Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Metrics-Driven Evaluation of Cybersecurity for Critical Railway Infrastructure



Himanshu Neema, Bradley Potteiger, Xenofon Koutsoukos, CheeYee Tang


In the past couple of years, railway infrastructure has been growing more connected, resembling more of a traditional Cyber-Physical System [1] model. Due to the tightly coupled nature between the cyber and physical domains, new attack vectors are emerging that create an avenue for remote hijacking of system components not designed to withstand such attacks. As such, best practice cybersecurity techniques need to be put in place to ensure the safety and resiliency of future railway designs, as well as infrastructure already in the field. However, traditional large-scale experimental evaluation that involves evaluating a large set of variables by running a design of experiments (DOE) may not always be practical and might not provide conclusive results [2]. In addition, to achieve scalable experimentation, the modeling abstractions, simulation configurations, and experiment scenarios must be designed according to the analysis goals of the evaluations. Thus, it is useful to target a set of key operational metrics for evaluation and configure and extend the traditional DOE methods using these metrics. In this work, we present a metrics driven evaluation approach for evaluating the security and resilience of railway critical infrastructure using a distributed simulation framework. An case study with experiment results is provided that demonstrate the capabilities of our testbed.
Proceedings Title
Resilience Week 2018
Conference Dates
August 20-23, 2018
Conference Location
Denver, CO, US


Cybersecurity, Cyber-physical systems (CPS), Industrial control systems (ICS)


Neema, H. , Potteiger, B. , Koutsoukos, X. and Tang, C. (2018), Metrics-Driven Evaluation of Cybersecurity for Critical Railway Infrastructure, Resilience Week 2018, Denver, CO, US (Accessed June 14, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created August 23, 2018, Updated February 9, 2022