Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 91) Show all publications
Karim, R. (2020). ePilot 2.0 - Final Report.
Open this publication in new window or tab >>ePilot 2.0 - Final Report
2020 (English)Report (Other (popular science, discussion, etc.))
National Category
Engineering and Technology
Identifiers
urn:nbn:se:ltu:diva-77446 (URN)
Available from: 2020-01-17 Created: 2020-01-17 Last updated: 2020-01-17
Kour, R., Thaduri, A. & Karim, R. (2020). Railway Defender Kill Chain to Predict and Detect Cyber-Attacks. Journal of Cyber Security and Mobility, 9(1), 47-90
Open this publication in new window or tab >>Railway Defender Kill Chain to Predict and Detect Cyber-Attacks
2020 (English)In: Journal of Cyber Security and Mobility, ISSN 2245-1439, E-ISSN 2245-4578, Vol. 9, no 1, p. 47-90Article in journal (Refereed) Published
Abstract [en]

Most organizations focus on intrusion prevention technologies, with lessemphasis on prediction and detection. This research looks at prediction anddetection in the railway industry. It uses an extended cyber kill chain (CKC)model and an industrial control system (ICS) cyber kill chain for detectionand proposes predictive technologies that will help railway organizationspredict and recover from cyber-attacks. The extended CKC model consistsof both internal and external cyber kill chain; breaking the chain at anearly stage will help the defender stop the adversary’s malicious actions.This research incorporates an OSA (open system architecture) for railwayswith the railway cybersecurity OSA-CBM (open system architecture forcondition-based maintenance) architecture. The railway cybersecurity OSA-CBM architecture consists of eight layers; cybersecurity information movesfrom the initial level of data acquisition to data processing, data analysis, inci-dent detection, incident assessment, incident prognostics, decision support,and visualization.The main objective of the research is to predict, prevent, detect, andrespond to cyber-attacks early in the CKC by using defensive controls calledthe Railway Defender Kill Chain (RDKC).The contributions of the research are as follows. First, it adapts and mod-ifies the railway cybersecurity OSA-CBM architecture for railways. Second,it adapts the cyber kill chain model for the railway. Third, it introduces theRailway Defender Kill Chain. Fourth, it presents examples of cyber-attackscenarios in the railway system.

Keywords
Cybersecurity, cyber kill chain, railway, cyber-attack, OSA-CBM, predict
National Category
Engineering and Technology
Research subject
Operation and Maintenance
Identifiers
urn:nbn:se:ltu:diva-77333 (URN)10.13052/jcsm2245-1439.912 (DOI)
Available from: 2020-01-10 Created: 2020-01-10 Last updated: 2020-01-10
Jägare, V., Karim, R., Juntti, U. & Söderholm, P. (2019). A framework for testbed concept in railway. In: PROCEEDINGS: International Heavy Haul Association Conference June 2019: . Paper presented at International Heavy Haul Association (IHHA) STS 2019 Conference (pp. 986).
Open this publication in new window or tab >>A framework for testbed concept in railway
2019 (English)In: PROCEEDINGS: International Heavy Haul Association Conference June 2019, 2019, p. 986-Conference paper, Poster (with or without abstract) (Refereed)
Abstract [en]

One major prerequisite for an effective implementation and innovation process is the enablement and provision of a collaborative environment. A common area for multi-organisational collaboration together with a technology platform, enabling data sharing and Big Data Analytics, has been developed called ‘Testbed Railway’ with a corresponding framework ‘Railway 4.0’. Testbed Railway can be used to strengthen the railway industry's adaptability and competitiveness by developing and providing a testbed for research and innovation in the rail industry, nationally and internationally.

Keywords
Testbed Railway, Implementation of innovations, Multi-organisational collaboration
National Category
Transport Systems and Logistics Other Civil Engineering
Research subject
Operation and Maintenance
Identifiers
urn:nbn:se:ltu:diva-75968 (URN)9780911382709 (ISBN)
Conference
International Heavy Haul Association (IHHA) STS 2019 Conference
Available from: 2019-09-11 Created: 2019-09-11 Last updated: 2019-10-22
Jägare, V., Karim, R., Söderholm, P., Larsson-Kråik, P.-O. & Juntti, U. (2019). Change management in digitalised operation and maintenance of railway. In: PROCEEDINGS: International Heavy Haul Association Conference June 2019: . Paper presented at International Heavy Haul Association (IHHA) STS 2019, 10-14th June 2019, Narvik, Norway. (pp. 904-911).
Open this publication in new window or tab >>Change management in digitalised operation and maintenance of railway
Show others...
2019 (English)In: PROCEEDINGS: International Heavy Haul Association Conference June 2019, 2019, p. 904-911Conference paper, Published paper (Refereed)
Abstract [en]

Globally, railway is experiencing a major technology transformation (or paradigm shift), triggered by the enhanced utilisation of digital technology. This technological transformation affects not only the technical systems, i.e. railway infrastructure and rolling stock, but also regulations, organisations, processes,and individuals. Hence, hardware, software, but also liveware (i.e. humans) are affected. Today, the digitalisation of railway is characterised by digital services. There are also a range of challenges, e.g. data acquisition,transformation, modelling, processing, visualisation, safety, security, quality, and information assurance. To deal with these challenges, the railway industry needs to define strategies, which enable a smooth transformation of the existing configuration to a digitalised system. Digital railway requires a holistic change management approach based on system-of-systems thinking and a set of appropriate technologies and methodologies. The railway digitalisation strategy should be based on systematic risk management that address aspects of, e.g., information security, traffic safety and project risk. In addition, managing changes for a digitalised railway effectively and efficiently also requires a framework for aspects such as needs finding, requirement identification, and impact of changes for individual, teams and organisation. In this work a major case studywithin the ePilot, has been performed in context of the operation and maintenance processes of the Swedish railway. Therefore, this paper aims to propose a framework for implementing innovations and driving change in a digitalised railway.

Keywords
Change management, digitalisation, railway, risk management, implementing innovation, framework for implementation
National Category
Transport Systems and Logistics Other Civil Engineering
Research subject
Operation and Maintenance
Identifiers
urn:nbn:se:ltu:diva-75966 (URN)9780911382716 (ISBN)9780911382709 (ISBN)
Conference
International Heavy Haul Association (IHHA) STS 2019, 10-14th June 2019, Narvik, Norway.
Available from: 2019-09-11 Created: 2019-09-11 Last updated: 2019-10-21Bibliographically approved
Thaduri, A., Al-Jumaili, M., Kour, R. & Karim, R. (2019). Cybersecurity for eMaintenance in Railway Infrastructure: Risks and Consequences. International Journal of Systems Assurance Engineering and Management, 10(2), 149-159
Open this publication in new window or tab >>Cybersecurity for eMaintenance in Railway Infrastructure: Risks and Consequences
2019 (English)In: International Journal of Systems Assurance Engineering and Management, ISSN 0975-6809, E-ISSN 0976-4348, Vol. 10, no 2, p. 149-159Article in journal (Refereed) Published
Abstract [en]

Recently, due to the advancements in the ICT (Information and Communication Technology), there has been lot of emphasis on digitization of the existing and newly developed infrastructure. In transportation infrastructure, in general, 80% of the assets are already in place and there has been tremendous push to move to the digital era. For efficient and effective design, construction, operation and maintenance of the infrastructure, due to this digitization, there is increasing research trend in data-driven decision-making algorithms that are proved to be effective because of several advantages. Since railway is the backbone of the society, the data-driven approaches will ensure the continuous operation, efficient maintenance, planning and potential future investments. The breach and leak of this potential data to the wrong hands might result in havoc, risk, trust, hazards and serious consequences. Hence, the main purpose of this paper is to stress the potential challenges, consequences, threats, vulnerabilities and risk management of data security in the railway infrastructure in context of eMaintenance. In addition, this paper also identifies the research methods to obtain and secure this data for potential possible research.

Place, publisher, year, edition, pages
Springer, 2019
Keywords
eMaintenance, Cybersecurity, Risks, consequences, Railways
National Category
Reliability and Maintenance Computer Systems Other Civil Engineering
Research subject
Centre - Luleå Railway Research Center (JVTC); Operation and Maintenance
Identifiers
urn:nbn:se:ltu:diva-73186 (URN)10.1007/s13198-019-00778-w (DOI)000464861200001 ()
Note

Validerad;2019;Nivå 2;2019-04-23 (marisr)

Available from: 2019-03-13 Created: 2019-03-13 Last updated: 2019-05-02Bibliographically approved
Kour, R., Karim, R. & Thaduri, A. (2019). Cybersecurity for railways: A maturity model. Proceedings of the Institution of mechanical engineers. Part F, journal of rail and rapid transit
Open this publication in new window or tab >>Cybersecurity for railways: A maturity model
2019 (English)In: Proceedings of the Institution of mechanical engineers. Part F, journal of rail and rapid transit, ISSN 0954-4097, E-ISSN 2041-3017Article in journal (Refereed) Epub ahead of print
Abstract [en]

