{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T09:39:30Z","timestamp":1775122770989,"version":"3.50.1"},"reference-count":133,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"7","license":[{"start":{"date-parts":[[2023,7,1]],"date-time":"2023-07-01T00:00:00Z","timestamp":1688169600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2023,7,1]],"date-time":"2023-07-01T00:00:00Z","timestamp":1688169600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,7,1]],"date-time":"2023-07-01T00:00:00Z","timestamp":1688169600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"Consorzio Interuniversitario Nazionale per l'Informatica (CINI) through the Research Project","award":["CA 01\/2021 a.i"],"award-info":[{"award-number":["CA 01\/2021 a.i"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Intell. Transport. Syst."],"published-print":{"date-parts":[[2023,7]]},"DOI":"10.1109\/tits.2023.3254442","type":"journal-article","created":{"date-parts":[[2023,3,16]],"date-time":"2023-03-16T17:56:46Z","timestamp":1678989406000},"page":"6764-6779","source":"Crossref","is-referenced-by-count":53,"title":["Railway Cyber-Security in the Era of Interconnected Systems: A Survey"],"prefix":"10.1109","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1024-9470","authenticated-orcid":false,"given":"Simone","family":"Soderi","sequence":"first","affiliation":[{"name":"IMT School for Advanced Studies Lucca, Lucca, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2889-2309","authenticated-orcid":false,"given":"Daniele","family":"Masti","sequence":"additional","affiliation":[{"name":"IMT School for Advanced Studies Lucca, Lucca, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9408-8773","authenticated-orcid":false,"given":"Yuriy Zacchia","family":"Lun","sequence":"additional","affiliation":[{"name":"Department of Information Engineering, Computer Science and Mathematics (DISIM), University of L'Aquila, L'Aquila, Italy"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1201\/b19472"},{"key":"ref2","volume-title":"Polish Teen Derails Tram After Hacking Train Network","author":"Leyden","year":"2008"},{"key":"ref3","first-page":"1206","article-title":"A study on the on-board centered train control system through ICT convergence","volume-title":"Proc. 12th Int. Conf. Control, Automat. Syst.","author":"Jo"},{"issue":"345","key":"ref4","first-page":"75","article-title":"Council Directive 2008\/114\/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection","volume":"51","year":"2008","journal-title":"Off. J. Eur. Union (OJ)\u2013Legislation L)"},{"key":"ref5","volume-title":"Proposal for a Directive of the European Parliament and of the Council on the Resilience of Critical Entities","year":"2020"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1049\/cp.2014.0983"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/TIE.2014.2386794"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/s13198-019-00778-w"},{"key":"ref9","volume-title":"EN 50126 Railway Applications\u2014The Specification and demonstration of Reliability, Availability, Maintainability and Safety (RAMS)","year":"2018"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.3403\/02534915"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/ETFA.2009.5347258"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/ICONS.2008.48"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/MVT.2017.2736098"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1016\/j.commtr.2022.100078"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1016\/j.scs.2019.101660"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.23919\/CyCon55549.2022.9811081"},{"key":"ref17","volume-title":"Virus Disrupts Train Signals","author":"Niland","year":"2003"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-71368-7_18"},{"key":"ref19","volume-title":"Hackers Breached Railway Network, Disrupted Service","author":"Zetter","year":"2012"},{"key":"ref20","volume-title":"Projekt honeytrain: Aufbau, Durchf\u00fchrung und Ergebnisse [in German]","year":"2015"},{"key":"ref21","volume-title":"Simuliertes Zug-Steuersystem HoneyTrain: 2,7 Millionen Angriffe in Sechs Wochen","author":"Scherschel","year":"2015"},{"key":"ref22","volume-title":"KillDisk and BlackEnergy go Beyond Energy Sector","author":"Wilhoit","year":"2016"},{"key":"ref23","volume-title":"Four Cyber Attacks on U.K. Railways in a Year","author":"Cheshir","year":"2016"},{"key":"ref24","article-title":"Germany\u2019s Deutsche Bahn rail operator targeted in global cyberattack","author":"Thomas","year":"2017","journal-title":"Wall Street J."