cyber attacks

Protecting critical infrastructure from cyber attacks

As Australia’s rail sector has not been immune from the risk of cyber attacks, industry bodies are joining with government agencies to mitigate the ongoing threat.

In November 2016, The San Francisco Municipal Transport Agency was hit by a cyber-attack. The HDDCryptor malware spread across over 2,000 computers, meaning that the Agency’s network was opened up free for the public.

While the agency’s ability to provide transport across its fleet of light rail vehicles, streetcars, trolley and hybrid buses was not compromised, ticket machines, payment services, and emails were affected.

The hackers demanded a ransom of 100 bitcoin, equivalent to $102,644 at the time. This type of attack, shutting down a network’s computer systems and demanding a payout, is known as ransomware, and can be caused by a person simply clicking on an infected link in an email or downloading an infected file. The networked nature of large transport authorities means that this can quickly spread throughout an organisation.

While San Francisco did not pay off the hacker and was able to restore its systems by the next Monday, the hack was one of the most visible instances of how cyber threats are coming to the rail transportation sector.

Earlier that year, cyber criminals struck the rail network in NSW, targeting regional train services provider NSW TrainLink. Hackers were able to infiltrate the booking service and capture customer credit and personal data.

Unlike the San Francisco hack, this breach targeted a rail organisation’s repository of customer details, including things like bank details and personal information. The opportunistic attack exposed how people using the same passwords for multiple accounts can make a system vulnerable, and in this case, with rail operators having data on large numbers of people, others could be seen as a honeypot for potential attackers.

Western Australia’s Public Transport Authority was also targeted in an attempted attack in 2016, leading the rail agency to shut down its own website and websites for specific services such as Transperth to prevent further intrusions.

More recently, the number of cyber- attacks has been increasing. In May 2020, Swiss rail manufacturer Stadler reported that hackers had targeted the company hoping to extort a large amount of money and threatening the publication of data to hurt Stadler and its employees. Although not impacting production lines, the hack came a week after Australian logistics operator Toll also suffered a ransomware attack, the second that company had suffered in 2020.

A spokesperson for the Australian Cyber Security Centre (ACSC) reiterated comments made by Minister for Defence Linda Reynolds that malicious cyber activity against Australia is increasing in frequency, scale, and sophistication.

“Rail, and the transport sector more broadly, is part of Australian critical infrastructure and provides essential services to Australians,” the spokesperson said.

Ransomware attacks are becoming more common for organisations across the rail sector. As these few examples demonstrate, the reliance of all parts of the rail industry on digital systems means that cyber-attacks are not targeting any one sector of the industry. Furthermore, as large, often widely distributed organisations that deal with personal and safety critical information, the rail sector has many facets of the organisation that are involved with cyber security, not only in operational roles.

“A cyber incident involving critical infrastructure can seriously impact the safety, social or economic wellbeing of Australians, due to the significant disruption it can cause if the systems are damaged or unavailable for extended periods of time,” said the ACSC spokesperson.

This is not to suggest that the rail sector has been blind to the risk posed by cyber- attacks. In the UK, in 2016, the Department for Transport published the Rail Cyber Security: reducing the risk of cyber attack guidelines. In the document, the increasing threat of cyber-attacks in the rail industry is clearly stated.

“Railway systems are becoming vulnerable to cyber-attack due to the move away from bespoke stand-alone systems to open-platform, standardised equipment built using Commercial Off-the-Shelf (COTS) components and increasing use of networked control and automation systems that can be accessed remotely via public and private networks.”

These vulnerabilities leave the rail sector open to impacts of cyber-attacks, from threats to safety, disruptions of the network, economic loss, and reputational damage. The guidelines outline how rail organisations should respond, from the level of governance, through to design, the integration of legacy and third-party systems, and staff training.

As the spokesperson for the ACSC outlined, as rail reaps the benefits of digitalisation, there are also challenges.

“The rail sector is continually modernising through the adoption of new operational technologies. However, with this, comes potential cyber security vulnerabilities,” said the spokesperson.

“The increased adoption of inter-connected technologies has the potential to increase the cyber threat ‘attack surface’.”

In the case of passenger networks, bespoke systems such as electronic signage, ticketing systems, electronic passenger gates, building management and public address systems are areas of concern. In the freight sector, the interconnectedness of the industry and its automation contributes to the vulnerabilities the sector faces.

The exposure of the rail sector was highlighted in a 2016 Victorian Auditor- General report into the security of critical infrastructure control systems for trains. After a 2010 report identified weaknesses, the 2016 report found little improvement since then.

The reasons for the lack of progress were poor governance arrangement, limited security frameworks for control systems, limited security controls for identifying, preventing, detecting, and responding to cyber security events, and a poor transfer of accountability and risk during machinery-of- government changes.

In the Auditor-General report, 10 recommendations were made, all of which were accepted by Public Transport Victoria and the Department of Economic Development, Jobs, Transport and Resources, which has since been broken up into the Department of Transport and the Department of Jobs, Precincts and Regions.

Since the Victorian Auditor General’s report, moves have been made to standardise and improve the Australian rail industry’s cyber security response. In 2018 the Rail Industry Safety and Standards Board (RISSB) published its Australian Rail Network Cyber Security Strategy. Identifying similar threats, the document outlined the vision for the industry of the elimination of cyber risk, resulting in zero cyber-attacks on the Australian rail network. To do this, the strategy follows the principles of understand, protect, detect, and respond.

In addition, also in 2018, RISSB published AS 7770 – Rail Cyber Security, the Australian standard for managing cyber security risk on the Australian railway network.

To improve the response of the rail sector to the cyber security threat, ACSC provides sector-specific resources and materials.

“The ACSC is working with all critical infrastructure sectors to help them increase their cyber defences as well as transport sector entities through the ACSC Partnership Program.”

The ongoing adoption of industry standards as well as the implementation of sector-wide strategies will ensure that the rail industry continues to be prepared to deal with cyber attacks as the threats morph and change.

cyber security

Securing a digital railway

Siemens explains to Rail Express how digitalisation in rail requires a focus on cyber security.

