Secure Rail 2020Sessions

JUMP TO:

Tuesday's Sessions   Wednesday's Sessions   Speakers

Secure Rail

2020 Schedule

Tuesday August 25
8:30 AM – 9:00 AM

Greatest Cyber Security Threats to the Railroad Industry and How to Prevent Attacks

Arrow

Some of the greatest Cyber Security threats to the Railroad Industry and our Nation’s Critical Infrastructure are the continuous attacks being carried out by Nation State Actors targeting Aging Industrial Controls Infrastructure, Supply Chain Vendors, Municipal Water Supply, and a host of other vulnerable targets. This talk will help show multiple upstream impact threats that are often overlooked and can be easier targets that threaten our infrastructure and will identify key strategies to prevent attacks to these areas.

Presented by:

Paul Veeneman, Partner, CTO, VP Operations MBA Engineering

Learning Objectives:

1. Identify current threats to the industry as a whole
2. Discuss baseline of cyber security threat challenges
3. List specific threats to Transit/Transportation, Shortline, Regional and Class 1 Railroads
4. Highlight applied security and practical methods for rail industry threat mitigation and risk management

 Audience:

CEU:

0.1

View session: Greatest Cyber Security Threats to the Railroad Industry and How to Prevent Attacks

9:00 AM – 9:30 AM

Emergency Preparedness: Metro's Road to the Olympics 2028

Arrow

A transportation authority faces an uphill challenge prepping to host the Olympic Games within their Operational Area. Associated goals, objectives, tasks, and internal & external stakeholder collaborations necessitate an early stage adoption and commitment within transit strategic planning for such an event. This session will pave establishment of a timetable to develop, implement, and fuse best practices and innovation for successful transit preparation to the Olympic Games.

Presented by:

Aston Greene, Deputy Chief System Security & Law Enforcement Officer LA Metro

Learning Objectives:

1. Discuss timeline and preparedness road mapping to the Olympics at LA Metro
2. Review best practices and innovative techniques for planning, training, & exercising staff, first responders, and contractors
3. Identify interdepartmental and external partners and leverage long range commitments for Olympic preparation
4. Discuss future transit support to major incident response and operation center coordination efforts at LA Metro

 Audience:

CEU:

0.1

View session: Emergency Preparedness: Metro's Road to the Olympics 2028

9:30 AM – 10:00 AM

Tuesday Morning Networking Break and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Tuesday Morning Networking Break and Exhibits

10:00 AM – 10:30 AM

Building a Cyber Design for Reliability and Availability (CDfR) Program to Assure Multi-Decade Resilience of Trains, Airplanes and Vessels to Cyber Attacks

Arrow

Reliability and availability of vehicles which maintain high utilization rates over multiple decades such as trains, airplanes, vessels can often be affected by software vulnerabilities that permit malware such as NotPetya to impact operations. Mckenney will discuss best practices for manufacturers, integrators and operators to treat this risk by discussing and providing examples of how a Cyber Design for Availability (CDfR) Program assures multi-decade asset resilience; increasing asset-utilization and reducing defects, time-to-roll out, and operational costs.

Presented by:

Jim McKenney, Technical Director NCC Group

Learning Objectives:

1. Discuss why trains can be easily affected by software vulnerabilities
2. Define and provide examples of Cyber Design for Reliability and Availability (CDfR) programs
3. Assess CDfR programs' strategic importance to transportation manufacturers, integrators and operators
4. Provide examples of how a CDfR programs assures multi-decade asset resilience

 Audience:

CEU:

0.1

View session: Building a Cyber Design for Reliability and Availability (CDfR) Program to Assure Multi-Decade Resilience of Trains, Airplanes and Vessels to Cyber Attacks

10:30 AM – 11:00 AM

The Emergence of Cyberterrorism and the Potential Impact to Rail Operations

Arrow

After the September 11 attacks, the internet became a beacon of propaganda, fundraising, coordination, and recruitment for terrorist organizations throughout the world. As traditional online efforts blossomed, so did other cyber activity, including computer intrusions in support of terrorist ideology. This presentation is intended to explain what cyberterrorism is, and highlight some of the top FBI investigations over a span of 12 years, including the very first cyberterrorism case. Furthermore, with continued escalation of Middle East geopolitical tensions, the presentation will outline potential near-future state of cyberterrorism and impact to rail operations.