},{"key":"ref25","volume-title":"Ransomware attack on San Francisco public transit gives everyone a Free Ride","author":"Gibbs","year":"2016"},{"key":"ref26","volume-title":"International Cyber Attacks Put Ransoms on German Rail Station Screens","year":"2017"},{"key":"ref27","volume-title":"Virus Attack Targeting Russian Railways Localized","year":"2017"},{"key":"ref28","volume-title":"The Latest: 29,000 Chinese Institutions Hit by Cyberattack","year":"2017"},{"key":"ref29","volume-title":"Swedish transport agencies targeted in Cyber Attack","year":"2017"},{"key":"ref30","volume-title":"Cyber Attack Hits Danish Rail Network","year":"2018"},{"key":"ref31","volume-title":"Hacked Chinese Rail Control System"},{"key":"ref32","volume-title":"STM Says it Refused Hackers\u2019$2.8M Demand in Ransomware Attack","year":"2020"},{"key":"ref33","volume-title":"Montreal\u2019s STM Public Transport System Hit by Ransomware Attack","author":"Abrams","year":"2020"},{"key":"ref34","volume-title":"Ransomware Attack Hits Short Line Rail Operator OmniTRAX","author":"Tabak","year":"2021"},{"key":"ref35","volume-title":"Ransomware Attack Cripples Vancouver Public Transportation Agency","author":"Cimpanu","year":"2020"},{"key":"ref36","volume-title":"TransLink CEO Confirms Ransomware Hack, Says Payment Info Not Compromised","author":"Macmahon","year":"1130"},{"key":"ref37","volume-title":"TransLink Warns Staff Hackers Accessed Personal Banking Information in Cyberattack","author":"Boynton","year":"2020"},{"key":"ref38","volume-title":"Hackers Breach Iran Rail Network, Disrupt Service","year":"2021"},{"key":"ref39","volume-title":"TTC Says Investigation Underway Amid Ransomware Attack","author":"Rocca","year":"2021"},{"key":"ref40","volume-title":"TTC Cyberattack May Have Stolen Information From up to 25K Employees, Former Employees","author":"Patton","year":"2021"},{"key":"ref41","volume-title":"Italy\u2019s State Railway May Have Been Target of Cyber Attack","year":"2022"},{"key":"ref42","volume-title":"The Belarusian Railway Workers Who Helped Thwart Russia\u2019s Attack on Kyiv","author":"Sly","year":"2022"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1177\/09544097221089389"},{"key":"ref44","volume-title":"Railway Applications\u2014Communication, Signalling and Processing Systems\u2014Safety-Related Communication in Transmission Systems,European Committee for Electrotechnical Standardization","year":"2010"},{"key":"ref45","volume-title":"Security for Industrial Automation and Control Systems, International Society of Automation & International Electrotechnical Commission","year":"2009"},{"key":"ref46","volume-title":"Code for Design of Subway, National Standard, Ministry of Construction, People\u2019s Republic China","year":"2003"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1002\/9781119644682"},{"key":"ref48","volume-title":"Operations Control Centers, American Public Transportation Association","year":"2018"},{"key":"ref49","article-title":"Cyber security and resilience of intelligent public transport: Good practices and recommendations","author":"L\u00e9vy-Bencheton","year":"2015"},{"key":"ref50","volume-title":"Railway Signalling Principles","author":"Pachl","year":"2021"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-18744-6_1"},{"key":"ref52","volume-title":"Standard for Communications-Based Train Control (CBTC) Performance and Functional Requirements","year":"2005"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/TITS.2017.2657695"},{"key":"ref54","article-title":"S2R innovation days presentation X2R3-TD2. 