Rail cybersecurity: The flipside of digitalisation
The importance of an effective cybersecurity strategy cannot be overstated in today’s digital rail sector to run a secure and sustainable mobility system.
As rail networks digitalise, risk exposure increases, reinforcing the need for a robust strategy to secure information, infrastructure and rolling stock. This requires adapted levels of cybersecurity by manufacturers and operators, compliant with security standards and with a comprehensive approach for new and legacy systems.
With a background in Mathematics, telecommunication and information technology, Eddy Thésée joined the railway signalling business 20 years ago in Alstom. After several positions in Information technology, methods and tools, and continuous improvement, he is leading the Cybersecurity for Alstom covering the products, solutions and services portfolio.
Besides waking up every morning to secure mobility for millions of people, chances are you will find Eddy at the stadium cheering on his favourite football or basketball teams.
Connect with Eddy on LinkedIn
There are three core uses of digitalisation in rail and each brings with it inherent cybersecurity risks.
- Firstly, command and control systems are at the forefront of digitalisation and are designed to regulate signalling and ensure safety.
- Rail traffic and operations, which focus on maximising efficiencies and safeguarding timetable adherence, are increasingly reliant on sensors, software, electronic communications assets and connected devices that require secure connections and data protection.
- Finally, there is the passenger facing applications, which relies heavily on secured interaction with central systems.
Cybersecurity pressure points
Digitalisation provides a wide scope of benefits across all three of these core operations, their interdependence on each other is critical to ensuring smooth operations. No one branch of the business can operate independently, nor can its cyber strategy operate in isolation.
Automation, heavily reliant on software, is an obvious example of increasingly digitalised operation that has significant implications for cybersecurity.
Alstom’s innovative signalling solutions are helping to revolutionise railway communications, by reducing trackside objects and making available more intelligence and functions into each train. Equipment that is retained trackside is now also “smarter” and more technologically advanced.
Digitalisation is also paving the way for more predictive maintenance, allowing software to identify faulty or failing equipment before it fails. This reduces the need for maintenance work, allowing maintenance staff to be redeployed to other areas of operation with staffing needs.
All these innovations, however, need to work hand-in-glove with cybersecurity strategies that protect data, software, connectivity, and the hardware that processes and manages it. More digitisation means more digital components and interconnections between systems, bringing with them more possible areas of exposure. In short, the “attack surface” is larger and potentially more exposed.
Cybersecure from the inside and outside
Alstom firmly believes that cybersecurity should be placed at the heart of a railway company’s culture of excellence. This involves not only developing cybersecurity expertise but aligning cybersecurity and rail operations teams. Training and development of a cybersecurity culture, compliant with the industry standards and regulations, creates a firm and common ground.
Besides being heavily involved in their definition and deployment, we address the entire cybersecurity lifecycle from the inside and outside by meeting the highest industry standards for information security, ISO 27001, international cybersecurity standard for industrial control systems, IEC 62443 as well as the specific railway standard: TS50701.
Managing the risks for new and legacy systems
Designs for all new Alstom projects prioritise cybersecurity alongside traditional engineering and safety considerations. All Alstom product development is undertaken on a "secure by design" basis, starting with a comprehensive risk analysis and an architecture framework that is heavily focused on integrating cybersecurity.
All systems developed, deployed, and maintained by the company are equipped with protection defined to safeguard operations against cyber threats. This includes implementing systems with design features that provide operators with the flexibility to make relatively easy and affordable modifications in line with future security needs. Railway operators must deal with a combination of new and legacy systems. It’s vital that these assets are included in a comprehensive cybersecurity strategy to minimise risk – both now and in the future.
The challenges are not insignificant: a poor design that does not guard against evolving cyber threats can compromise the safety and operational response of entire networks. The need for cybersecurity to be a day one consideration in the development of any new project is therefore stark. Cyber threats are constantly evolving – and so too should strategies to deal with those threats.