{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,22]],"date-time":"2026-06-22T21:32:25Z","timestamp":1782163945805,"version":"3.54.5"},"reference-count":110,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"12","license":[{"start":{"date-parts":[[2025,12,1]],"date-time":"2025-12-01T00:00:00Z","timestamp":1764547200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2025,12,1]],"date-time":"2025-12-01T00:00:00Z","timestamp":1764547200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,12,1]],"date-time":"2025-12-01T00:00:00Z","timestamp":1764547200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100010095","name":"R\u00e9gion Hauts-de-France","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100010095","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Intell. Transport. Syst."],"published-print":{"date-parts":[[2025,12]]},"DOI":"10.1109\/tits.2025.3615531","type":"journal-article","created":{"date-parts":[[2025,10,9]],"date-time":"2025-10-09T17:55:24Z","timestamp":1760032524000},"page":"21371-21392","source":"Crossref","is-referenced-by-count":1,"title":["Cybersecurity Standards Across Industries: A Critical Analysis of Current Practices and Future Directions in the Railway Sector"],"prefix":"10.1109","volume":"26","author":[{"ORCID":"https:\/\/orcid.org\/0009-0002-7314-8666","authenticated-orcid":false,"given":"Yasmine","family":"Benghename","sequence":"first","affiliation":[{"name":"CNRS, Heudiasyc UMR 7253, Université de Technologie de Compiégne, Compiégne, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ahmed","family":"Lounis","sequence":"additional","affiliation":[{"name":"CNRS, Heudiasyc UMR 7253, Université de Technologie de Compiégne, Compiégne, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4803-2362","authenticated-orcid":false,"given":"Mohamed","family":"Sallak","sequence":"additional","affiliation":[{"name":"CNRS, Heudiasyc UMR 7253, Université de Technologie de Compiégne, Compiégne, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Walter","family":"Sch\u00f6n","sequence":"additional","affiliation":[{"name":"CNRS, Heudiasyc UMR 7253, Université de Technologie de Compiégne, Compiégne, France"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref1","volume-title":"Transport Threat Landscape of the Transport Sector in the EU","author":"Osi","year":"2023"},{"key":"ref2","volume-title":"List of CCS Class B Systems V4.9","year":"2022"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/ICACIC59454.2023.10435249"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/ICNEWS60873.2024.10730962"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/TIV.2023.3305543"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/ICEIB57887.2023.10170585"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/IAEAC54830.2022.9929574"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/VTC2024-Spring62846.2024.10683152"},{"key":"ref9","volume-title":"Report: Practical Guidance on Cybersecurity, Requirements in Tendering","year":"2023"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.23919\/CISTI58278.2023.10211415"},{"key":"ref11","volume-title":"Sobig Computer Worm: The Biggest Yet","year":"2003"},{"key":"ref12","volume-title":"Errant Antivirus Definition Brings Down Railway Lans","year":"2021"},{"key":"ref13","volume-title":"Railmarket","year":"2022"},{"key":"ref14","volume-title":"Newsweek","year":"2022"},{"key":"ref15","volume-title":"Italy\u2019s State Railway May Have Been Target of Cyber Attack","year":"2022"},{"key":"ref16","volume-title":"Ransomware Attacks on the Transportation Industry 2021","year":"2021"},{"key":"ref17","volume-title":"Tram Hack: How Security Flaws in the Transport System Were Exploited","year":"2008"},{"key":"ref18","volume-title":"BBC","year":"2023"},{"key":"ref19","volume-title":"France\u2019s High-speed Trains Struck By Malicious Acts","year":"2024"},{"key":"ref20","article-title":"ENISA threat landscape 2024","author":"Ardagna","year":"2024"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.3390\/s24248218"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.3390\/su131810176"},{"key":"ref23","volume-title":"Safety Certification Faq","year":"2025"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2023.3244991"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/B978-0-08-102836-0.00015-1"},{"key":"ref26","volume-title":"Nuclear Power Plants-instrumentation and Control Systems Important To Safety-General