As rail networks digitalise, risk exposure increases, reinforcing the need for a robust strategy to secure information, infrastructure and rolling stock.
Strong protection mechanisms require adapted levels of cybersecurity by manufacturers and operators, compliant with security standards and with a comprehensive approach for new and legacy systems.
But as Alstom cybersecurity vice-president Eddy Thésée warns, there are inherent cybersecurity risks with all core digitalisation uses.
There are three main threats:
- Firstly, command and control systems are at the forefront of digitalisation and are designed to regulate signalling and ensure safety
- Rail traffic and operations, which focus on maximising efficiencies and safeguarding timetable adherence, are increasingly reliant on sensors, software, electronic communications assets and connected devices that require secure connections and data protection
- Finally, there is the passenger facing applications, which relies heavily on secured interaction with central systems.
CYBERSECURITY PRESSURE POINTS
“Digitalisation provides a wide scope of benefits across all three of these core operations, and their interdependence on each other is critical to ensuring smooth operations,” Thésée said.
“No one branch of the business can operate independently, nor can its cyber strategy operate in isolation.
“Automation, heavily reliant on software, is an obvious example of an increasingly digitalised operation that has significant implications for cybersecurity.”
Alstom’s innovative signalling solutions are helping to revolutionise railway communications, by reducing trackside objects and making available more intelligence and functions into each train.
Equipment that is retained trackside is now also “smarter” and more technologically advanced.
Digitalisation is also paving the way for more predictive maintenance, allowing software to identify faulty or failing equipment before it fails, Thésée said.
This reduces the need for maintenance work, allowing maintenance staff to be redeployed to other areas of operation with staffing needs.
“All these innovations, however, need to work hand-in-glove with cybersecurity strategies that protect data, software, connectivity, and the hardware that processes and manages it,” Thésée said.
“More digitisation means more digital components and interconnections between systems, bringing with them more possible areas of exposure. In short, the “attack surface” is larger and potentially more exposed.”
As a leader in railway transport, Alstom addresses the entire cybersecurity life cycle.
Alstom can help rail asset owners and operators undertake risk analysis and understand where their vulnerabilities lie and react proportionately. From building a new line to launching a new type of train or upgrading or operating their transportation systems, the cybersecurity architecture framework is defined by what operators want to protect, the likely impact of the risks and where they come from – the internal system, inside the supply chain or from external threats.
CYBERSECURE FROM INSIDE AND OUT
Alstom firmly believes that cybersecurity should be placed at the heart of a railway company’s culture of excellence.
This involves not only developing cybersecurity expertise but also aligning cybersecurity and rail operations teams.
Training and development of a cybersecurity culture, compliant with the industry standards and regulations, creates a firm and common ground.
“Besides being heavily involved in their definition and deployment, we address the entire cybersecurity lifecycle from the inside and outside by meeting the highest industry standards for information security, ISO 27001, international cybersecurity standard for industrial control systems IEC 62443, as well as the specific railway standard TS50701,” Thésée said.
Designs for all new Alstom projects prioritise cybersecurity alongside traditional engineering and safety considerations.
All Alstom product development is undertaken on a “secure by design” basis, starting with a comprehensive risk analysis and an architecture framework that is heavily focused on integrating cybersecurity.
All systems developed, deployed, and maintained by the company are equipped with protection defined to safeguard operations against cyber threats.
