Conference paper Open Access
Connected and intelligent railway technologies like the European Rail Trac Management System (ERTMS) introduce new risks in cybersecurity. Threat modeling is a building block in security engineering that identifies potential threats in order to define corresponding mitigation. In this paper, we show how to conduct threat modeling for railway security analysis during a development life cycle based on IEC 62443. We propose a practical and efficient approach to threat modeling, extending
existing tool support and demonstrating its applicability and feasibility.