Requirements for Systems","year":"2011"},{"key":"ref27","volume-title":"Industrial Communication Networks-Requirements for Communication in Safety-Related Systems","year":"2017"},{"key":"ref28","volume-title":"Communication Networks for Safety-Related Systems-Requirements and Guidelines","year":"2006"},{"key":"ref29","volume-title":"Industrial Communication Networks-security for Industrial Automation and Control Systems","year":"2016"},{"key":"ref30","volume-title":"Cyber Security Program for Nuclear Power Reactors","year":"2013"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.6028\/nist.sp.800-82r2"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.6028\/nist.sp.800-53r5"},{"key":"ref33","volume-title":"Dependability Management for Railway Applications","year":"2017"},{"key":"ref34","volume-title":"Regulatory Guide 1.152: Criteria for Use of Computers in Safety Systems of Nuclear Power Plants","year":"2006"},{"key":"ref35","volume-title":"Regulatory Guide 5.71: Cyber Security Programs for Nuclear Facilities","year":"2010"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3121230"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102516"},{"key":"ref38","volume-title":"DO-178C: Software Considerations in Airborne Systems and Equipment Certification","year":"2011"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/dasc.2000.886872"},{"key":"ref40","volume-title":"DO-326A: Airworthiness Security Process Specification","year":"2024"},{"key":"ref41","volume-title":"Do-356a: Airworthiness Security Methods and Considerations","year":"2024"},{"key":"ref42","volume-title":"DO-355A: Information Security Guidance for Continuing Airworthiness","year":"2024"},{"key":"ref43","volume-title":"ARP 4754A: Guidelines for Development of Civil Aircraft and Systems","year":"2010"},{"key":"ref44","volume-title":"ARP 4761: Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment","year":"1996"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1007\/s12198-021-00232-8"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1016\/j.techfore.2020.120102"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1016\/j.micpro.2022.104461"},{"key":"ref48","volume-title":"ISO 26262: Road Vehicles-Functional Safety","year":"2018"},{"key":"ref49","volume-title":"SO\/SAE 21434: Road Vehicles-Cybersecurity Engineering","year":"2021"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1016\/j.vehcom.2022.100548"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3130495"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.103798"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/TITS.2024.3444048"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1057\/s41284-023-00372-7"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/ICNS60906.2024.10550798"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.3390\/designs9010023"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/JSYST.2018.2881017"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.3390\/s22207698"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1177\/09544097221089389"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.3390\/electronics11142181"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1109\/TITS.2023.3254442"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.4203\/ccc.1.17.1"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.34190\/eccws.23.1.2296"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.3850\/978-981-18-2016-8_486-cd"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1155\/2019\/8348925"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-68499-4_1"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW.2017.63"},{"key":"ref68","volume-title":"CLC\/TS 50701:2023, Railway Applications-Cybersecurity","year":"2023"},{"key":"ref69","volume-title":"European Committee for Electrotechnical Standardization","year":"2025"},{"key":"ref70","volume-title":"EN 50126: Railway Applications\u2014The Specification and Demonstration of Reliability, Availability, Maintainability, and Safety (RAMS)","year":"2017"},{"key":"ref71","volume-title":"IEC 62443: Industrial Communication Networks-Network and System Security","year":"2018"},{"key":"ref72","volume-title":"EN 50129: Railway Applications-communication, Signaling, and Processing Systems-safety Related Electronic Systems for Signaling","year":"2018"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.3403\/02247365u"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2023.3309005"},{"key":"ref75","first-page":"1","article-title":"Application