A Resilience-Based Security Assessment Approach for CBTC Systems

With the rapid development of urban rail transit systems, large amounts of information technologies are applied to increase efficiency of train control systems, such as general computers, communication protocols, and operation systems. With the continuous exposure of information technology vulnerabilities, security risks are increasing, and information is easy to use by malicious attackers, which can bring huge property and economic losses. The communication-based train control (CBTC) system is the most important subsystem of urban rail transit. The CBTC system ensures safe and efficient operation of trains, so the quantitative assessment of cyber security is quite necessary. In this paper, a resilience-based assessment method is proposed to analyze the security level of CBTC systems based on indicators of both the cyber domain and the physical domain. The proposed method can demonstrate the robustness and recovery ability of CBTC systems under different security attacks. Based on the structural information entropy, the fusion of different indicators is achieved. Two typical attacking scenarios are analyzed, and the simulation results illustrate the effectiveness of the proposed assessment approach.