There are many actors involved in the railbound traffic in Sweden. The Swedish Transport Administration (Trafikverket) is the largest infrastructure administrator within the Swedish railway sector and is responsible for planning the railway traffic on the public rail network. Besides planning of the railway traffic and planning of the maintenance activities of the railway infrastructure, Trafikverket is also responsible for the operational management of the traffic. All these functions are dependent on a large number of information and controlling systems, which sometimes interact with other systems owned by train operators. It is critical that these systems work correctly in order to ensure that the railway traffic will run undisturbed. This report presents relevant actors within the railway traffic, performed on the railways owned by Trafikverket, how these actors work and what kind of information and control systems they use. Two types of systems, the train management system owned by Trafikverket, and the automatic train control system (ATC) have been identified as most critical for the rail traffic. They are therefore described in a more technical detail. From the technical descriptions, three potential vulnerabilities are identified; the possibility to inject malicious code into the train management system by 1) physical access of RTU:s or signal boxes, or 2) remote exploitation of an IT network that is used to read train paths from an USB, and 3) the possibility to deceive the ATC system by spoofing balise messages. Further studies are necessary in order to verify these potential vulnerabilities, to identify further vulnerabilities, and to identify measures that mitigate or reduce these risk posed by these vulnerabilities.