| Customers: Russian Railways (RR) Product: Consulting projects Second product: Complex projects on information security Project date: 2016/11 - 2017/09
|
The Russian Railway is going to create the system of detection, warnings and mitigations of consequences of the computer attacks (HILL). At the beginning of November, 2016 the company selected the contractor who will develop the general directions and information security policy.[1] will be engaged in It "The center of security of information" (for 9.2 million rubles).
According to the tender documentation, the contractor will have to develop normative and methodical documents for information security management in the systems of the Russian Railway. It is supposed that he will study and will analyze the systems of the Russian Railway regarding their vulnerability and will register that needs to be made for their protection.
The Russian Railway intends to create the corporate center SOPKA. In methodical documents will have to its tasks, questions of the organization, the offer on interaction with the main center State system of detection, prevention and elimination of consequences of computer attacks and also the main threats to data assets of the Russian Railway, an order of identification and elimination of vulnerabilities in the systems of the enterprise, etc. are registered.
In total two companies submitted applications for tender of the Russian Railway: Centre bezopasnosti informatsii LLC (9.2 million rubles) and Eshelon Scientific and Production Association Ltd (3.3 million rubles).
The director of methodology and standardization of Positive Technologies company Dmitry Kuznetsov notes that work of railway transport of the Russian Railway is extremely automated: almost all elements of the railroad − locomotives, shooters, signals, hump yards, etc. − are controlled automatically, the personnel only control work of these elements. The movement of the train is subordinated to the strict diagram which to within a minute defines, in what timepoint in what point of a route there has to be a train and with what speed it should move to this moment.
 | Cyber attack to any element of railway infrastructure can lead to accident or, at best, paralyze transport connection, – Dmitry Kuznetsov explains. |  |
According to information security experts, there are two main groups of problems in protection of the systems of the Russian Railway. The first is connected with their geographically-distributed structure and huge infrastructure, as in any large holding.
| | Security begins with physical security of devices. And to provide the limited physical access on all extent of the railroad - a task difficult, – the leader of the expert in safety of an APCS of Digital Security Egor Litvinov explains TAdviser. | |
Vulnerabilities can be everywhere, often absolutely elementary, experts note. "The same industrial switches which were considered as reliable and "oak" until recently, by more detailed consideration it appears, have some vulnerabilities", – Egor Litvinov says.
"Even if to forget about the attacks from the Internet, malefactors can get access to communication wires on which shooters and signals are controlled, and for control of locomotives the radio communication and GSM is used, – Dmitry Kuznetsov from Positive Technologies explains TAdviser.
At the same time complexity of protection of such enterprise that unlike other productions, the railroad cannot isolate the infrastructure from the outside world, he notes.
Other group of difficulties is connected with existence of a huge number of different subsystems, both foreign, and domestic which are integrated in the unified information system of security of the train, Egor Litvinov says.
| | By trains there are several duplicative security systems, and there were no loud precedents on cyber attacks to trains yet. However, it is more likely not a positive indicator, but a matter of time (malefactors did not reach these systems yet), the majority of the systems applied by trains separately are studied and have the weak points, – the expert explains importance of the similar project. | |
Work on a problem is conducted several years along with the beginning of creation of the nation-wide detection system, warning and mitigation of consequences of the computer attacks, Dmitry Kuznetsov told TAdviser. Based on "Research and design institute of informatization and communication on railway transport" (NIIAS) created the center of cyber security, the sphere of its activity is gradually increased.
| | The output of the similar center at full capacity, taking into account industry scales, will take years, and it is normal, – Dmitry Kuznetsov considers. | |
The IT companies already work on cyber security of railway transport, Dmitry Kuznetsov says. For example, summer of 2016 of Positive Technologies, "the Bombardier Transportation (Signal)" and JSC NIIAS jointly developed an end-to-end system of increase in cybersecurity of microprocessor systems of train dispatching (in more detail about the project). After trial operation a system is going to be applied on objects of the Russian Railway.
When creation of a system from cyber attacks for the Russian Railway can manage, information security experts could estimate, knowing complexity of works. "If to consider the scenario "deliver the point-policeman through each hundred meters along ways", the price will be space. If pro forma to write couple of papers – costs will cost "kopeks". Dispersion quite big", – Egor Litvinov says.
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |