INFORMATION TECHNOLOGY: Improving Cybersecurity and Resiliency of Train Control Systems Could Reduce Vulnerabilities
The Office of Inspector General (OIG) conducted an audit of Amtrak’s (the company) train control systems. Our audit objective was to assess the company’s efforts to identify and address vulnerabilities in these systems and to ensure resiliency.
The company uses train control systems to dispatch and monitor more than 2,000 trains daily across its network of more than 500 stations and 21,000 miles of track. Given their criticality to safe train operations, we assessed the company’s efforts to identify and address the train control systems’ cybersecurity and resiliency. We compared the company’s efforts in both areas with standards from the National Institute of Standards and Technology.