Author(s)

JUN YOSHINAGA

Abstract

A new railway sector technical specification for the cybersecurity of railway applications was issued in July 2021 as CENELEC/TS 50701. Until now, the concept of development and design of railway applications related to safety have been based on conformity with functional safety standards such as IEC 62278, IEC 62279, and so on. In this paper, we discuss the new issues caused by the scope overlap of functional safety standards and the scope of CLC/TS and by the difference between the lifecycle span of CLC/TS and the functional safety standards argued from the configuration of some typical railway signalling applications. And it is described that CLC/TS requirements raise some new issues that may need some configuration reformation not only the separation of processing programs and its data and data preparation tools kits ( this is required by IEC 62279) but also it might need to make some configuration changes by manufacturer and its management method changes by infrastructure managers. In addition, we propose a reasonable validation measure based on functional safety and CLC/TS when railway applications have changed such as creating a preliminary plan to achieve satisfying both viewing points at the same time.

Keywords

cybersecurity, CLC/TS 50701, functional safety, operation phase, vulnerability