THIS PREPRINT IS NOW ISSUED AS IEEE ACCESS https://ieeexplore.ieee.org/document/10231329

The CENELEC TS 50701 is the first encompassing standard aiming at  governing cybersecurity risk management processes within the railway  industry. Although the technical maturity of this framework is  undeniable, its application in practical projects is still an active  field of discussion among practitioners, especially when dealing the  communication-heavy subsystems. Among such subsystems, signaling is  among the most critical ones. Both Communication-based Train Control  (CBTC) and European Railway Traffic Management Systems (ERTMS) heavily  rely on wireless communications for their operation. This paper  describes two cybersecurity attack scenarios regarding wireless  communications for CBTCs that can impact the safety of these systems  using the lens of the framework provided by the novel CENELEC TS 50701.  In doing so, we discuss the implications of using such guidance,  especially concerning the different interpretations found in the  literature regarding zoning communication systems, to assess and  mitigate the cybersecurity risk and improve the posture of CBTC systems  concerning the examined attacks. Experimental tests conducted in  controlled laboratory environments and high fidelity simulations have  been conducted to support the cybersecurity analysis.