Secure Rail Education
Tuesday April 24
Due to the threat of terrorism all over the world, transit agencies have become targets of terrorists to cause mass casualty. This panel will discuss ways to secure systems for mass casualty weapons such as bombs and guns with minimal interference to the ridership flow through the system. The ultimate goal of this panel discussion will be how to make our transit systems in the US safer with the potential threats.
Alfredo Perez, President Perez Consulting LLC
1. Present a passenger screening technology and concept of operations for a rail system
2. Discuss how to make rail operations more efficient in protecting against mass casualty weapons such as bombs and guns
3. Understand how to create a more secure system without impacting the traffic flow of the ridership
4. Learn how to involve the public in the passenger screening process
View session: Passenger Screening for Rail Agencies
In response to the growing need for training that bridges the gap between tactical and hazardous materials operations, SERTC has developed programs that help Tactical Law Enforcement officers operate safely and successfully in a unique Tactical HazMat/ WMD environment. This session will expand upon the training needed when responding to a tactical Incident involving passenger rail transportation in the Hazmat/WMD area
Steve McDowell, Instructor Security and Emergency Response Training Center (SERTC)
1. Identify skillsets and provide training when responding to a tactical incident involving passenger rail transportation in the Hazmat/WMD area
2. Identify training deficiencies through past incidents and provide lessons learned on the changes to conventional approach
3. Give the appropriate utilization of tactical decontamination
4. Discuss unique challenges posed by passenger rail transportation
View session: Tactical Hazmat Operations in Surface Transportation
This presentation will go into the present threat profile for Rail Transit Vehicles, and how the Control and Communications Security Working Group (CCSWG) of the American Public Transportation Association (APTA) is evolving consensus standards to meet these threats with representatives from transit agencies, consultants, and car builders.
David Teumim, President Teumim Technical, LLC
1. How modern rail car communications offer an increased attack surface for intruders.
2. What rail cybersecurity standards have already been published by the CCSWG Working Group
3. CCSWG philosophy on improving rail car cyber defenses
4. The role of the NIST Cybersecurity Framework in creating new CCSWG standards
View session: Cybersecurity Standards for Rail Transit Vehicles
In this session, learn how to take on the top concerns for cloud adoption regarding security and data protection for all applications and workloads. Hear how successful organizations large and small have implemented and manage consistent security policies to identify threats with automation, analytics, and intelligent technologies across the hybrid data center. Watch a demonstration of Oracle Identity Security Operations Center (Oracle Identity SOC) capabilities that help organizations prevent, detect, respond to, and predict today’s innovative security threats.
Troy Kitch, Sr. Director of Product Marketing and GTM, Security Cloud Business Group Oracle
1. Discuss the shared security responsibility model
2. Identify top cloud threats facing organizations
3. Learn to prevent, detect, respond and predict today's innovative threats
You absoutely have to secure your remote technology and facilities. But how do you start? What direction will improve your bottom line, and what will doom you to failure? Learn how to establish 7x24 situational awareness over all of your remote telecom assets. See how this has paid dividends for Alaska Railroad and how you can achieve similar gains. Brian explains the strategies that he has used to build an intelligent monitoring infrastructure at his company. He'll show you how to choose what you need to monitor and what kinds of equipment will get the job done.
1. Learn how to boost security by maintaining 7x24 remote visibility of technology at unmanned facilities
2. Explain how to conquer challenging environments including extreme cold that takes equipment offline and sites that are virtually inaccessible for much of the year
3. Find out how your security goals can drive bottom-line improvements throughout the company stopping not only expensive security breaches but also service downtime and equipment damage
4. Learn how to correctly navigating a few early decisions will lead you to a flexible, customized and resilient monitoring infrastructure
Recently, a regional commuter carrier rail service had improvements made to their overall physical and cybersecurity after undergoing a vulnerability assessment performed by RPI Group. The assessment is based on NIST framework and previous DoD experience. Getting to this successful result required an identified need, funding for the project and the ability to implement the required changes. This case study will be presented from three different perspectives: risk mitigation, management and implementation. Representatives from RPI Group will discuss how participants working together led the team to success with this type of project, plus touch on the problems faced and how such problems were overcome for a successful result.
1. Define vulnerability assessments
2. Learn the process behind security improvements
3. Explain the problems faced and how such problems were met with solutions
4. Discuss what happens after a vulnerability assessment is performed
View session: What Happens After the Assessment? A Case Study
Physical security needs more than mere monitoring with latent human response wherein the consequences of an attack have already occurred. Artificial Intelligence can enable rail carriers to meet physical security requirements via advanced technologies using intelligent sensors and cameras, high-speed network communications, and to detect and respond with non-lethal deterrents. In this session, you'll learn how AI can be an active security defense.
1. Understand that physical threats, vulnerabilities and potential consequences of attacks on rail infrastructure is real and growing
2. Learn how AI security systems defeat adversaries in real time by disrupting their OODA loops
3. Disucss the basic design considerations of AI driven railway security systems equipped with non-lethal counter measures for use in safely neutralizing attacks
4. Identify artificial intelligence driven processing and communication design considerations and requirements
Railroad worker protection and a reliable, safe rail network is not necessarily a balancing act. Both go together. New technologies like video inspection of track and automated overhead wire inspection enable to execute inspections in an office environment, improving safety of railroad workers and quality of the rail network.
Ellen Linnenkamp , Managing Director Strukton Rail North America
1. Identify how to work securely and safely
2. Dicuss how to use new technology to minimize (unnecessary) worker’s time in track, thus minimize potential accidents/collisions
3. Highlight how to minimize the animosity between Operations and Maintenance of Way and improve track worker and passenger safety
4. Understand how to optimally secure assets
The elevated threat landscape has changed the way rail executives approach planning and operations. This panel will discuss the impacts of the elevated threats on the industry, and how DHS and DOD approved Modeling & Simulation and Executive Dashboard technologies are being implemented to support executives make risk informed decisions during the planning process and during real-time operations.
Jeff Brown, Senior Vice President ARES Security Corporation
Jake Breechen, Founder/CTO Confluence Security Group
Scott Carns, Vice President of Operations Duos Technologies, Inc.
Alfredo Perez, President Perez Consulting LLC
1. Provide an overview of the threats facing the industry and how they impact long term planning and day to day operations
2. Understand how DOD and DHS approved modeling and simulation technology is being used to support risk informed decision making during the planning process by rail executives
3. Discuss how DHS approved executive dashboard technology is being used to support real-time risk informed decision making during day to day operations by rail executives
4. Explain the adoption of modeling and simulation and executive dashboard technologies will reduce risk and enhance operational efficiency for the industry
To comply with new security regulations, transit agencies are taking steps to protect their systems from terrorist attacks utilizing integrated, risk-informed, performance-based systems approaches to managing vulnerabilities. This presentation deatils Security-Oriented Design Methodologies and principles being implemented on the Atlanta Streetcar to meet 21st Century Security Challenges.
1. Review federal safety and security regulatory policy
2. Describe the strategy and implementation of security oriented design methodologies
3. Highlight security-oriented design principals
4. Detail threat and vulnerability assessments
Critical infrastructure asset owners have been putting excessive trust on traditional perimeter protection with firewalls as a single line of defense. Recent events and modern threats require us to advance that concept. There are concrete examples that show one-way gateway approach is a proven and reliable solution that improves the traditional first line of defense and provides additional protection to rail automation applications and other critical infrastructure assets.
Leandro Pfleger de Aguiar, Senior Key Expert - Cyber Security Siemens Corporation
1. Present an alternative and trustworthy solution utilizing a one-way gateway
2. Highlight the defense-in-depth strategy
3. Discuss the trend of using firewalls as a single line of defense
Our civilization as we know it, would not be possible without the use of hazardous materials. Nitrates improve our soils, hydrocarbons fuel our automobiles, create structural materials and warm our homes. Today, people that seek to harm others can use hazardous materials as weapons, potentially injuring many. A rented truck can create a terrorist event, injuring and killing innocent people. Add a trailer or railcar of chemicals and the event is multiplied exponentially, with effects reaching well beyond the point of initiation. This presentation will introduce the audience to methods that reduce the likelihood your HM shipments will be compromised.
Wendy Buckley, President & Founder Specialty Transportation and Regulatory Services (STARS)
1. Discuss regulatory compliance
2. Highlight asset protection, personnel protection and public safety
3. Introduce methods that reduce the likelihood your HM shipments will be compromised
Wednesday April 25
Agency's should understand their approach to security risk and how it reflects their security risk tolerance. Security assessments should reflect an Agency's risk tolerance, rather than the risk tolerance of individuals within the Agency or the consultants that support the Agency. Establishing this requires input and support from top management. Risk tolerance is established by reviewing Agency priorities, community expectations, political considerations and cultural norms.
