Positive Train Control, or PTC, is a system of advanced technologies designed to enhance safety by automatically stopping a train before it exceeds safe speed limits or enters unauthorized areas. Just as important, PTC’s successful implementation will also drive critical advances in analytics and automation, providing the foundation for many of Norfolk Southern’s efforts to reimagine new technological possibilities. Yet to securely realize these benefits, NS had to ensure that PTC, and the information it contained, was adequately protected from outside parties who might attempt to access the system and disrupt NS operations.
Given PTC’s scope and complexity, testing the rigor of its information-security features was no small task. Because PTC spans the entire country, it requires a tremendous level of technological interoperability, supporting scenarios in which one railroad’s crew might operate another railroad’s equipment while running on several other railroads’ tracks. In hubs like Chicago, where all of the major North American carriers interact, the number of variables quickly made it mathematically impractical to test even a substantial portion of the possible operating scenarios that PTC would encounter.
To address this problem, NS turned to an area of research, led by the Software Engineering Institute at Carnegie Mellon University, called Assurance Case Confidence, which focuses on evaluating claims that make logical sense but cannot be tested in every possible scenario. To validate such claims, ACC breaks them down into their constituent elements and examines each element for evidence that either supports or refutes the overall claim. Often, these elements are further divided into sub-elements, creating a tree-like structure branching into greater levels of detail. This process continues until the lowest level of the tree is either self-evident or accepted without significant contest.
To apply this deep research to evaluating the strength of PTC’s information-security features, NS worked with CMU experts to build a robust ACC model and evaluate its various elements. Their work culminated in the development of a detailed validation tree, with some branches going 11 levels deep into sub-elements as granular as password protection, log analysis, and patch installation. By testing this model, NS was able to ensure that the information within PTC was protected and that planned investments would further advance its security.
Applying academic research to practical business problems can be challenging, at times failing to yield actionable insights. However, through their collaborative efforts, the NS and CMU teams successfully combined their innovative skillsets to translate academic theory into real-world results, opening new possibilities for the safety and technological potential of our reimagined railroad.