NIER Ingegneria è diventata Società Benefit →
en
IT
Ricerca
Ricerca
MARKETS
Automotive Construction and Infrastructures Defence and Aerospace Financial and insurance Food & Beverage Life Sciences Logistics and Transportation Manufacturing Mass Market & Retail Oil & Gas - Chemicals Power & Utilities Public Administration Railway Research Centres
SERVICES
Asset Management Big Data, Analytics & Business Intelligence Business Continuity, Emergency & Security Cybersecurity Design & Modelling Design & safety of construction sites Energy efficiency Health Safety & Environment Integrated Management Systems Project Risk Management RAMS Requirements Management & Verification Research and innovation Risk Assessment Sustainability Tech Products Design & Development Training, instruction and communication Verification, validation and testing Web Technology

IEC cyber-security standard application on railway equipment diagnostic products

SERVICE
Cybersecurity
Verification, validation and testing
MERCATO
Railway
CLIENT Leading company in the railway sector YEAR 2020 - in corso

Brief

Support was requested for the design, planning, definition and execution of the testing of a railway equipment diagnostic product for metro applications on which cyber-security standards were to be applied and tested.

Project challenge

Apply primary cyber-security rules to a railway equipment diagnostic product (virtual machine installed in a Windows 2016 environment) to make it invulnerable to external attacks. Create GPO (Group Policy Object) to strengthen system security. Manage the Cyber Security Platform (CSP – platform installed in a dedicated workstation external to the product to be validated) and its modules:

  • NTP Server (virtual machine for time synchronization);
  • SysLog collector (virtual machine for collecting system logs);
  • Domain controllers (primary and secondary – also virtual machines);
  • Antivirus Server (virtual machine for antivirus management).

Test the product based on its cyber-related and functional requirements.

Solution

NIER meticulously supported the client on the design of the test scenarios to verify the product’s cyber-vulnerability. The aforementioned scenarios are classified into:

  • “WORKGROUP” mode (without Cyber Security Platform);
  • “CSPDOMAIN” mode (with Cyber Security Platform).

In both scenarios, the creation of users is expected. They have a dual classification:

  • First classification:
    • “Local Users” for the “WORKGROUP” mode;
    • “Domain Users” for the “CSPDOMAIN” mode;
  • Second classification:
    • “Admin” users;
    • “Operator” users.

A password policy applies to each user (minimum/maximum password age, minimum password length, password history) together with an account lockout policy (account lockout duration, account lockout threshold, reset account lockout counter) must be applied. Furthermore, each user must belong to one or more specific groups to fulfill the function for which it was conceived.

For domain users in particular, a GPO must be created at the CSP level to enable them to log on to the VM as an Administrator/Operator, either remotely (Remote Desktop Connection) or locally (using KVM technology).

NIER then undertook the planning and execution of the product tests in accordance with its cyber and functional requirements.

Execution phases

FASE 1

Client support phase to design the test scenarios

FASE 2

Drafting of the Requirement Test Plan and Description

FASE 3

Set-up of the test environment

FASE 4

Execution of the cyber tests based on the cyber requirements covered by the applicable tests

FASE 5

Running of functional tests based on the product requirements covered by the applicable tests

FASE 6

Identification and discussion with the client regarding the detected anomalies and unexpected behaviours

FASE 7

Drafting of the Requirement Test Report

Achieved results

NIER helped to achieve the following goals:

  • Making the railway equipment diagnostic product compliant with cyber-security standards;
  • Discovery of product defects, reducing retrofit costs thanks to the timely detection of bugs and anomalies in the development phase.

CASE HISTORIES .

Verification, validation and testing

TEST OF THE AUTOMATIC TRAFFIC CONTROL SYSTEM FOR THE TRAINS OF MILAN'S L1 METRO LINE

Read more
Verification, validation and testing

Validation test of SVP Protocol implementation and assisted recovery of railway interlocking functionality.

Read more
Verification, validation and testing

FUNCTIONAL TESTING ON FIELD SIGNALS FOR THE MODERNISATION OF RAILWAY LINES IN CROATIA AND ROMANIA

Read more

Subscribe our Newsletter .