Lurae Stuart, Manager, System Safety and Security, Transit & Rail WSP
1. Identify how to assess an agency's risk tolerance
2. Understand a risk based approach to Security
3. Discuss security risk tolerance
View session: Security Risk Tolerance
RazorSecure is one of the leaders in the EU protecting passengers and trains from a cyber attack. The EU has introduced new cyber regulations for rail that have fines of up to 4% of global annual revenues. The case study is how one of the leading train operating companies in the EU has chosen the RazorSecure cyber solution for their digital trains. The case study will expand on the procurement process, the integration with the mobile comms gateway suppliers, Icomera, and the challenges of pen testing, trials, and the results of the additional protection. Applicable to freight and passenger trains.
Alex Cowan, Founder Razor Secure Ltd
1. Identify ways to protect people from cyber attacks
2. Present a case study with a leading rail operator in the UK
3. Understand the impact of the new EU cyber regulations for rail
4. Discuss how to protect the train and the on-train systems
View session: Cybersecurity for Rail - A Case Study
Ten years ago, the Internet of Things (IoT) had little meaning within the offices of transportation authorities around the world. By 2020 the IoT will be a 20 billion-device monster growing exponentially. As will the cyber vulnerabilities from being constantly connected to the outside world. Every agency faces the same overwhelming question: How do we secure our operations?
Many cybersecurity vendors are saying they have the solution with their next-gen monitoring tool. Unfortunately, due to the ever-evolving nature of the IoT and threats to it, it’s not that simple. We have to fully grasp the risks involved and the consequences to continuity of operations and safety of life. There are already plenty of examples in various critical infrastructure industries to draw from, including rail.
Do we truly understand the challenges of securing rail operations today? What methods and data are available to secure modern transit networks? What does cybersecurity monitoring really mean? What data is collected? How can it be correlated? How can it be used to track and eliminate threats?
Justin Smith, Sr. Manager, Cybersecurity Engineering Rockwell Collins
1. Explain the three levels of data which can be monitored for cyber-indicators within a industrial control or safety environment
2. Discuss how to correlate data from the three different levels together to reconstruct an attack and trace its path
3. Understand how data can be received from field/SCADA devices (PLC's, RTU's and etc.), cybersecurity devices (firewalls, IPS/IDS, SIEM) and computer systems to better an organization's chances of recognizing indicators of compromise (IOCs)
View session: Cybersecurity Monitoring in Modern Transit
All organizations face the threat of workplace violence. In the transport sector, robberies—and the aggression accompanies them—make transport employees more likely victims of workplace violence than workers in other sectors. Railway employees face an especially high threat because of the number of public-facing roles they perform, the extended length of time they may spend with customers, and their roles in safekeeping cash as well as passengers who can become hostages. Industry-wide cost-cutting measures also play a role in workplace violence risks in the railway sector.
Stacey Blau, Chief Operating Officer 5326 Consultants, Inc.
1. Understand the wide-ranging risks of workplace violence as well as the risks in the transport sector
2. Discuss workplace violence risks specific to the railway industry and railway employee
3. Identify best practices to prevent a workplace violence incident
4. List best practices to manage a workplace violence crisis
View session: Handling Workplace Violence Risks in the Railway Sector
Today’s industrial systems are increasingly interconnected by advanced communication networks, cybersecurity of such systems are becoming a challenge to the industry. NIST has developed a testbed to study the effects of cybersecurity measures on industrial control systems. The metrics and measurement methodology will help the industry to evaluate the system performance when implementing cybersecurity measures.
In this presentation, we will present the framework we develop to integrate a railroad simulator and cybersecurity tools to perform evaluation on the railroad operation and the metrics we use to measure the operational impact.
We will also discuss the use of cybersecurity tools like behavioral anomaly detection tool and ICS application whitelisting tool in the industrial control system environment.
CheeYee Tang, Electronics Engineer NIST
1. Explain NIST’s testbed to study the effects of cybersecurity measures on train operation
2. Present metrics and methodology to measure operational impacts when implementing cybersecurity measures
3. Discuss example cybersecurity tools like behavioral anomaly detection and ICS application whitelisting in industrial environment
4. Describe the NIST publication, “Cybersecurity Framework Manufacturing Profile”
This presents Defense-In-Depth as a recommended approach for securing rail communications and control systems, defines security zone classifications, and defines a minimum set of security controls for the most critical zones. We will discuss a survey of the various systems that constitute a typical control and communication network, methods of separation, conceptual architecture, migration strategy and a best practices investigation of other transit agencies.