8 virtually coupled train sets","volume-title":"Shift2Rail Innovation Days","author":"Schenker"},{"key":"ref55","volume-title":"FFF IS for Eurobalise","year":"2012"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-97955-7"},{"key":"ref57","volume-title":"FRMCS and 5G for Rail: Challenges, Achievements and Opportunities","year":"2020"},{"key":"ref58","volume-title":"TErrestrial Trunked RAdio (TETRA)","year":"2011"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2015.7295465"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053027"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33675-1_22"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-33951-1_4"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1016\/j.csi.2011.02.006"},{"key":"ref64","volume-title":"Information Technology\u2014Security Techniques\u2014Evaluation Criteria for IT Security\u2014Part 1: Introduction and General Model, International Organization for Standardization (ISO) & International Electrotechnical Commission","year":"2009"},{"key":"ref65","volume-title":"ISO\/IEC, Information Technology\u2014Security Techniques\u2014Information Security Management Systems\u2014Requirements","year":"2013"},{"key":"ref66","article-title":"Framework for improving critical infrastructure cybersecurity","author":"Barrett","year":"2018"},{"key":"ref67","article-title":"The open-source security testing methodology manual","author":"Herzog","year":"2010"},{"key":"ref68","volume-title":"Mapping of OES Security Requirements to Specific Sectors","year":"2017"},{"key":"ref69","volume-title":"Rail Cyber Security: Guidance to Industry","author":"DfT","year":"2016"},{"key":"ref70","volume-title":"Guidelines for Cyber-Security Railway","year":"2018"},{"key":"ref71","article-title":"ARGUS project-harnessing asset management to do cyber security to an UIC guideline for railways","author":"Antoni","year":"2018","journal-title":"Congr\u00e8s Lambda Mu 21 \u226aMa\u00eeTrise des Risques et Transformation Num\u00e9rique: 1269Opportunit\u00e9s et Menaces \u226b."},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-33951-1_1"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-56880-5_10"},{"key":"ref74","volume-title":"4SECURail"},{"key":"ref75","article-title":"Safety and security requirements of rail transport system in multi-stakeholder environments","author":"Alexe","year":"2017","journal-title":"deliverable d2.1, CYbersecurity in the RAILway sector (CYRai) EU Project 730843"},{"key":"ref76","volume-title":"X2Rail","year":"2022"},{"key":"ref77","volume-title":"Roll2Rail","year":"2022"},{"key":"ref78","volume-title":"Safe4RAIL","year":"2022"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2018.8433201"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.6028\/nist.sp.800-53r5"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-82r2"},{"key":"ref82","volume-title":"Railway Applications\u2014Cybersecurity, European Committee for Electrotechnical Standardization","year":"2021"},{"key":"ref83","first-page":"1","article-title":"CENELEC prTS 50701 (Railway applications\u2014CyberSecurity)","volume-title":"Proc. Cybersecurity Railways","author":"Schlehuber"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW.2017.63"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1002\/9781119601951"},{"key":"ref86","volume-title":"Common Vulnerabilities and Exposures (CVE)","year":"2022"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-03421-4_24"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.1109\/NCA.2018.8548324"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1049\/cp.2012.1521"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-70852-8_12"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101837"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.58346\/JOWUA.2022.I4.004"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2014.2371999"},{"key":"ref94","first-page":"284","article-title":"PAIDEUSIS: A remote hybrid cyber range for hardware, network, and IoT security training","volume-title":"Italian Conf. Cybersecurity (ITASEC)","author":"Berra"},{"key":"ref95","volume-title":"Ansible","year":"2022"},{"key":"ref96","volume-title":"Cisco Modeling Labs (CML)","year":"2022"},{"key":"ref97","volume-title":"Common