On June 19, Prime Minister Scott Morrison warned Australian businesses and agencies that they were under a sustained cyber- attack from a sophisticated state-based actor. Rather than describing the nature of a singular attack, Morrison outlined the constant and ongoing threat that Australia’s critical infrastructure was facing.

This reminder of the cyber threat that Australia was facing aligned with what Serge Maillet, head of industrial cyber security, Siemens Australia and New Zealand, has observed.

“Over the past 12-18 months there’s been a significant increase in terms of cyber-attacks that Australia is seeing across all industries. This is happening world-wide but unfortunately Australia is among the top 10 countries being targeted.”

Based on data from the Centre for Strategic and International Studies, a US think tank, Australia is the sixth most targeted country for cyber-attacks, with 16 significant attacks between May 2006 and June 2020. The nature of these attacks is not leaving the rail industry unscathed.

“Any entity attempting cyber threats, also known as threat actors, are increasingly targeting a lot of our critical infrastructure. Rail is certainly part of that critical infrastructure,” said Maillet.

The types of attacks that are occurring are the intrusion of malware due to failed security controls, in many cases, due to human error.

“The reality is that the majority of organisations in Australia are going to be attacked at some stage. The only variables are the type of attack vector, the size of impacts and if the attack is going to be successful or not,” said Maillet. “If it is a successful attack, you want to make sure that you’ve got measures in place to be able to recover from those attacks and bring the critical systems back online as quickly as possible, while minimising any negative impacts on public safety or production.”

THE CONVERGENCE OF IT AND OT
What has made the rail sector and critical infrastructure particularly susceptible to cyber-attacks, and why governments are concerned is the convergence of what were previously two separate systems, information technology (IT) and operational technology (OT).

“While cyber-attacks have been able to target data in an IT environment, the interconnection of IT with OT opens the potential for threat actors to penetrate machines and processes, causing significant harm,” said Maillet.

“If we look at OT in the context of rail, it’s really about machines and process control. This could be rail signalling, rail control, automation, telemetry and more.”

Previously, these systems were insulated from cyber-attacks due to their lack of connection to external or untrusted networks. While IT systems were constantly being patched with new software, OT systems ran on their own proprietary technology, and did not require regular updates.

“Because of that there’s been a lack of focus from organisations on their own OT systems from a security perspective,” said Maillet. “Now that we’re seeing a lot of convergence and hyper convergence happening between IT and OT it’s creating a lot of new challenges, especially for industrial applications, and it’s increasing the risk profile of our critical infrastructure.”

In addition, while enterprise IT is expected to have a lifecycle of three to five years, OT devices are often expected to run for 20 years, if not longer. As these older systems are beginning to be integrated with the wider rail IT network through the process of digitalisation, safety critical technology is becoming increasingly vulnerable to cyber-attacks, said Maillet.

“The challenge from that perspective is that a lot of the legacy OT devices that are still in operation today for a lot of critical infrastructure were never designed with security in mind, because they were never intended to be converged with IT.”

While digitalisation promises and has delivered many benefits to rail networks, the issue of cyber vulnerability and exposure are sometimes overlooked, and the cost of digitalisation is only accounted for in financial terms, not in terms of cyber security, cautioned Maillet.

With more devices than ever connected to the rail network, organisations must be vigilant about security

THE CONSEQUENCES OF DIGITALISATION
To some, the solution may look simple. Why not just update the software that runs these safety critical systems, or install the latest security patch? This is easier said than done, Maillet points out.

“In OT infrastructure the priority is always going to be to maintain the safety, reliability, availability, and integrity of those platforms. So, when you look at putting in a new patch or making a configuration change, that will always introduce potential risk to jeopardise the availability or performance of that system. Often, these elements will take priority over the actual integrity of the system.”

That’s not to say that the patches are not available. Many OT systems run on operating systems such as Microsoft Windows, which have has regular security patch updates to account for vulnerabilities identified in the system. Trying to find a time when the system that controls a rail network can be taken offline for an upgrade is tricky.

Another limit on the possibility of upgrading these systems is the potential for human error. Stephen Baker, head of product innovation and through-life support at Siemens Mobility says that this leads to a bunker-like mentality.

“The problem is that you end up with an infrastructure that is safe and reliable, but you can’t do anything with it, you can’t run analytics, you can’t do downstream processing. The convergence of OT and IT can’t be put on hold.

“Let’s face it,” said Baker. “You can imagine what would happen if all of a sudden you stopped running trains in Melbourne or Sydney because the operation of a vital network has been compromised.”

DEALING WITH AN EVOLVING THREAT
To mitigate the threat of a cyber-attack while still reaping the benefits of digitalisation Siemens have developed a full cycle of expertise that is focused on the people, processes, and technologies that can keep a rail system functioning.

“Industrial security, which includes rail security, is really a dynamic topic. Because the risks are constantly evolving and changing in nature, it’s creating a lot of challenges. So, our job at Siemens is to help our customers better understand where those vulnerabilities are and what types of solutions are best to maximise the security posture of a system,” said Maillet.

When working in the rail industry in particular, Siemens have developed solutions designed for rail.

“When we look at mainline train systems or metro systems, we know that they are deploying a lot of Industry 4.0 technologies, a lot of digitalisation, which is increasing the operational efficiency and reliability of those systems,” said Maillet. “We also have to ensure that we implement technologies that enhance cyber security for the network that the trains systems operate on, as well as the control systems that manage the rail infrastructure.”

With 90 per cent of successful cyber- attacks due to human error, the solution must begin with people.

“We know that even if you have all the right technology put in place, if your people do the wrong thing due to lack of awareness or not having the right level of training in cyber security, then that’s likely to expose a vulnerability,” said Maillet.

“Sometimes it’s as simple as plugging a USB into a computer. If it’s a computer asset in an OT environment, that USB could easily introduce a vulnerability. Another common breakdown is when someone clicks on an email that they shouldn’t which can create a virtual doorway for a threat actor to bypass the security measures that have been put into place to protect critical assets.”

The next step is the processes. In a rail organisation these processes could include how staff fix issues, how assets are managed and what procedures are in place to ensure that assets are maintained securely.

