Evaluation of Risk and Resilience of the MBTA Green Rapid Transit System
Anil Kumar Gorthi
TL;DR
The study applies a network-based risk and resilience framework (MBRA) to the MBTA Green Line, condensing 70 stations into a 17-node graph and computing key metrics to identify critical nodes. It integrates MBRA-derived resilience with fault-tree budgeting to assess governance and ROI, and it analyzes cyber, physical, and combined attack scenarios centered on Kenmore to understand cascading effects. The work yields actionable recommendations for prevention and response, quantifies a 64% critical vulnerability threshold, and connects resilience improvements to workforce and funding considerations using NICE-aligned roles. Overall, the paper provides a structured approach for prioritizing security investments in urban rail to enhance public safety and service continuity.
Abstract
The Transportation Systems Sector is one of the sixteen critical infrastructure sectors identified by the Cybersecurity and Infrastructure Security Agency (CISA) and plays a crucial role in ensuring public safety, economic stability, and national security. The Massachusetts Bay Transportation Authority (MBTA) serves as the primary public transportation system in the Greater Boston Area, with the Green Line representing one of the oldest and most complex rapid transit systems in the network. This paper presents a network-based risk and resilience assessment of the MBTA Green Line using graph theory, network metrics, and the Model-Based Risk Analysis (MBRA) tool. The original 70-station Green Line network is simplified into a 17-node model, and key metrics, including degree centrality, betweenness centrality, eigenvector centrality, spectral radius, node robustness, and blocking nodes, are computed using Python-based analysis. Critical vulnerability is derived using the MBRA resiliency equation, and random, targeted, and cyber-physical attack scenarios are evaluated. The results identify North Station, Government Center, Haymarket, Copley, and Kenmore as the most critical nodes. A fault tree analysis between Kenmore and Copley further demonstrates the impact of budget allocation on threat reduction. This work highlights key vulnerabilities in the Green Line network and provides actionable recommendations to improve resilience against cyber-physical threats.