With the advancements in and widespread adoption of information and communication technologies in infrastructures, cyber-attacks are becoming more frequent and more severe. Advanced cybersecurity threats with automated capabilities are increasing in such sectors as finance, health, grid, retail, government, telecommunications, transportation, etc. Cyber-attacks are also increasing in railways with an impact on railway stakeholders, e.g. threat to the safety of employees, passengers, or the public in general; loss of sensitive railway information; reputational damage; monetary loss; erroneous decisions; loss of dependability, etc. There is a need to move towards advanced security analytics and automation to identify, respond to, and prevent such security breaches. The objective of this research is to reduce cyber risks and vulnerabilities and to improve the cybersecurity capabilities of railways by evaluating their cybersecurity maturity levels and making recommendations for improvements. After assessing various cybersecurity maturity models, the Cybersecurity Capability Maturity Model (C2M2) was selected to assess the cybersecurity capabilities of railway organizations. The contributions of this research are as follows. First, a new maturity level MIL4 (Maturity Indicator Level 4) is introduced in the C2M2 model. Second, the C2M2 model is adapted by adding advanced security analytics and threat intelligence to develop the Railway-Cybersecurity Capability Maturity Model (R-C2M2). The cybersecurity maturity of three railway organizations is evaluated using this model. Third, recommendations and available standards & guidelines are provided to the three railway organizations to improve maturity levels within different domains. In addition, they are given an action plan to implement the recommendations in a streamlined way. The application of this model will allow railway organizations to improve their capability to reduce the impacts of cyber-attacks and eradicate vulnerabilities. The approach can also be extended to other infrastructures with necessary adaptations.

Place, publisher, year, edition, pages
Sage Publications, 2019
Keywords
Cybersecurity, maturity level, Railway-Cybersecurity Capability Maturity Model, railway organizations, Cybersecurity Capability Maturity Model
National Category
Engineering and Technology Other Civil Engineering
Research subject
Operation and Maintenance
Identifiers
urn:nbn:se:ltu:diva-76428 (URN)10.1177/0954409719881849 (DOI)000491625900001 ()2-s2.0-85074776546 (Scopus ID)
Available from: 2019-10-18 Created: 2019-10-18 Last updated: 2019-11-21
Kour, R., Tretten, P., Karim, R. & Singh, S. (2019). Cybersecurity Workforce in Railway: A Case Study. In: Proceedings of the 5th International Workshop & Congress on eMaintenance 2019: . Paper presented at Proceedings of the 5th International Workshop & Congress on eMaintenance 2019.
Open this publication in new window or tab >>Cybersecurity Workforce in Railway: A Case Study
2019 (English)In: Proceedings of the 5th International Workshop & Congress on eMaintenance 2019, 2019Conference paper, Published paper (Refereed)
Abstract [en]

Railway will continue to adapt new digital solutions which are necessary and vulnerable to cyber threats. The history of cyber-attacks on critical infrastructures including railway suggests that there is a need for cybersecurity awareness. Both for employees and the general public. The very first step in cyber hygiene is cybersecurity training and awareness for the workforce. A well-educated workforce plays a vital role in building more cyber resiliency across the organization's operation and maintenance. The objective of this research is to evaluate the cybersecurity maturity level for workforce management in three railway organizations. The results show that there is a cybersecurity workforce gap and there is a need to eliminate this gap by enhancing cybersecurity workforce culture. Henceforth, this gap can be improved by developing cybersecurity culture, including cybersecurity training and awareness and by following recommendations provided in this paper.

National Category
Engineering and Technology
Research subject
Operation and Maintenance
Identifiers
urn:nbn:se:ltu:diva-75936 (URN)
Conference
Proceedings of the 5th International Workshop & Congress on eMaintenance 2019
Available from: 2019-09-10 Created: 2019-09-10 Last updated: 2019-09-10
Kour, R., Al-Jumaili, M., Karim, R. & Tretten, P. (2019). eMaintenance in railways: Issues and challenges in cybersecurity. Proceedings of the Institution of mechanical engineers. Part F, journal of rail and rapid transit, 233(10), 1012-1022
Open this publication in new window or tab >>eMaintenance in railways: Issues and challenges in cybersecurity
2019 (English)In: Proceedings of the Institution of mechanical engineers. Part F, journal of rail and rapid transit, ISSN 0954-4097, E-ISSN 2041-3017, Vol. 233, no 10, p. 1012-1022Article in journal (Refereed) Published
Abstract [en]

The convergence of information technology and operation technology and the associated paradigm shift toward Industry 4.0 in complex systems, such as railways has brought significant benefits in reliability, maintainability, operational efficiency, capacity, as well as improvements in passenger experience. However, with the adoption of information and communications technologies in railway maintenance, vulnerability to cyber threats has increased. It is essential that organizations move toward security analytics and automation to improve and prevent security breaches and to quickly identify and respond to security events. This paper provides a statistical review of cybersecurity incidents in the transportation sector with a focus on railways. It uses a web-based search for data collection in popular databases. The overall objective is to identify cybersecurity challenges in the railway sector.