The final piece is the technology, and here Siemens is working on solutions that can enhance the secure digitalisation of rail. Andrew Chan, development engineer at Siemens Mobility’s Centre of Excellence, describes how the company is looking at extracting information from a digital rail asset without the potential risk of exposing it to external attacks.

“A data diode basically allows data to flow in one direction and in that way, we can safely get safety critical information from our axle counters and interlockings out into the IT environment. That’s where we can do amazing things with data.”

Other technologies that Siemens are deploying include edge processing for intrusion detection, and cloud services to mine data for cyber security analytics.

Servicing all areas is an example of Siemens’s distinct approach, said Baker.

“We’re probably one of the few total solution providers – we design the interlocking hardware, we design the control systems, all the network requirements and defences are part of the safety case, we design the networks and even the analytics, so every layer is internal. We’re one of the few organisations that can give you everything from broad level design of the signals and the railways, right through to the cloud analytics which tells the asset owner how the infrastructure is performing.”

While Siemens has a number of areas of the business which deal with rail cyber security, its industrial security services provide the hardware and software services, as well as professional services to rail customers.

These industrial cyber security solutions are provided across three key pillars, security assessments, security optimisation, and security management, all underpinned by holistic approach to industrial security, known as the Defence in Depth security framework.

“Defence in Depth is having as many security measures and layers in the infrastructure as possible based on well-known security best-practices and frameworks. It provides us the ability to have a depth of staggered defences in infrastructure,” said Maillet.

As Australia grapples with the increasing cyber threat, increasing resilience will be a key factor in the success of the digitalisation of rail.

Trapeze

A deep understanding: Trapeze’s EAM solution for rail

Designed with the rail worker in mind, Trapeze has an EAM solution built for the transportation industry.

On the walls of the asset management facilities for the Massachusetts Bay Transportation Authority’s (MBTA) commuter rail services a sign in 2-inch high font reads, “If it’s not in Trapeze it never happened”.

Across the 13 commuter rail lines that operate under the MBTA, asset management is conducted through Trapeze’s enterprise asset management (EAM) platform. Used by six of the top ten largest rail networks in the US, the program provides a single source of truth for all assets within a rail organisation. Making this system successful, however, depends on it being adopted by all stakeholders throughout a rail network operator, making the second line in the MBTA banner even more important: “FEED TRAPEZE”.

Having maintenance workers, technicians, and engineers use a system such as Trapeze by nature, is one of the top three issues for the successful deployment of an enterprise asset management solution, noted Brett Koenig, industry solutions manager (enterprise asset management) at Trapeze.

“It’s a tool that at a large rail property will directly be used by, in many cases, hundreds of staff, if not thousands of staff,” said Koenig. “If we take one example in North America, Chicago Transit have 2,000 technicians that use our system every day to fix rollingstock assets, so that topic of what we call ‘change management’ or ‘cultural change’ is a really important one.”

To make the use of EAM second-nature, Trapeze has been designed with the rail worker in mind.

“The first thing, from a product perspective, is having a system built for the industry that is just drop dead simple for end users. If we talk about a technician fixing a railcar, most people in maintenance would agree they don’t want those guys messing around in computer systems any longer than necessary. What they want is for the system to help them do their job, by telling them about repeat problems, by quickly showing them the work history, by looking up parts, but then to be able to swiftly get back to fixing the asset itself.”

Trapeze provides EAM specifically to the rail and transportation industry and is designed to ensure that all rail network assets are operating in a state of good repair through intelligent asset management. The solution allows asset managers, owners, and capital planners to evaluate their equipment from a whole-of- lifecycle perspective and make evidence-based decisions about when to repair an asset, when to upgrade and when to decommission.

“The capital planning tools allow asset owners to be able to see where this physical infrastructure is in terms of its remaining useful life and then make good business decisions around whether it is cost effective for us to rehabilitate this particular series of railcar to extend their useful life, or should we replace them all together, based upon how they’ve been performing,” said Koenig.

In a shorter timeframe, Trapeze can also monitor and schedule daily maintenance through work and materials management to keep safety critical assets in safe working order.

While these and other similar functions are common to many asset management tools, Koenig highlights that Trapeze is built by and for the rail industry.

“What sets us apart is understanding the workflows and the roles within a rail enterprise at a deep level. If you take our work management capabilities, we built from the ground up screens designed specifically for rail supervisors, technicians, materials management, and parts clerks based upon how they interact.”

Beyond the workshop, Trapeze also has mobile capability for track workers and facilities maintenance. This enables Trapeze to encompass the complexities of a railway organisation, with both discrete and linear assets which can be at various stages of digital maturity.

“It’s not only just the vehicle side, as critical as the vehicles are, but it’s also the track and wayside infrastructure and the facilities and building maintenance. Across all of those areas you’ve got smart infrastructure and what we do at Trapeze is define the assets properly from the get-go, not only defining their master asset records, but the full engineering-approved configuration of those assets,” said Koenig. That gets into things like the parent/child relationships, the serialisation, and the other types of attributes that are critical for the assets to operate safely.”

Across such a broad array of different assets, made by any number of OEMs, Trapeze has a flexible tool that can receive data and interface with the digital components to provide real- time information on an asset’s health.

Recently, Trapeze was deployed on the Denver commuter rail network, and, being a greenfield deployment, was able to notify operations management in real time of any emerging faults in the system.

“We built a full integration with all of their SCADA systems as well as their onboard fault codes,” said Koenig. “The beautiful part about that is they’re being notified in real time about these problems before the component failure happens. As the fault occurs, it’s triggered into the EAM, the appropriate maintenance personnel are notified, and they can immediately get on it.”

Keolis Boston has made Trapeze second nature to rail maintenance staff.

A SINGLE SOURCE OF TRUTH
Until recently, preventative and corrective maintenance was often carried out in silos. This limited the ability of railway operators to see trends within their maintenance data that could be used to schedule risk-based maintenance programs in rollingstock and track assets. Having a system such as Trapeze in place combines asset divisions, whether it be rollingstock, track, signalling, or facilities management to be able to extend the life and value of an asset.