Presented by:

Alex Borhani, Director of IT Security CSX Transportation

Learning Objectives:

1. Explain cyberterrorism
2. Highlight top FBI investigations of cyberterrorism
3. Identify potential future impacts of cyberterrorsim
4. Discuss how cyberterrorism affects rail operations

 Audience:

CEU:

0.1

View session: The Emergence of Cyberterrorism and the Potential Impact to Rail Operations

11:00 AM – 11:30 AM

Metra's Emergency Preparedness Program

Arrow

We lost four police officers in the Chicagoland area in the past twenty years to trains. With today's new technologies in the railroad industry making our trains quieter and more efficient, it can make it dangerous for first responders. This session will provide education on signage and emergency contact numbers for the railroads, and how to locate them. Finally, we will go in to the nomenclature of our equipment and how to access it such as how to bleed open the doors, shut the diesel locomotive down, how to take out emergency windows, and finally about our electric DC lines. No more than ever, it is important for everyone to work together and stress safety and communication.

Presented by:

Michael Hullinger, Inspector Metra Police Department

Learning Objectives:

1. Identify your role in responding to a railroad incident
2. Discuss how agencies need to work together as a team
3. Determine how to identify and access railroad equipment
4. Describe how to better prepare for the next critical incident

 Audience:

CEU:

0.1

View session: Metra's Emergency Preparedness Program

11:30 AM – 1:00 PM

Tuesday Lunch and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Tuesday Lunch and Exhibits

2:00 PM – 2:30 PM

Belt Railway of Chicago's Physical Security Best Practices

Arrow

This session will cover the methods of securing the Belt Railway Company of Chicago with 28 miles of mainline track and the largest intermediate switching terminal in the United States. The Belt Railways clearing yard covers a 5.5 mile distance among 786 acres supporting more that 250 miles of track. This session will cover the effective use of cameras, employee engagement, community relations, building relationships with local police & fire departments. The session will also cover the TSA SETA program which is Security Enhancement Through Assessment.

Presented by:

Gerald Conoboy, Director of Police & Risk Management Belt Railway Police Department

Learning Objectives:

1. Define the TSA SETA program - how it works and how it will benefit your railroad
2. Discuss the use and placement of cameras
3. Describe how to enhance employee engagement and gaining their buy in to security
4. Explain how to build effective relationships with local police and fire department

 Audience:

CEU:

0.1

View session: Belt Railway of Chicago's Physical Security Best Practices

2:30 PM – 3:00 PM

Tuesday Afternoon Networking Break and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Tuesday Afternoon Networking Break and Exhibits

4:00 PM – 4:30 PM

Encryption for Realtime Railway Data Transmission

Arrow

Railway cyber security requires a defence-in-depth approach. There are numerous different data network encryption technologies that can be applied. MACsec encryption in combination with an MPLS-TP based telecommunication backbone increases the availability, integrity and confidentiality of the real-time operational data transmitted over the network. This session will cover various encryption technologies and applications for the rail industry.

Presented by:

Emmanuel Waegebaert, Product Manager OTN Systems

Learning Objectives:

1. Get acquainted with the concept of defence in depth
2. Differentiate between different encryption concepts
3. Appreciate the advantages of hardware-based encryption
4. Understand how MACsec encryption in combination with MPLS-TP increases the availability, integrity and confidentiality of the real-time operational data transmitted over the network

 Audience:

CEU:

0.1

View session: Encryption for Realtime Railway Data Transmission

4:30 PM – 5:00 PM

Progressive Passenger Rail Security Technologies To Help Protect Passengers, Systems and Assets During Mass Gathering Events

Arrow

Passenger rail systems are inherently open without the security and screening obstacles passengers encounter at airports, causing them to be prime, soft target locations for criminal or terrorist activity. To help ensure the safety of the billions of people traveling by passenger rail each year, the industry has put a critical focus on countering these threats. Evolving technologies are enabling passenger rail operators to observe, screen and detect threat actors before they can act. During this session, we will discuss in-depth the leading security technologies that advance the ability of operators to identify risks, mitigate threats and minimize vulnerabilities.

