With increasing cyber-physical systems (CPS) deployed in the railroad industry, corresponding cyber security has become an increasingly crucial issue. Understanding cyber risks and preparing solutions for the worst case scenarios are vitally important. It is also necessary to evaluate system resilience and recoverability under cyber breaches, both qualitatively and quantitatively. In general, the fundamental failsafe design of railroad CPS prevents unsafe train movement in the wake of certain system malfunctions. Therefore, a cyber-attack on the railroad CPS may likely invoke the CPS safe mode, acting as disruptive DoS attacks. This would cause a decline in the railroad's capacity and throughput. In this paper, we envision that DoS attacks are potential sources of rail service disruption, and select the traffic disruption level as the indicator of a railroad CPS system's resilience under DoS attack. In our ongoing research, we launched the development of a simulation model for rail traffic to evaluate the disruption and recoverability. The simulation model is intended to incorporate the potential DoS modeling parameters with railroad network information, observed from many probe points with traffic behavior outputs. Based on preliminary experiments on a single-track unidirectional traffic model, with heterogeneous traffic inputs simulating the mixed traffic pattern, our preliminary model is able to estimate the delay of traffic given the duration of disruption, such as DoS attacks impeding the wireless communication channels of the railroad dispatching system.
展开▼