“All of that data can be used to make better decisions around risk based maintenance, which assets are performing better than other series or other manufacturers’ assets, which ones should we be decommissioning sooner, versus which ones should we be extending the life of because it’s a high-quality piece of infrastructure that we want to keep going,” said Koenig. “All of that comes down again to the single source of truth and underscores why you really want to start with a solution that has the ability to track everything.”

To improve financial outcomes, maintenance workflows can be linked to purchasing decisions through integration with an enterprise resource planning (ERP) system.

To improve operational outcomes, ensuring that maintenance is being conducted in a synchronised fashion stops bottlenecks from occurring when a system reaches a critical safety threshold.

For Australian commuters, this was illustrated in 2019 when an escalator linking platforms 9 and 10 at Southern Cross Station, in Melbourne, broke down, causing overcrowding as the escalator took over a week to fix. According to Michael Scollo, industry solutions manager (enterprise asset management) at Trapeze, this can happen when a system doesn’t have a holistic view and interface with all of the asset classes that need to be managed and maintained in a rail network.

“You can have great business processes for maintenance of way and rollingstock but overlooking a mechanical asset such as a lift can cause downtime for two weeks in a specific train station.”

Understanding that these systems are inextricably linked in a system such as a rail network is what distinguishes Trapeze, said Koenig.

“In rail, the assets and workflows are so complex that the model that we see working most effectively is a best-of-breed model where the folks in asset management and maintenance get a tool that is tailor made for what they do and then that tool set is integrated with the ERP system.”

In contrast, said Ben Dvoracek, general manager of rail, Australia and New Zealand for Trapeze, attempting to apply a non-rail specific ERP system to manage maintenance won’t cover the complexity of rail maintenance. In addition, while the system may be up to date when deployed, a non-rail specific solution cannot account for the changes within the rail industry.

“One of the things that we have seen is when an ERP system is deployed for finance or HR a decision can often be made to customise the ERP solution to support rail maintenance and asset management activities. Although the system can be adapted to do good things, when you’re not investing consistently into rail maintenance functionality and because it isn’t built for rail maintenance staff, the system usage and operational efficiency drops.”

DEVELOPING FUTURE CAPABILITIES
To keep users up-to-date with the latest Trapeze has to offer, the company provides regular updates that draw on the best practices of global rail organisations. User organisations are able to vote on the most needed upgrades, which are released in new versions of the software. In addition, to keep users making the most of the improvements in functionality, Trapeze delivers training and refresher courses for new staff as generations turn over within a rail organisation.

Currently, said Koenig, Trapeze is looking into releasing a network restrictions capability before the end of 2020.

“Essentially it’s a capability for maintenance and operations to both track any areas along the alignment that need to be operating at a slower speed than it was normally designed for. We’re going to provide the ability to track those slow zones on the screen of the track manager who can see the assets in the linear reference system including all of the work laid out on an embedded map.”

Other future rail-specific improvements include track possession modules, linear visualisations based on geometry measurement, all highlighting how the tool is an EAM designed for rail.

Click here to learn more about the Trapeze Enterprise Asset Management Solution.

Read more

TMS supplier selected for Digital Systems program

Siemens has been announced as the successful tenderer for the supply of a new Traffic Management System (TMS) for Sydney Trains.

The TMS is part of Transport for NSW’s Digital Systems program, which involves the replacement of traditional signalling with European Train Control System (ETCS) level 2 in-cab signalling. The program also involves the implementation of Automatic Train Operation (ATO) to assist drivers to provide reduced and more consistent journey times.

The $80 million TMS will continually monitor the position of all trains, to ensure trains run as scheduled and to assist with responses if incidents do occur.

Minister for Transport Andrew Constance said that the TMS would improve the Sydney Trains network.

“This is an important step in the process of upgrading our network with internationally proven technology that boosts safety, capacity, reliability and enhances the customer experience,” said Constance.

“Sydney’s heavy rail network is the backbone of our public transport system and it’s crucial we have the latest systems and technology available to serve our customers well into the future.”

The TMS will be operated from the Rail Operations Centre (ROC) in Alexandria, and integrate with other operational systems used by Sydney Trains.

The first deployment of Digital Systems will be on the T4 line from Sutherland to Cronulla and Bondi Junction to Redfern. The deployment of the system to other parts of the network is currently being planned.

Once the system is fully rolled out across the Sydney network in the 2030s, Digital Systems will allow for greater utilisation of the rail network, more reliable services, reduced journey times, and enhanced real-time information.

Designing smarter solutions: 4Tel’s AI innovation

4Tel is working to bring the latest in artificial intelligence technologies to simplify the uptake of condition monitoring.

In a report prepared for Infrastructure Australia ahead of the first Australian Infrastructure Audit, consultants GHD surveyed the maintenance needs of all major categories of Australian infrastructure. When it came to rail, the report found that maintaining Australia’s diverse rail networks was a high priority and in regional rail in particular there was a high likelihood of a coming maintenance gap.

For the regional rail networks, the combination of competition with road freight and existing infrastructure reaching the end of its useful life left much of these networks facing maintenance issues. As the provider and maintainer of train control technology for the Country Regional Network (CRN), Newcastle-based software and hardware engineering firm 4Tel is on the front line of developing innovative technology solutions that provide the ability to bridge the maintenance gap.

General manager of control systems Graham Hjort describes how condition monitoring has been enhanced on the Country Regional Network through application of an Internet of Things (IoT) approach.

“The I/O ports on selected field signalling and telemetry assets are connected to a modem which connects the ports remotely back into a central asset management system called 4Site, which then allows the health of the asset to be interpreted and, if need be, alarms or reports triggered based on the information received from the asset.”

The process also allows changes to be directed back to the field asset by the reverse connection to change selected settings.

“Another way in which condition monitoring has been improved is through improved analysis of information from the field sites,” Hjort continues. “One of the typical functions that 4Site is able to perform is a real time analysis of how long it takes a set of points to move between positions. If the time taken for those points to move and lock into place is above an acceptable threshold, an alarm is raised via 4Site and an appropriate course of action initiated.