Place, publisher, year, edition, pages
Sage Publications, 2019
Keywords
Cybersecurity, railway, eMaintenance, challenges
National Category
Engineering and Technology Other Civil Engineering
Research subject
Operation and Maintenance
Identifiers
urn:nbn:se:ltu:diva-72536 (URN)10.1177/0954409718822915 (DOI)000483645500002 ()
Note

Validerad;2019;Nivå 2;2019-09-11 (johcin)

Available from: 2019-01-14 Created: 2019-01-14 Last updated: 2019-12-12Bibliographically approved
Jägare, V., Juntti, U. & Karim, R. (2019). Governance of digital data sharing in a cross-organisational railway maintenance context. In: Arranz, Miguel Castano (Ed.), Proceedings of the 5th International Workshop and Congress on eMaintenance: eMaintenance: Trends in Technologies & methodologies, challenges, possibilites and applications: . Paper presented at 5th International Workshop and Congress on eMaintenance, Stockholm, Sweden, 14-15 May 2019.
Open this publication in new window or tab >>Governance of digital data sharing in a cross-organisational railway maintenance context
2019 (English)In: Proceedings of the 5th International Workshop and Congress on eMaintenance: eMaintenance: Trends in Technologies & methodologies, challenges, possibilites and applications / [ed] Arranz, Miguel Castano, 2019Conference paper, Published paper (Refereed)
Abstract [en]

The purpose of this paper is to study and explore the essential aspects of data governance in eMaintenance that need to be considered such as data sharing and data ownership in a cross-organisational railway maintenance context. Furthermore, the paper develops and provides an approach to strategies and guidelines, which can be used to govern digital data sharing.

To fulfil this purpose, case studies of several projects where sharing of data between stakeholders in order to develop maintenance decision support, was selected as a research strategy and supported by a literature study. Empirical data were collected through interviews, workshops, document studies, and observations. An approach was developed and validated using a case study.

The proposed approach supports the understanding and establishing strategies and guidelines for data governance in a cross-organisational railway context. This can be considered as one of the enablers for information logistics for maintenance purposes where the approach can be used as a support tool in order to facilitate the development of maintenance decision support within the railway industry.

Keywords
Data governance, cross-organisation, maintenance, maintenance decision support, railway, eMaintenance
National Category
Engineering and Technology
Research subject
Operation and Maintenance
Identifiers
urn:nbn:se:ltu:diva-76274 (URN)
Conference
5th International Workshop and Congress on eMaintenance, Stockholm, Sweden, 14-15 May 2019
Funder
Swedish Transport Administration
Available from: 2019-10-07 Created: 2019-10-07 Last updated: 2019-10-17
Saari, E., Lin, J., Liu, B., Zhang, L. & Karim, R. (2019). Novel Bayesian Approach to Assess System Availability using a Threshold to Censor Data. International Journal of Performability Engineering, 15(5), 1314-1325
Open this publication in new window or tab >>Novel Bayesian Approach to Assess System Availability using a Threshold to Censor Data
Show others...
2019 (English)In: International Journal of Performability Engineering, ISSN 0973-1318, Vol. 15, no 5, p. 1314-1325Article in journal (Refereed) Published
Abstract [en]

Assessment of system availability has been studied from the design stage to the operational stage in various system configurations using either analytic or simulation techniques. However, the former cannot handle complicated state changes, and the latter is computationally expensive. This study proposes a Bayesian approach to evaluate system availability. In this approach: 1) Mean Time to Failure (MTTF) and Mean Time to Repair (MTTR) are treated as distributions instead of being "averaged" to better describe real scenarios and overcome the limitations of data sample size; 2) Markov Chain Monte Carlo (MCMC) simulations are applied to take advantage of the analytical and simulation methods; and 3) a threshold is set up for Time to Failure (TTR) data and Time to Repair (TTR) data, and new datasets with right-censored data are created to reveal the connections between technical and "Soft" KPIs. To demonstrate the approach, the paper considers a case study of a balling drum system in a mining company. In this system, MTTF and MTTR are determined by a Bayesian Weibull model and a Bayesian lognormal model, respectively. The results show that the proposed approach can integrate the analytical and simulation methods to assess system availability and could be applied to other technical problems in asset management (e.g., other industries, other systems). By comparing the results with and without considering the threshold for censoring data, we show the threshold can be used as a monitoring line for continuous improvement in the investigated mining company.

Place, publisher, year, edition, pages
Totem Publisher, Inc., 2019
National Category
Other Civil Engineering
Research subject
Operation and Maintenance
Identifiers
urn:nbn:se:ltu:diva-75095 (URN)10.23940/ijpe.19.05.p7.13141325 (DOI)2-s2.0-85067024398 (Scopus ID)
Note

Validerad;2019;Nivå 1;2019-06-27 (johcin)

Available from: 2019-06-27 Created: 2019-06-27 Last updated: 2019-06-27Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0002-0055-2740

Search in DiVA

Show all publications