Movable railroad bridges, consisting of lift, bascule, or swing bridges have been used by American rail tracks that cross usable waterways for over a century. Although custom made, movable bridges share many common components and designs. Most of them use weight bearing towers for the movable span using electric or electro-hydraulic systems lift and/or rotate these movable spans. Automated locks hold the bridge in place as soon as the movement stops. The bridge operation, train and ship signaling systems work in synchrony for trains and waterway traffic to be granted safe passage with minimal delay. This synchrony is maintained by using custom-made control systems using Programmable Logic Controllers (PLCs) or Field Programmable Gate Arrays (FPGAs). Controllers located on the movable and the static parts of the bridge communicate using radio and/or wired underwater links sometimes involving marine cables. The primary objective of this paper is to develop a framework to analyze the safety and security of the bridge operating systems and their synchronous operations with railway and waterway systems. We do so by modeling the movable physical components and their control system with the interconnected network system and determine the faults and attacks that may affect their operations. Given the prevalence of attacks against PLCs, FPGAs and controllers, we show a generic way to determine the effect of what if scenarios that may arise due to attacks combined with failures using a case study of a swing bridge.
Typically viewed as competing design approaches, this paper illustrates how claims and personas can be used together in user interface design. Our combined approach is exemplified in the development of a notification system called NotiFly. We introduce the idea of claims-based personas as a design tool in a scenario-based approach. Following a discussion of NotiFly's development, we speculate on the theories that led to the system development and how they might impact HCI design process. Based on the findings encountered during the development of NotiFly, we present direction for future work to better systems like Notifly and notification systems in general.
Advanced Train Control System (ATCS) is a proprietary network protocol that expands the functionality and efficiency of Centralized Traffic Control (CTC) systems, by using radio communications (radio code line) for message delivery. However, end-to-end cyber security issues were not considered during initial design of ATCS in the 1980s. Meanwhile, the landscape of cyber-physical threats and vulnerabilities has changed dramatically over the last three decades. Even though cutting-edge systems like Positive Train Control (PTC) have adopted security properties such as integrity check and encryption methods, major railroads in North America still deploy legacy ATCS standards to maintain their individual CTC system. This paper first illustrated the background and general specifications of ATCS applications in North American railroads. The research team has noticed that few studies have systematically analyzed this topic since the emergence of ATCS, though its applications are still prevailing in the industry. Divided by both vital and non-vital operational scenarios, this paper presented case studies for ATCS-related vulnerabilities. We used a sender-receiver sequencing-based analysis and proposed a consequence-based simulation model to identify and further evaluate the cyber and physical risks under potential cyber-attacks. For the identified risk, the paper evaluated the likelihood based on the practical operational sequences, and recommended potential countermeasures for the industry to improve the security over the specific case. The research concluded that the fail-safe design in the ATCS systems would prevent the exploiting known security vulnerabilities which could result in unsafe train movements. However, the service disruptions under certain speculated attacks need further evaluation. At the end of this paper, we discussed our ongoing work for disruption evaluation in the wake of successful cyber attacks.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.