By tapping into the existing telemetry, for remote connectivity, 4Tel has been able to remotely control field assets and their reporting without the need for any additional communications hardware. When you start to talk about return on investment, it is minimal outlay, maximum return.”

While this approach to condition monitoring has its benefits, unless maintenance providers use asset condition information as part of their infrastructure maintenance practices, then the benefits may be illusory.

Many physical rail assets are unable to provide an interface for health information, however 4Tel is using emerging technologies to solve this issue. In 2018 4Tel partnered with the University of Pretoria, South Africa, to understand the role that Artificial Intelligence (AI) and Machine Learning (ML) could play in remotely identifying and assessing the health of rail infrastructure. This relationship, along with an existing relationship with the University of Newcastle, NSW, has proven fruitful by providing a platform for researchers to practically apply their work to solving current issues facing one of the largest industries across the globe. With students from these universities, 4Tel is exploring how AI will improve operations for both train operators and rail infrastructure maintainers.

AI is able to mine data collected by cameras

4Tel’s senior artificial intelligence scientist, Dr Aaron Wong is part of the 4Tel Artificial Intelligence Engineering team that includes staff in Australia and internationally. He also continues his work as a conjoint lecturer at the University of Newcastle.

“The use of AI not only can assist in the identification and analysis of defects and faults, but it can also help to reduce cost and risk by allowing the AI to trudge through the data to identify the areas of concern,” said Wong.

Putting these software-driven solutions into practice has also enabled 4Tel to take condition monitoring beyond signalling and cover a broader range of rail infrastructure.

“AI allows us the ability to move beyond track circuits, points, and interlockings for condition monitoring. AI can be applied to rail, ballast, sleeper, and structural defects,” said Wong.

With rail maintenance vehicles and trains travelling across the network, 4Tel is developing a suite of sensors and cameras which are able to easily be fitted to a range of vehicles to provide continuous monitoring of rail condition. The aim of this project is that faults are able to be identified in real time, geo-located and tagged, and then reported back to a maintainer, said Hjort.

“What we are aiming to do here is detect where the fault is or is developing, and if needed, send the maintenance team information about the defect to allow them to conduct their initial assessments before they’ve even left their depot.”

Wong highlighted that ML teaches the AI system the different characteristics of a fault or defect.

“Then the system will be able to utilise that learning in future assessments to identify these faults as they develop over time,” he said.

The introduction of AI into the rail industry in Australia is just beginning with practical applications across a range of environments.

“4Tel’s AI solution allows for multiple inputs into our AI and Machine Learning application. We are able to cater for all the different environments that impact rail operations including in areas of low light such as tunnels, fog, and other challenging spaces including those with high traffic, with the aim of reducing people in the corridor.” said Wong.

“Once the information has been captured through the sensors and/or cameras, the AI processing mines through the data that is collected and then provides detailed assessments to the maintenance provider on the state or the health of the asset,” he said.

AI can significantly shift the rail industry in Australia to more proactive maintenance structure. While this is an example of 4Tel using AI to monitor the health of rail infrastructure, the application of this technology also extends to the above rail operations.

Railway networks and train operations are going to be extensively impacted by AI-based innovation over the current decade and in the future.

Agility

Agility for rail: Delivering on data

SSG Insight is delivering Agility, a modern CMMS with unique functionalities designed for the complexities of transportation.

Computerised maintenance management systems (CMMS), which record an organisation’s maintenance and asset management regimes have a history of over three decades. While the digitalisation of railways and transportation networks may have emerged as a talking point in the last 10 years, the digital management of maintenance procedures and asset history is much longer.

One company that has been on this journey since the early days is SSG Insight, which began 35 years ago offering its CMMS platform, Agility to the transportation and facilities management sectors.

James MacPherson, CEO of Asia Pacific and Canada for SSG Insight, describes how the company’s software has evolved.

“We started out providing a pure CMMS system, but over the years that’s morphed into a smarter integrated workplace management system. We provide maintenance management systems, performance management systems, and enterprise workplace management systems around the globe and specifically to the rail industry.”

As CMMS systems have grown, they have become much more than a log of maintenance requests and a record of actions undertaken. Today, the systems can be used to drive condition-based monitoring schemes, by interpreting asset data. This enables the platform itself to schedule work orders, provide condition assessments over an asset’s lifecycle, and monitor inventory levels and purchasing.

While these functionalities are common to many industries, including manufacturing, distribution, and utilities, for the rail sector, Agility takes the insights from the CMMS software and matches these to contract outcomes for transportation service provides.

“What we offer on top of a standard CMMS is performance management,” said MacPherson. “We can configure the system to self-manage the contracts.”

For transportation networks run by a private company under a contract with a municipal or regional transport authority, maintaining accurate and transparent maintenance logs is a key contract requirement. What Agility enables the providers to do, is automatically calculate maintenance or asset events against key performance indicators such as kilometres served or trips completed.

“In those scenarios the onus is on evidence and transparency, so those calculations around lost kilometres and trips, as an example, enable the contractor who’s running the transport network to be able to evidence why they may have lost kilometres on trips. This is specific for the rail industry, and it’s been developed especially for rail clients,” said MacPherson.

Agility provides real time dashboards that match a client’s needs.

OVERCOMING THE CONSTRAINTS OF LEGACY SYSTEMS
For the rail industry, implementing a smart CMMS system requires access to data being produced by an array of legacy systems. With experience deploying Agility on both brand- new systems opened as recently as 2019, and historical systems that were first horse-drawn and have been operating since the 19th century, SSG Insight knows how to collate data from a diversity of sources.

The different histories of different transport systems mean that data is not always organised in a way that is immediately interpretable and actionable.

“Specifically in the rail industry, we will sit down and discuss the legacy systems that operators have, the constraints that they have in terms of data and where servers are located, all of those types of things, because there’s a real mixed bag of rail systems out there.

One of the key offers to the rail industry is a consultative, outcomes-based approach,” said MacPherson.