of FprTS 50701","volume-title":"Proc. ENISAERA Conf., Cybersecurity Railways","author":"Ciancabilla"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.3403\/30479347"},{"key":"ref77","volume-title":"Railway Applications-cybersecurity","year":"2023"},{"key":"ref78","volume-title":"Directive (EU) 2022\/2555 of the European Parliament and of the Council on Measures for a High Common Level of Cybersecurity Across the Union","year":"2022"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2021.07.008"},{"key":"ref80","volume-title":"Risk Management-Guidelines","year":"2018"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.6028\/nist.sp.800-39"},{"key":"ref82","volume-title":"Information Security, Cybersecurity, and Privacy Protection-information Security Risk Management","year":"2022"},{"key":"ref83","first-page":"1","article-title":"Session 6\u20133-Training on CLC TS 50701-jesus Molina","volume-title":"Proc. 4th ENISA-ERA Conf.","author":"Soriano"},{"key":"ref84","volume-title":"ISO\/IEC 27000 Family","year":"2025"},{"key":"ref85","volume-title":"ISO\/IEC 27001:2022-Information Security, Cybersecurity, and Privacy Protection-Information Security Management Systems-Requirements","year":"2022"},{"key":"ref86","volume-title":"Quality Management Systems-fundamentals and Vocabulary","year":"2015"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1109\/ICITEE49829.2020.9271748"},{"key":"ref88","volume-title":"Cybersecurity Framework","author":"National Institute of Standards","year":"2025"},{"key":"ref89","volume-title":"Executive Order 13636: Improving Critical Infrastructure Cybersecurity","author":"House","year":"2013"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.6028\/nist.cswp.29"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.3390\/jmse12060919"},{"key":"ref92","volume-title":"Guide for Conducting Risk Assessments, NIST Special Publication 800\u201330, Revision 1","year":"2012"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.1109\/LOGISTIQUA.2011.5939444"},{"key":"ref94","volume-title":"Critical Infrastructure Protection (CIP) Reliability Standards","year":"2025"},{"key":"ref95","volume-title":"NERC Standards: NERC CIP Explained for the Energy Sector","year":"2023"},{"key":"ref96","doi-asserted-by":"publisher","DOI":"10.1016\/j.tej.2019.01.018"},{"key":"ref97","volume-title":"Information Technology-Security Techniques-Evaluation Criteria for IT Security","year":"2009"},{"key":"ref98","volume-title":"ISO 31010-Practical Risk Training","year":"2025"},{"key":"ref99","doi-asserted-by":"publisher","DOI":"10.5455\/aim.2019.27.253-258"},{"key":"ref100","volume-title":"Open Worldwide Application Security Project (OWASP)","year":"2024"},{"key":"ref101","volume-title":"Common Vulnerabilities and Exposures (CVE)","year":"2024"},{"key":"ref102","volume-title":"Common Weakness Enumeration (CWE)","year":"2024"},{"key":"ref103","volume-title":"Owasp Internet of Things Project","year":"2018"},{"key":"ref104","volume-title":"Owasp Operational Technology (OT) Security Project","year":"2024"},{"key":"ref105","volume-title":"The Internet of Railway Things Security"},{"key":"ref106","volume-title":"4SECURail-Formal Methods and CSIRT for the European Railway","year":"2020"},{"key":"ref107","volume-title":"CYRail-Cybersecurity in the RAILway Sector","year":"2016"},{"key":"ref108","volume-title":"Safe4RAIL-Safe Architecture for Robust Railway Applications","year":"2016"},{"key":"ref109","volume-title":"X2Rail-Railway Research and Innovation Projects Under Shift2Rail","year":"2025"},{"key":"ref110","volume-title":"Roll2Rail-New Rolling Stock Technologies","year":"2015"}],"container-title":["IEEE Transactions on Intelligent Transportation Systems"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/6979\/11278554\/11197572.pdf?arnumber=11197572","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,5]],"date-time":"2025-12-05T18:41:23Z","timestamp":1764960083000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11197572\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12]]},"references-count":110,"journal-issue":{"issue":"12"},"URL":"https:\/\/doi.org\/10.1109\/tits.2025.3615531","relation":{},"ISSN":["1524-9050","1558-0016"],"issn-type":[{"value":"1524-9050","type":"print"},{"value":"1558-0016","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12]]}}}