Presented by:

Brian Schwab, Senior Security Consultant, Security Risk Management Hillard Heintze, a Jensen Hughes Company

Learning Objectives:

1. Build a stronger understanding of the risks, threats and vulnerabilities facing the modern passenger rail industry
2. Gain insight to the latest technologies that are changing the way operators manage and mitigate the increasing threat of targeted violence at soft-target venues
3. Learn how to use new technology purposefully and creatively to advance your security posture
4. Identify ways to build a more robust, complete security risk management system that protects your passenger rail customers, staff and physical assets

 Audience:

CEU:

0.1

View session: Progressive Passenger Rail Security Technologies To Help Protect Passengers, Systems and Assets During Mass Gathering Events

5:00 PM – 6:00 PM

Networking Reception

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Networking Reception

Wednesday August 26
9:00 AM – 9:30 AM

The Do's and Don'ts In Securing Your Railway Systems

Arrow

The presentation will focus on the cybersecurity of railway signaling and onboard systems. We will start from shedding light on the threat landscape with practical examples of security issues learned from protecting railway systems in multiple continents. Based on the threats, we will cover the Do’s and Don’ts in implementing cybersecurity measures in railway safety-critical networks. The goal will be to provide the audience with practical toolkit on protecting their existing systems and putting the right security requirements for future systems.

Presented by:

Miki Shifman, CTO Cylus

Learning Objectives:

1. Analyze the cybersecurity threat landscape of modern rail systems
2. Discuss lessons learned from protecting rail systems worldwide
3. Give practical suggestions on how to secure your rail network
4. List do's and don'ts in implementing cybersecurity measures in railway safety-critical networks

 Audience:

CEU:

0.1

View session: The Do's and Don'ts In Securing Your Railway Systems

9:30 AM – 10:00 AM

Wednesday Morning Networking Break and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Wednesday Morning Networking Break and Exhibits

10:00 AM – 11:00 AM

Fare Evasion - Ways to Minimize the Revenue Loss Affecting Transit Agencies

Arrow

Fare Evasion is a major problem for all transit agencies and is getting worse every day. Transit agencies are coping with the revenue loss while dealing with violations that are being treated with fines that most folks are not paying. In BART, out of 600 tickets for violations of fare evasion issued, one was paid. So how do transit agencies, through technology and effective policies minimize the revenue loss for fare evasion while dealing with the reality of the new laws. This panel will provide some ideas on deterrence, realizing the true revenue losses and how to use data analytics for real-time decision making.

Presented by:

Alfredo Perez, President Perez Consulting LLC

Learning Objectives:

1. Identify how to ascertain the true revenue loss of Fare Evasion to your transit agency
2. Explain how to minimize the Fare evasion problem with a combination of technology and effective policies
3. Describe how to use data analytics and executive dashboards to provide the leadership with real-time information allowing for more effective policies
4. Based on these policies, idenify what the right message is to give to the ridership community

 Audience:

CEU:

0.1

View session: Fare Evasion - Ways to Minimize the Revenue Loss Affecting Transit Agencies

11:00 AM – 11:30 AM

Cybersecurity - Risk Assessment Process in Hitachi Rail

Arrow

Transportation systems are critical infrastructures, so they need a holistic approach to protect both physical/virtual assets and resources, combining a unique security framework with the multiple aspects of security. Hitachi Rail STS has established an Information Security Management Systems process (ISMS) in accordance with the international standards (ISO 27000, IEC 62443 and NIST-800). It shall be aimed to minimize risks related to misuse of data and abuse of confidential information by authorized/unauthorized personnel having malicious intents, exposing passengers and personnel to risk of damages and/or impacting the continuity of operations.

The purpose of this presentation is to describe the cybersecurity activities that will be performed by Hitachi Rail, subcontractors and external contractors throughout the project life-cycle phases, in order to ensure that the Rail System will achieve an acceptable security level.