With data often siloed into different areas, the effectiveness of a smart asset management solution is dependent upon getting disparate systems to talk to one another. In addition, distinct areas of operations may have their own, existing maintenance management systems, which will not be integrated across a network’s operations to be able to provide transparent information. SSG Insight has overcome this with its product Agility Connect, which can take data from any system, interpret it, and create an action.

“One of our recent examples is looking at creating a data-lake from lots of different systems and then analysing that data-lake and bringing those actionable insights back to the client from multiple systems,” said MacPherson. “That SCADA system there may not talk to anything, or if does talk to something, it’s got to go to a server behind 10 firewalls and it’s got to be housed in a room full of lead. But now, with a true software as a service (SaaS) deployment in secure Microsoft Azure, you have a huge amount of flexibility.”

Just like each area of operations may have its own data and control systems, in a complex transportation network there are multiple subcontractors or parties contributing to a network. By bringing data from these parties together without needing to replace each system, SSG Insight can provide a comprehensive look at a network’s assets and operations.

“We’re working on one project at the moment where there’s five CMMS systems, which clearly is untenable. So, what we do is we’ll assist with the service companies and the subcontractors with the issue of having multiple systems by creating a flexible and fully interpretable system,” said MacPherson. “If the individual CMMSs can’t go anywhere then we’ll just become the master of information and the master of the contract, so we’ll just integrate with them and pass the information back.”

In Nottingham, Agility is used by over 100 users.

IMPLEMENTATION
Knowing that no two transportation systems are the same, SSG Insight has developed Agility to be flexible to the needs and requirements of each mobility network, without the need to create a bespoke product each time.

“We don’t have to go to our development team and say, ‘Can you produce this for us?’ We have it all built into the configuration of the system so you can take the unique contract and build it in without having to change the commercial off the shelf (COTS) product,” said MacPherson.

“The system is designed by the users, for the users. All of the screens within the system ensure that the workflow is efficient and reduces repetitive entry, and then from that triggers the right set of actions for groups of individuals or the board or whoever, to be able to look at trends, analysis, whatever it might be.”

Agility has recently been deployed by Edinburgh Trams, a 14 kilometre, 16-stop network between Edinburgh Airport and the city centre. Here, an incumbent CMMS system had to remain in place, so Agility was overlaid on the system to take work orders and completion details created in the incumbent system and measure and track these actions in Agility against the operator’s contract.

“What will happen is we’ll take the asset register from the existing CMMS and then place the contract against it. Then we will feed that information back to the existing CMMS once the job is completed,” said MacPherson.

Automating the reporting of these tasks has a direct outcome by reducing paperwork and multiple handling, a tangible outcome for the client. By building KPI measurements to system requests, tasks are directly and automatically associated with reporting requirements, often replacing several manual processes.

“The system is built around the client,” said MacPherson. “We will sit with them and ask what is the process at the moment, and we’ll map that out and see that 70 per cent of that you can get rid of, because we can fully automate it. We can put it against the contract, and we can make it transparent, and we can make it auditable and you can see it in real time on the dashboard. Once we go through that process, we find that there’s a tangible sense of ‘Can you get it done tomorrow?’”

In Nottingham, where Agility has been deployed on the tram network for almost
10 years, the system is used by 135 users on 24/7 shifts. The platform collects passenger feedback, is used by service teams on mobile devices, and is the central control room log, making it the reference point for all operational event.

“We’ve gone from being a CMMS, to doing passenger feedback and then adding on to managing service-level agreements (SLA) and seeing which workflows can be improved or changed. The thing about Agility is that once a workflow is in the system it’s not fixed. If you suddenly realise that actually you could improve it then a customer can do it. They can change the question sets, they can change the notifications, they can change the steps that occur and if the contract changes, they can adjust in the performance measurement straight away,” said MacPherson.

Having the backing of a history of developing CMMS systems with the ability to continually innovate, Agility enables transportation to reap the benefits of the ever-expanding collection of data.

crew

Beat the clock: Maximising rail crew hours of service

Long hours for rail crew and continuous operations are the norm in the rail industry and especially so in today’s challenging times of unpredictability. The Federal Railroad Administration (FRA) estimates fatigue is a contributing factor in 25 per cent of serious train accidents caused by human factors. In addition, contact tracing have become the new normal.

Are you able to ensure the safety of crew members who may have co-located together in a cabin? If a crew member falls sick, will you be able to implement contact tracing quickly?

Download this whitepaper to learn how you can truly get ahead of the competition with an intelligent, integrated planning and optimisation solution that provides complete visibility into the hours-of-service limits and real-time decision support. By adopting an intelligent approach to workforce management can transform your business and give you a competitive edge.

digital twins

Going from data to insights: The value of a digital twin in rail

Using a digital twin to drive operational decisions when it comes to maintenance is about turning what could be a cost into an asset.

By 2025, the world will be creating 175 zettabytes annually, according to market research firm IDC’s Data Age 2025 report. To put that in context, one zettabyte is equivalent to one trillion gigabytes. How rapidly this data is growing can be demonstrated by the fact that in 2012, only one zettabyte of data existed.

But, with all this data being produced, how much of it is actually useful? While a rail organisation is only a small proportion of the global data total, according to Andrew Smith, solutions executive responsible for Bentley’s Rail and Transit solution, they are still producing a significant amount of data.

“Rail organisations typically are very data rich,” said Smith. “They’ve got a large number of asset disciplines because it’s a huge complex system and each of those asset disciplines has a number of inspection and measurement mechanisms that can produce data.”

This data on its own, however, is not yet a useful resource.

“Data is a discrete fact about something,” said Smith. “For example, the distance between the left and right rail at this location is X, but data is no use to you when you’re actually trying to either work out short term what you’re going to do or longer term what may happen in the future. What you need to do is start a transformation process, so the first step of that is to go from data to information, which is data in context with meaning attached.”

Giving data its context turns what can be seen as a cost, the accumulation and storage of data, into a resource, information that can be used to make a decision.

“In order to be able to do that, you need to have a framework in place that allows you to pull all the different classes of data together, such that you can see all of that data in context,” said Smith. “And to me, that’s at the heart of the digital twin.”