Open Research Emulator (CORE)","year":"2022"},{"key":"ref98","volume-title":"Emulated Virtual Environment\u2014Next Generation (EVE-NG)","year":"2022"},{"key":"ref99","volume-title":"Graphical Network Simulator 3 (GNS3)","year":"2022"},{"key":"ref100","volume-title":"Mininet"},{"key":"ref101","volume-title":"MPLS Fundamentals","author":"Ghein","year":"2016"},{"key":"ref102","volume-title":"MPLS in the DCN","year":"2007"},{"key":"ref103","volume-title":"Configuring a Basic MPLS VPN","year":"2020"},{"key":"ref104","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-59608-2_7"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.1109\/TAC.2016.2536707"},{"key":"ref106","doi-asserted-by":"publisher","DOI":"10.1109\/TITS.2021.3058553"},{"key":"ref107","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134631"},{"key":"ref108","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2021.3097156"},{"key":"ref109","doi-asserted-by":"publisher","DOI":"10.1109\/TLT.2021.3091904"},{"key":"ref110","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102381"},{"key":"ref111","doi-asserted-by":"publisher","DOI":"10.1109\/WSC.2007.4419720"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101636"},{"key":"ref113","volume-title":"CyberChallenge.IT","year":"2022"},{"key":"ref114","volume-title":"High Speed Rail\u2014Fast Track to Sustainable Mobility","year":"2018"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1016\/j.cities.2012.06.005"},{"key":"ref116","volume-title":"A Global Vision for Railway Development","year":"2015"},{"key":"ref117","doi-asserted-by":"publisher","DOI":"10.1145\/310889.310919"},{"issue":"12","key":"ref118","first-page":"21","article-title":"Attack trees","volume":"24","author":"Schneier","year":"1999","journal-title":"Dr. Dobb\u2019s J."},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1007\/11734727_17"},{"key":"ref120","first-page":"1","article-title":"Dark clouds on the horizon: Using cloud storage as attack vector and online slack space","volume-title":"Proc. USENIX Secur. Symp.","author":"Mulazzani"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2010.60"},{"key":"ref122","article-title":"The diamond model of intrusion analysis","author":"Caltagirone","year":"2013"},{"key":"ref123","volume-title":"Threat Modeling","author":"Drake","year":"2022"},{"key":"ref124","doi-asserted-by":"publisher","DOI":"10.1109\/W-FiCloud.2016.29"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1016\/j.trpro.2020.03.014"},{"key":"ref126","doi-asserted-by":"publisher","DOI":"10.13052\/jcsm2245-1439.912"},{"key":"ref127","doi-asserted-by":"publisher","DOI":"10.1109\/JAS.2021.1003820"},{"key":"ref128","doi-asserted-by":"publisher","DOI":"10.1109\/JAS.2022.105548"},{"key":"ref129","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2018.12.006"},{"key":"ref130","volume-title":"How Lockheed Martin\u2019s \u2018Kill Chain\u2019 Stopped Securid Attack","author":"Higgins","year":"2013"},{"key":"ref131","article-title":"The industrial control system cyber kill chain","author":"Assante","year":"2015"},{"key":"ref132","volume-title":"IoT and Industrial Security Deep Dive. Recommendations and Best Practices","author":"Albach","year":"2019"},{"key":"ref133","first-page":"80","article-title":"Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains","volume-title":"Leading Issues in Information Warfare and Security Research","volume":"1","author":"Hutchins","year":"2011"}],"container-title":["IEEE Transactions on Intelligent Transportation Systems"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6979\/10175858\/10075050.pdf?arnumber=10075050","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,14]],"date-time":"2024-03-14T03:07:54Z","timestamp":1710385674000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10075050\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7]]},"references-count":133,"journal-issue":{"issue":"7"},"URL":"https:\/\/doi.org\/10.1109\/tits.2023.3254442","relation":{},"ISSN":["1524-9050","1558-0016"],"issn-type":[{"value":"1524-9050","type":"print"},{"value":"1558-0016","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,7]]}}}