Evaluation of Risk and Resilience of the MBTA Green Rapid Transit System

The Transportation Systems Sector is one of the sixteen critical infrastructure sectors identified by the Cybersecurity and Infrastructure Security Agency (CISA) and plays a crucial role in ensuring public safety, economic stability, and national security. The Massachusetts Bay Transportation Authority (MBTA) serves as the primary public transportation system in the Greater Boston Area, with the Green Line representing one of the oldest and most complex rapid transit systems in the network. This paper presents a network-based risk and resilience assessment of the MBTA Green Line using graph theory, network metrics, and the Model-Based Risk Analysis (MBRA) tool. The original 70-station Green Line network is simplified into a 17-node model, and key metrics, including degree centrality, betweenness centrality, eigenvector centrality, spectral radius, node robustness, and blocking nodes, are computed using Python-based analysis. Critical vulnerability is derived using the MBRA resiliency equation, and random, targeted, and cyber-physical attack scenarios are evaluated. The results identify North Station, Government Center, Haymarket, Copley, and Kenmore as the most critical nodes. A fault tree analysis between Kenmore and Copley further demonstrates the impact of budget allocation on threat reduction. This work highlights key vulnerabilities in the Green Line network and provides actionable recommendations to improve resilience against cyber-physical threats.

💡 Research Summary

The paper presents a comprehensive risk and resilience assessment of the Massachusetts Bay Transportation Authority (MBTA) Green Line, one of the oldest and most spatially complex light‑rail corridors in the Greater Boston area. To make the analysis tractable, the authors collapse the original 70‑station topology into a 17‑node graph that preserves the essential connectivity of the four branches (B, C, D, E). This reduction is achieved by merging consecutive stations that lie on a straight segment of track, thereby retaining the hub stations where multiple branches intersect.

Using Python‑based network‑science tools, the study computes a suite of graph‑theoretic metrics for each node: degree centrality, betweenness centrality, eigenvector centrality, spectral radius, node robustness, and identification of blocking (critical) nodes. The results consistently highlight Kenmore, Copley, North Station, Government Center, and Haymarket as the most structurally important vertices. Kenmore and Copley exhibit the highest degree and eigenvector scores, reflecting their role as multi‑branch transfer points; North Station, Government Center, and Haymarket rank highest in betweenness, indicating that a large fraction of shortest‑path traffic traverses them. The spectral radius of the network is relatively large, suggesting that contagion‑type threats (e.g., a cyber‑worm) could spread rapidly across the system. Robustness analysis shows that removal of any of the top‑ranked nodes fragments the graph into substantially smaller components, confirming their status as single points of failure.

Risk quantification is performed with the Model‑Based Risk Analysis (MBRA) framework. MBRA expresses risk as the product of Threat, Vulnerability, and Consequence. Threat is modeled through three attack scenarios: (1) random node failures, (2) targeted attacks on high‑centrality nodes, and (3) combined cyber‑physical attacks that first compromise supervisory control and data acquisition (SCADA) systems and then physically damage a critical station. Vulnerability scores (50 %–90 %) are assigned based on a qualitative assessment of each station’s physical exposure (underground vs. on‑road vs. shared right‑of‑way), passenger flow, security presence, and fare‑validation practices. Consequence incorporates passenger‑delay costs, operational downtime, and cascading effects on other MBTA lines (e.g., Red, Blue, Orange).

Simulation of the three scenarios yields distinct system behaviours. Random failures cause modest average service interruptions (≈2 h) and demonstrate the network’s baseline resilience. Targeted attacks on high‑centrality stations, especially a simultaneous knock‑out of Kenmore, Copley, and North Station, reduce overall connectivity by more than 60 % and eliminate viable alternative routes, leading to multi‑day service outages. The combined cyber‑physical scenario amplifies both recovery time and cost—approximately 2.5 × the cost of a purely physical attack—because the cyber intrusion disables signaling and dispatch functions, preventing rapid re‑routing even after physical repairs.

To translate these findings into actionable investment decisions, the authors construct a fault‑tree model focused on the Kenmore–Copley corridor. By varying the budget allocated to defensive measures (e.g., signal redundancy, physical hardening, intrusion‑detection systems), the fault‑tree quantifies the marginal reduction in risk. The analysis reveals a near‑linear relationship: each additional US $1 million of spending reduces the overall risk score by roughly 3.2 %. This provides a clear cost‑effectiveness metric for policymakers.

A return‑on‑investment (ROI) calculation compares the proposed security and resilience upgrades against MBTA’s annual operating budget. Assuming the recommended suite of upgrades (signal system duplication, hardened station structures, and enhanced cyber‑monitoring) costs approximately US $15 million, the model predicts a payback period of 4.5 years, driven primarily by avoided revenue loss, reduced overtime for emergency repairs, and lower liability exposure.

Finally, the paper maps the required cybersecurity workforce to the National Initiative for Cybersecurity Education (NICE) framework. The analysis indicates a need for 3–5 additional specialists in roles such as “Security Operations,” “Cyber Defense Analyst,” and “Systems Engineer,” each contributing roughly 200 hours per year. This represents a ~30 % increase over current staffing levels, underscoring the human‑resource dimension of resilience that is often overlooked in purely technical studies.

In sum, the study integrates graph‑theoretic structural analysis with a formal risk‑assessment methodology (MBRA) and economic modeling to deliver a multi‑layered view of the MBTA Green Line’s vulnerabilities. It identifies a concise set of high‑impact stations, quantifies how different attack vectors affect system performance, and offers data‑driven guidance on budget allocation, ROI, and workforce planning. The methodology is readily transferable to other urban rail networks, making the work a valuable reference for transportation agencies, infrastructure security planners, and policymakers seeking to bolster the cyber‑physical resilience of critical public‑transit assets.