Digital twins are a replica or model of a system or asset that can be used to take the information that a rail organisation has, in the form of data, to create insights, that are conclusions drawn from data and information.

“When you bring all this information together, the digital twin can tell you how as well and why things are happening, and it can give you contextual history,” said Smith. “The digital twin can give you design intent information that you wouldn’t necessarily have otherwise, as well as the as-constructed record. Critically, a railway is a system, it’s not just a set of isolated components, and what a digital twin allows us to do is understand specifically the relationships between those components and how they can be affecting each other.”

While digital twins are widely used in many fields, including construction and manufacturing, they have a distinct role to play when it comes to the maintenance and management of rail assets. As the complexity of operating a railway requires various departments covering different skills and mandates, applying a digital twin can overcome the data and organisational silos. Smith, who has been working in the rail industry for over 20 years, highlights one way in which this can be applied.

“For anywhere that’s got overhead electrification for example, if you’re on ballasted track you can move the track from side to side through maintenance, but you need to maintain the relationship with the overhead wires, but these are often managed by two different teams. The digital twin will manage by design the relationship between the two. The maintenance records, where you’re going to go, and the type of maintenance you’re doing means that there is a chance that you will actually introduce a change to the overhead wire relationship. Therefore, you need to tag that work order as needing somebody to go out and actually measure the overhead wire relationship as well, whereas historically that relationship wouldn’t be as tightly coupled.”

Digital twins can give meaning to the vast amounts of data produced by railways.

DESIGNING A RAIL-BASED DIGITAL TWIN
Getting to this level of maturity with a digital twin takes a deep understanding of how a rail network operates and how best to design a digital twin that fits the reality of a rail organisation. Bentley, as part of its portfolio of solutions in the rail and transit space, has experience working with rail operators around the globe to design and deploy digital twins. From this experience, Smith highlights, the usual understanding of what a digital twin is can be re-evaluated.

“Normally if you think about a digital twin you actually start with a four-dimensional model, however railways often don’t think in terms of XYZ axes. They tend to think in terms of linear distances with lateral and vertical offsets and that drives the way that measurements are made, the way that inspections are made, but also the way that maintenance is actually managed. If you’re sending someone to go out and do some tamping along a piece of track, you don’t send them to an XYZ coordinate or a latitude- longitude coordinate, you’ll send them this many metres past kilometre post seven on such and such a track.”

With this in mind, Smith suggests that digital twins in the rail space can be more useful if they are designed to fit the way that railways are understood. Then, the data that makes up the digital twin can be overlaid on the representation of the network. When needed, for example at a station or in yards, this data can be visualised as a three-dimensional model, but linear visualisations may be more appropriate for a section of track.

To get to the point of having a representation of a rail network, a large amount of data will have to be collected and interpreted. As managers of an array of legacy assets, rail organisations can turn to the use of artificial intelligence (AI) to sort and organise the vast streams of data, said Smith.

“One of the challenges that we see with a digital twin for a lot of brownfield sites in particular is that there are a large number of assets in place that are not being represented digitally. Being able to use image recognition or identifying features from reality meshes and then being able to put an attribution against them is a great use of AI to be able to identify where the assets are.”

With this data in place, the twin must be maintained and kept up to date. With networks spanning across hundreds of kilometres, rail organisations can use automated surveys of a network to provide the constant data upkeep needed.

With the digital twin now operating as a living representation of a rail network, defect detection can be done in a way that gets to a root cause, rather than just addressing individual issues. One example, that Smith describes is if measurement scans identify vertical deterioration. A digital twin would then allow for a cross referencing against other assets that are in place, to see if there is a culvert on that section of track.

“Then I’m not going to send a tamper out,” said Smith. “The first thing that I’m going to do is send a crew out to inspect a culvert to see if it’s collapsing over time. The next thing I might want to do there is ask, if I’ve got twin track, am I seeing the same deterioration on both tracks? Normally they’d be considered in isolation, separate from each other. Then I would ask, has any maintenance taken place at this region? That’s not just maintenance of this asset, but all maintenance records, so I could say, ‘Hang on, someone actually went in there and did some maintenance work on the drainage in-between, but it happens to be in an area that’s close enough that it could’ve had an unexpected knock on onto the condition of the track.’”

These kinds of insights can only be gained through the kinds of insights a digital twin is able to offer, by bringing together disparate data and putting that data into context.

DRIVING THE SOLUTION
While a digital twin may seem like a laudable goal on its own, according to Smith, the implementation of such a tool only makes sense when a rail organisation has identified what are the issues that it needs to solve.

“The driver here is not a technology change. The driver is to change the way of working, so an organisation has to first understand its current working practices, where the efficiencies and inefficiencies are, where the limitations and constraints may be, and then we can understand the aspirational state, where they actually want to be at some stage in the future.”

Implementing a digital twin begins with understanding the process of going from a current state to an aspirational state in the future. Rather than jumping in straight to a predictive maintenance solution, the first step may be to identify where the current most significant issue is, with a plan or vision to have a predictive system at a point in the future. Understanding where the technology is going to be implemented comes down to working with the people who are going to be using the software.

“It is absolutely critical that those people are engaged right from the outset, not just the management but the end users,” said Smith.

To get people on board, Bentley has used model offices where representative users are invited to be involved in the design process and give their insights into the particular challenges they face.

“Then there’s buy in,” said Smith. “There’s engagement at that side, which means that the final product is a tool that the engineers have designed and set up to help them do their job better that means they’re positive about the tool and they’re positive about the process change that’s in place to be able to do it.”

Rather than success looking like a piece of software that is installed to contract specifications, Smith outlines how in developing a success plan for the implementation of the software, the outcome is about delivering value.

“Owner operators of railways aren’t installing these systems because they like technology. Technology is an overhead to them – it’s a cost, an expense, and it’s a risk, so the only time that it’s worth doing is when they can show that the value is greater than the cost associated with it, so what we’re moving to is making sure that the focus is now on the value to the users instead,” said Smith.