Jeff McCormack, AVP Technical Leader / Sr program Manager AECOM
1. Give a recommended approach for securing rail communications and control systems
2. Identify a minimum set of security controls for the most critical zones
3. List methods of separation, conceptual architecture and migration strategy
Operational environments are increasingly connected to traditional information technology systems. While the benefits can be substantial, combining physical and cyber worlds can bring severe safety and security risks. As operational environments become more IT-driven, organizations are encountering not just a technology challenge, but also a people challenge.
1. Understand what is being connected to internet
2. Disucss the impact on safety, security and reliability
View session: Connected Operations: What to Consider
Bridge Asset Management, based on a degradation model, is a critical tool for entities responsible for the repair and rehabilitation of bridges within their jurisdiction. Bridges commonly show signs of distress due to aging, improper repair, rehabilitation, or lack of proper maintenance. Extending the useful service life of aging bridges is important both to the transportation industry and to governing bodies.
Currently, the greatest problem facing the transportation industry is the degradation of structural components of bridges resulting from both normal deterioration as well as natural disasters. The overuse of bridges beyond their useful service life coupled with improper bridge asset management has exacerbated the situation. This presentation will cover degradation models and demonstrate how the data can be used to develop life cycle models, failures can be directly correlated to changes over time in measurable structural parameters, thus enabling the extrapolation of data to predict when failure is likely to occur.
Avinash Prasad, MTA-NYCT
1. Explain why Bridge Asset Management based on a degradation model is a critical tool for entities responsible for the repair and rehabilitation of bridges within their jurisdiction
2. Identify how to use degradation data to develop life cycle models
3. Discuss bridge inspections
Current approaches to trespassing are not working! Despite education, CARE events, twitter feeds, law enforcement blitzes, 411 trespassers died as of 8/2017. In Nevada, the use of alternative trespass abatement methods, such as law enforcement (LE) aviation, LE volunteer groups and the Civil Air Patrol shows promise in reducing trespassing.
Rich Gent, President and Chief Executive Officer Hot Rail, LLC
1. Identify unconventional methods of trespass abatement
2. Discuss the process Nevada applied to introduce, implement, execute and evaluate these new and unique efforts to address the public rail safety and security problem
3. Review reporting procedures, management and how information can be reported to and integrated in a State Fusion Center
4. Determine if unconventional methods can be applied to the future of railroading
View session: Alternative Methods to Railroad Trespass Abatement
In the age of Big Data, commerce relies increasingly upon a river of information that presents opportunities to provide improved services at reduced cost. Combining Big Data with predictive analytics, it is now possible to identify potential customers and customer needs, and to track services and service delivery, in near-to-real time, with an individuality, a precision and an ease that were hardly imaginable only a few years ago.
However the same systems that present the glowing opportunities for product and service improvements are also vulnerable to a wide range of hazards. The presentation will discuss how to exploit the opportunities and manage vulnerabilities in the world of Big Data, predictive analytics, logistics, automation and artificial intelligence. Drawing on real-world examples, this fast-paced presentation discusses various issues in greater detail
1. Understand vulnerabilities and opportunities in providing enhanced services and knowing your legal obligations and exposure
2. Understand how to protect privacy, proprietary data and critical infrastructure in the digital age
3. Identify the dangers of reliance on data-intensive systems
4. Discuss how to establish key security precautions in the age of “Big Data,” predictive analytics, automation and artificial intelligence
With the emergence of IIoT, cloud, analytics, and cybersecurity, sensors and wireless communication devices are generating a large quantity of data, which can be leveraged for operations, maintenance and replacement planning. By connecting different systems and machines, suppliers and rail operators can become more efficient and effective at maintaining their machines, which will result in greater reliability for the end users. This presentation will highlight how emerging IIoT technologies and services that will revolutionize the railway industry and allow for confronting today’s challenges.
Pranav Misal, Research Analyst ARC Advisory Group
1. Explain how suppliers and rail operations can become more efficient and effective at maintaining machines through IIOT
2. Discuss how digitization helps improves operational efficiency
3. Identify asset management services that assist rail operators with effective decision-making to ensure better visibility of the assets
View session: IIoT and Transformation of Railways