In this paper we present analysis of attack actions on the railway infrastructure based on the integrated model. The novelty of the presented solution is in combination of the component-based approach, which is used to detect attack vectors based on the presence of vulnerabilities, the semi-natural model, which is used to model vulnerabilities exploitation, the simulation model, which is used to analyze attack scenarios that are affecting timetable planning process and the analytical model, which is used to analyze multi-step attack scenarios. The integrated model also contains the model of attacker, which distinguish them by type of access to the railway infrastructure as well as by level of capabilities and resources. The integrated model is used due to the fact that none of the listed approaches can effectively analyze all classes of attacks, while combining these approaches allows one to represent various aspects of the investigated object and provides the ability for attack actions effective analysis. The proposed solution has a strong focus on security, which determines the main contribution to the research field. The objective of the proposed model is to increase the security of critical infrastructure by improving the quality of attack actions analysis. The correctness of the proposed model is validated by various application examples.