“You can look into the future and run ‘what if’ scenarios. So, I’m going to increase the tonnage over a particular length of rail and I’m going to run a simulation of what that’s going to do to my rail replacement strategy that I have in place. We can use AI on top of this to look both tactically how do I optimise right now, where do I best spend money, but also starting to look further out by running simulations and trying to predict what the impact the change is going to have.”

This value can be defined in any number of ways, but as Smith highlights, it is the process of creating insights out of data.

Making the call: tm stagetec’s centralised audio control system for Sydney Trains

In a world first, tm stagetec systems have implemented a centralised, real time audio control system that spans the entire NSW rail network.

At dawn on April 25, 2020, the Last Post played out at every train station in NSW. While regular Anzac Day services were called off due to coronavirus (COVID-19) restrictions on public gatherings, essential staff working for Sydney Trains and Transport for NSW paused to remember those who had died

in war as the Last Post played across the stations’ public address systems.

This was the first time that the bugle call was played at the same time across the Transport for NSW network and was made possible thanks to a centralised audio system that tm stagetec systems has recently installed for Sydney Trains.

In addition to the Last Post, 100,000 announcements are played every day across the system, which is orchestrated from the Rail Operations Centre (ROC) in Alexandria, which was opened in 2019. As Mark Lownds, general manager of tm stagetec systems explained, the centralised operations centre also brought together audio announcements that are played out around the network.

“As part of the project, Sydney Trains wanted to centralise a lot of the operation of the system and a big part of that was to put all of the controls of the audio systems into the operations centre.”

From the ROC in Alexandria, operational staff can make announcements to individual platforms anywhere in the system, as well as state-wide announcements. This is in addition to scheduling regular announcements.

Previously, just as rail operations were controlled from a number of separate centres, so were audio messages. tm stagetec systems had been involved in these legacy systems, so they were able to adapt to the new version.

“We’ve had part of this infrastructure in place for five years,” said Lownds. “Before the ROC, Sydney Trains had all these separate facilities, so we had little bits of systems here and there with different teams, but the difference here was to centralise it all and by doing that we use a lot less infrastructure but also get a higher availability. From a technical perspective that was quite good because it means a lot less physical equipment to get a better outcome.”

Planning for the ROC began in 2016, when the $296 million facility was first announced.

The complexity of the system was such that design choices were made down to the individual desks that rail operators would work at. Rail management, infrastructure control, security, and signalling were all brought together, meaning that effective communication between the centre and the entire Sydney network was key. To enable this to happen, tm stagetec systems were brought in early to effectively design the audio infrastructure highlighted Clive Dong, solutions architect.

“Even when they were doing the architectural and building design, we had the opportunity to talk about how we would integrate the systems and how we could ensure that it was going to work and meet all the requirements that Sydney Trains had,” said Dong.

Sydney Trains and tm stagetec systems held discussions over where to run fibre cables, making sure that there are redundant connections back into the rest of the system from the ROC, power back-ups, even down to locations for physical racks and equipment space. These early discussions meant that by the time the facility opened, Sydney Trains was able to streamline audio announcements to improve passenger communication.

“The ROC has separate power, separate fibre connections directly back to their core system at Central. Everything is fully redundant, and then they run dedicated fibre to each of their operational desks,” said Dong.

In addition to being able to schedule safety and generic announcements, such as no smoking announcements, Sydney Trains has recently used the system to communicate to customers the COVID-19 physical distancing guidelines as the transport operator has rolled out its “no dot, no spot” campaign.

“On top of that is the real time announcements for the train services, and then they can do special announcements for things like track work and when necessary they can do live announcements,” said Lownds. “If there’s something happening, and they want to make a live announcement to the station, they can do that centrally from the ROC as well.”

As part of the overall audio package, tm stagetec systems installed a small recording booth within the ROC so that the quality of announcements is maintained.

The ROC also has some role in directing train movements outside of Sydney Trains.

In this case, audio announcements needed to be heard beyond the Sydney metropolitan network. This presented a challenge as there were no dedicated fibre connections between the ROC and regional stations. tm stagetec systems enabled operators at the ROC to make announcements over the telephone line as well to service remote locations.

“We can play an announcement to the entire state at any station and any time, live,” said Dong.

Audio for the entire NSW network is controlled in real time from the ROC.

To control the system, tm stagetec systems used a web-based, graphical user interface (GUI) to make the system easy to use and flexible. Audio is distributed between the ROC and speakers on the Dante Domain Manager platform, an audio-over-IP platform developed by Australian digital audio networking technology leader, Audinate. According to Lownds, the system tm stagetec has installed is the largest Dante network in the world, larger than public address systems to hospitals, campuses, and stadiums. The system avoids the need for lengthy reams of analogue cables and is designed to be secure.

“We had to ensure that this was a very robust network because audio announcements to an entire network is something you don’t want somebody to get a hold of that shouldn’t,” said Lownds. “So, just in the ROC, we have two separate, discrete fibre runs to make sure that if there’s a problem with roadworks and a fibre gets cut then we can still get the system running. All the backend equipment is duplicated and fully redundant, so if there is a failure, the system will actually keep working, without interruption.”

In addition, the system is able to be monitored down to the speaker, in real time, to know if there are any faults.

The sophistication of the system also enables Sydney Trains to do more with their audio-based information. Working with tm stagetec systems, Sydney Trains is rolling out integration of the audio-over-IP network with audio frequency induction loops (AFILS). This means that the audio played out over the loudspeakers at a station is transformed into an electromagnetic field, which can be picked up by a hearing aid or listening device. Other areas that are being explored include mobile-based functionality so that staff on the ground have access to the audio network.

Across the entire network, the technology would only be useful if the sound that is being transmitted can be understood, and a key requirement of the project is meeting strict sound intelligibility standards measured as a speech transmission index (STI) from 0 to 1, with 1 being excellent intelligibility. Sydney Trains mandated a reading of 0.75, or excellent, without a train on the platform and 0.6 with a train. Now, the team has achieved that, with a delay of only five milliseconds between the announcement being made at the ROC and the audio being heard across the entire Transport for NSW network.

While Anzac Day commemorations may be held differently in 2021, the clarity of sound across the Sydney Trains network will be exactly the same.