by Dr Siraj Shaikh
Modern transport systems and infrastructure are diverse and sophisticated. Securing such infrastructure is increasingly a challenge. A growth in the risk posed by cybercrime and terrorism, and a possible overlap between the two, means that traditional physical measures – from barriers to CCTV – no longer suffice.
Due to the advances in electronic sensors and digital platforms for communication and control, physical security of today provides enhanced capability on the one hand, yet opens up doors for new types of threats on the other. Increasingly integrated and interconnected security operations mean that new attack vectors open up, which when coordinated across the physical and cyber space serve to be a real challenge for the detection and prevention of attacks. The impact of cybercrime hence is over and beyond the electronic domain, with potential for serious physical disruption and violation. Added to this, are challenges of credible and efficient collection of evidence, and preservation of personal privacy (both electronic and physical). The need to respond to this in a manner that is converged across both physical and cyber space hence is greater than ever.
Certain characteristics make modern transport more vulnerable including:
- increasing use of electronic ticketing and fare collection, and passenger information systems,
- threats of fare evasion and violation of access control, with ultimately a vulnerability to fraud and vandalism including public disorder and rioting, and
- mounting privacy concerns, as movement details are highly-valued personal details that passengers are increasingly conscious of, violation of which is highly undesired.
Ticketing systems are vulnerable to forgery and fraud as physical ticket collection mechanisms fall short of detection. Electronic ticket machines are no panacea as they are targeted by card skimming devices. Electronic ticketing itself has suffered serious setbacks, as RFID-based mechanisms are vulnerable to eavesdropping and employing encryption is not effective. More serious attacks target signalling and control infrastructure, as the case in Poland demonstrates resulting in the injury of twelve passengers.
There is a need to converge on security at a system level to address:
- sensing in one domain and responding in another, from cyber to physical or vice versa,
- forensically-aware collection and handling of evidence – critical for prosecution – using a bottom-up approach including from data collection to component-level configuration, and
- optimal deployment of security sensing and controls, informed by risk and cost to maximise operational resilience and effectiveness.