyberattacks. The railway is vulnerable to these cyberattacks because the number of digital items and number of interfaces between digital and physical components in these systems keep growing. Increased number of digital items and interfaces require new methodologies, frameworks, models, concepts, and architectures to ensure the railway system’s resilience with respect to cybersecurity challenges, such as adoption and convergence of Information Technology (IT) and Operational Technology (OT) technology within the railway. This convergence has brought significant benefits in reliability, operational efficiency, capacity as well as improvements in passenger experience but also increases the vulnerability towards cyberattacks from individuals, organizations, and governments. This paper proposes a methodology on how to deals with OT security in the railway signalling using failure mode, effects and criticality analysis (FMECA) and ISA/IEC 62443 security risk assessment methodologies.
|
|
| 6. |
- Kour, Ravdeep, 1981-, et al.
(författare)
-
A review on cybersecurity in railways
- 2022
-
Ingår i: Proceedings of the Institution of mechanical engineers. Part F, journal of rail and rapid transit. - : Sage Publications. - 0954-4097 .- 2041-3017.
-
Forskningsöversikt (refereegranskat)abstract
- Digitalisation is transforming the railway globally. One of the major considerations in digital transformation of any industry including the railway is the increased exposure to cyberattacks. The railway industry is vulnerable to these attacks because since the number of digital items and also number of interfaces between digital and physical components in the railway systems keep increasing. Increased number of items and interfaces require new frameworks, concepts and architectures to ensure the railway system’s resilience with respect to cybersecurity challenges, such as lack of proactiveness, lack of holistic perspective and obsolescence of safety systems exposed to current and future cyber threats landscape. To this date, there are several works carried out in the literature that studied the cybersecurity aspects and its application on railway infrastructure. However, to develop and implement an appropriate roadmap to cybersecurity in railways, there is a need of describing emerging challenges, and approaches to deal with these challenges and the possibilities and benefits of these.Hence, the objective of this paper is to provide a systematic review and outline cybersecurity emerging trends and approaches, and also to identify possible solutions by querying literature, academic and industrial, for future directions. The authors of this paper conducted separate searches through four popular databases, that is, Google Scholar, Scopus, Web of Science and IEEE explore. For the screening process, authors have used keywords with Boolean operators and database filters and identified 90 articles most relevant to the study domain. The analysis of 90 articles shows that majority of the cybersecurity studies lies within the railways are conceptual and lags in application of Artificial Intelligence (AI) based security. Like other industries, it is very important that railways should also follow latest security technologies, trends and train their workforce for cyber hygiene since railways are already in digitalization transition mode.
|
|
| 7. |
- Kour, Ravdeep, 1981-, et al.
(författare)
-
Big Data Analytics for Maintaining Transportation Systems
- 2019
-
Ingår i: Transportation Systems. - Singapore : Springer. ; , s. 73-91
-
Bokkapitel (övrigt vetenskapligt/konstnärligt)abstract
- Big Data Analytics (BDA) is becoming a research focus in transportation systems, which can be seen from many projects within the world. By using sensor and Internet of Things (IoT) technology in transportation system, huge amount of data is been generated from different sources. This data can be integrated, analyzed and visualized for efficient and effective decision-making for maintaining transportation systems. The key challenges that exist in managing Big Data are the designing of the systems, which would be able to handle huge amount of data efficiently and effectively and to filter the most significant information from all the collected data. This chapter will draw attention towards the present scenario and future projections of big data in transportation systems. It also presents big data tools and techniques and then presents one brief case study of BDA in each type of transportation system. In this chapter, a broad overview of Big Data definitions, its history, present, and future prospects are briefed. Several tools and technologies especially for transportation are pointed out for maintaining transportation systems. At the end of the chapter, a definitive case studies on each transportation area is demonstrated.
|
|
| 8. |
- Kour, Ravdeep, 1981-, et al.
(författare)
-
Cybersecurity for Industry 5.0: Trends and Gaps
- 2024
-
Ingår i: Frontiers in Computer Science. - 2624-9898.
-
Tidskriftsartikel (refereegranskat)abstract
- Industry 5.0 promises to revolutionise the industry by focusing on human-centric, sustainability, and resilience empowered by emerging technologies such as Artificial Intelligence (AI) and digitalisation. This paradigm shift is expected to bring significant advancements in sustainability, resilience, productivity, effectiveness, efficiency, customisation, reliability, safety, security, maintainability etc. However, this shift of the industrial paradigm introduces substantial cybersecurity challenges due to the increased attack surface and data sensitivity. Therefore, the objective of this paper is to conduct a thorough literature review of the recent research on cybersecurity in Industry 5.0, highlighting emerging trends, gaps, and potential solutions.To conduct this research, the authors have applied the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) methodology to investigate cybersecurity solutions in Industry 5.0. The findings reveal that conceptual research dominates, with AI, Blockchain, and Internet of Things (IoT) most prevalent but highlights a gap in linking cybersecurity to resilience and sustainability.Furthermore, the paper aims to present trends in cybersecurity research with more relevant results from 2022 to 2024. It conducts a thorough review of the literature, highlighting the evolving landscape of cybersecurity applications in Industry 5.0.
|
|
| 9. |
- Kour, Ravdeep, 1981-, et al.
