

A smooth operation of the Platform Screen Door (PSD) system is critical to the Metro system, and any disturbance to it may disrupt the train's normal operation. The paper presents the security analysis of a Metro Supervisory Control and Data Acquisition (SCADA) system, specifically the cyber security vulnerabilities in its PSD system. The PSD system includes control subsystem and signaling subsystem, and its operation can be controlled from the moving train and the station as well. The security features of communication protocols that are employed in the SCADA system and PSD system operation mechanisms are discussed in this paper. The weak security features render the PSD vulnerable to cyber attacks. Countermeasures, from both technical and human aspects, to protect the PSD system are studied. An experiment is conducted on a testbed of simulating Metro supervisory control system to test the system vulnerabilities. The results demonstrate that the PSD control system could be compromised by an attacker who gains physical access to the control network and launches forged message or replay message attacks. A firewall cyber security countermeasure is evaluated to show that it can prevent some of the attacks but has limitations due to its rule-based mechanism. Thus, it is necessary to mind the gap for the security of metro PSD system.