Presented by:

Giovanni Sorrentino, System Cyber Security Manager Hitachi Rail

Learning Objectives:

1. Assess cybersecurity identified threats and understand how to reduce related risks
2. Define the Information Security Management Systems process (ISMS)
3. Examine the Information Security Management Systems process (ISMS) and how it minimizes risks
4. Determine how a rail system will achieve an acceptable security level when using the ISMS process

 Audience:

CEU:

0.1

View session: Cybersecurity - Risk Assessment Process in Hitachi Rail

11:30 AM – 1:00 PM

Wednesday Lunch and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Wednesday Lunch and Exhibits

1:30 PM – 2:00 PM

Rail Security, Operations and Infrastructure Protection

Arrow

Infrastructure is an integral part of railroad operations and any disruption could have far reaching impacts. To insure that infrastructure compromise is minimized and in addition to planning and design, information collected by sensing technologies can be instrumental in the operational decision-making process. Recent developments in AI have enabled efficient pattern recognition of visual images for improving railroad security. Advances in remote sensing technology have also enabled engineers to rapidly interrogate surface and subsurface conditions of railroad infrastructure for effective damage detection and structural health monitoring. The strategic combination of sensing technologies with existing security measures can lead to a safe, secure and resilient railroad infrastructure.

In this session, we will focus on the infrastructure of rail operations. We will discuss why infrastructure is critical and list potential threats and vulnerabilities, plus their consequences. This session will also identify how to plan and design using sensing and monitoring methods to protect rail operations.

Presented by:

Gary Gordon, Visiting Professor University of Massachusetts Lowell

Tzuyang Yu, Associate Professor University of Massachusetts Lowell

Learning Objectives:

1. Determine and understand the infrastructure critical to operations.
2. Identify the threats and vulnerabilities to the infrastructure and potential consequences.
3. Determine how, by effective planning and design, infrastructure can be made robust and resilient.
4. Discuss appropriate sensing and monitoring methods to protect the infrastructure from compromise.

 Audience:

CEU:

0.1

View session: Rail Security, Operations and Infrastructure Protection

2:00 PM – 2:45 PM

Analyzing Drone Data to Support Rail Operations

Arrow

Railroads continue to tap drone technology to inspect thousands of miles of infrastructure. Unmanned Aerial Vehicles (UAVs), or drones, equipped with cameras and sensors can be used to collect images, video, LiDAR surveys and more. In this session, learn how Collins Aerospace analyzes mass amounts of drone data, and supports the advanced drone operations of North America’s largest Class I railroad.

Presented by:

TBA ,

Learning Objectives:

1. Discuss how railroads are currently deploying drones
2. Review the types of data drones collect, and how that data is securely stored
3. Review how drone data can be analyzed and those results applied to rail operations
4. Discuss the potential of drone technology to be used for rail yard perimeter security

 Audience:

CEU:

0.1

View session: Analyzing Drone Data to Support Rail Operations

2:45 PM – 3:15 PM

Policy Solutions for Mitigating Threats to Rail Security

Arrow

Over the past decade, the rail industry has witnessed substantial intervention in the global rail marketplace from non-market economy foreign governments. Most notably, the People’s Republic of China – working through state-owned enterprises (SOEs)– has identified rail manufacturing as a strategic market sector and made clear their intention to dominate the global rolling stock market, presenting both national and economic security challenges. This presentation will focus on how federal lawmakers have responded to those risks, including a look at how recent legislation will impact any future procurement decisions involving federal funding.

Presented by:

E. Michael O’Malley, President Railway Supply Institute

Learning Objectives:

1. Assess how China’s geopolitical objectives are shaping the future of the industry landscape
2. Identify the national and economic security challenges we’ve seen as a result of Chinese SOEs entering the U.S. rail market 3. Examine Congress’ response to these threats
4. Discuss what lies ahead for companies and agencies impacted by new federal policies

 Audience:

CEU:

0.1

View session: Policy Solutions for Mitigating Threats to Rail Security

2020 Sponsors

GOLD

Hitachi

SILVER

AMICO
FLIR
OTN Systems
interested in becoming a sponsor?