(författare)
-
Cybersecurity for railways : A maturity model
- 2020
-
Ingår i: Proceedings of the Institution of mechanical engineers. Part F, journal of rail and rapid transit. - : Sage Publications. - 0954-4097 .- 2041-3017. ; 234:10, s. 1129-1148
-
Tidskriftsartikel (refereegranskat)abstract
- With the advancements in and widespread adoption of information and communication technologies in infrastructures, cyber-attacks are becoming more frequent and more severe. Advanced cybersecurity threats with automated capabilities are increasing in such sectors as finance, health, grid, retail, government, telecommunications, transportation, etc. Cyber-attacks are also increasing in railways with an impact on railway stakeholders, e.g. threat to the safety of employees, passengers, or the public in general; loss of sensitive railway information; reputational damage; monetary loss; erroneous decisions; loss of dependability, etc. There is a need to move towards advanced security analytics and automation to identify, respond to, and prevent such security breaches. The objective of this research is to reduce cyber risks and vulnerabilities and to improve the cybersecurity capabilities of railways by evaluating their cybersecurity maturity levels and making recommendations for improvements. After assessing various cybersecurity maturity models, the Cybersecurity Capability Maturity Model (C2M2) was selected to assess the cybersecurity capabilities of railway organizations. The contributions of this research are as follows. First, a new maturity level MIL4 (Maturity Indicator Level 4) is introduced in the C2M2 model. Second, the C2M2 model is adapted by adding advanced security analytics and threat intelligence to develop the Railway-Cybersecurity Capability Maturity Model (R-C2M2). The cybersecurity maturity of three railway organizations is evaluated using this model. Third, recommendations and available standards & guidelines are provided to the three railway organizations to improve maturity levels within different domains. In addition, they are given an action plan to implement the recommendations in a streamlined way. The application of this model will allow railway organizations to improve their capability to reduce the impacts of cyber-attacks and eradicate vulnerabilities. The approach can also be extended to other infrastructures with necessary adaptations.
|
|
| 10. |
- Kour, Ravdeep, 1981-
(författare)
-
Cybersecurity in Railway : A Framework for Improvement of Digital Asset Security
- 2020
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Digitalisation changes operation and maintenance in railways. Emerging digital technologies facilitate implementation of enhanced eMaintenance solutions through utilisation of distributed computing and artificial intelligence. In railway, the digital technology deployment is expected to improve the railway system’s sustainability, availability, reliability, maintainability, capacity, safety, and security including cybersecurity. In digitalised railway, aspects of cybersecurity are essential in order to achieve overall system dependability. Lack of cybersecurity imposes negative impacts on the railways like reputational damage, heavy costs, service unavailability and risk to the safety of employees and passengers.It has been observed, through open access data, that many railway organizations focus on detective measures of security threats with less emphasis on forecasting of cyber-attacks. In order to prepare in advance for cyberattacks, it is essential that Information and Communication Technology (ICT) and Operational Technology (OT) in railways need to undergo continuous updating towards security analytics approach. This approach will help the railways to produce proactive security measures to cyberattacks. In this work, it has been observed that there exists some standards and guidelines related to cybersecurity in railways (e.g. AS 7770- Rail Cyber Security, APTA SS-CCS-004-16, BS EN 50159:2010+A1:2020). These standards and guidelines are proprietary (i.e. either organization-specific or country-specific) and are followed by most of the railway organizations. These proprietary standards and guidelines lack in providing a holistic approach to enable interoperability, scalability, orchestration, adaptability, and agility for railway’s stakeholders. Therefore, there is a need for a generic cybersecurity framework for digitalized railways to facilitate proactive cybersecurity and threat intelligence sharing within the railways. The proposed framework, i.e., Cybersecurity Information Delivery Framework has been developed by integrating existing models, technologies, and standards to minimize the risks of cyber-attacks in the railways. The framework maps different layers of Open System Architecture for Condition-Based Maintenance (OSA-CBM) in the context of cybersecurity to deliver threat intelligence. The framework implements extended Cyber Kill Chain (CKC) and Industrial Control System (ICS) Kill Chain for detecting cyberattacks. The framework also incorporates proposed Railway Defender Kill Chain (RDKC) that enables proactive cybersecurity. Therefore, the proposed framework enables proactive cybersecurity and shares threat intelligence for improving cybersecurity in railways.
|
|
