Published May 21, 2019 | Version v1
Conference paper Open

Threat Modeling in the Railway Domain

  • 1. AIT Austrian Institute of Technology GmbH,
  • 2. Thales Austria GmbH
  • 3. Fachhochschule Burgenland GmbH,


Connected and intelligent railway technologies like the European Rail Trac Management System (ERTMS) introduce new risks in cybersecurity. Threat modeling is a building block in security engineering that identifies potential threats in order to define corresponding mitigation. In this paper, we show how to conduct threat modeling for railway security analysis during a development life cycle based on IEC 62443. We propose a practical and efficient approach to threat modeling, extending
existing tool support and demonstrating its applicability and feasibility.



Files (989.8 kB)

Name Size Download all
989.8 kB Preview Download

Additional details


Productive4.0 – Electronics and ICT as enabler for digital industry and optimized supply chain management covering the entire product lifecycle 737459
European Commission
SECREDAS – Cyber Security for Cross Domain Reliable Dependable Automated Systems 783119
European Commission