Exploring the possibilities of 5G for future railway communications

While some have been aware of FRMCS as the next standard for rail communications, with standards expected to be finalised circa 2022 to 2023 and proof of concepts and trials running from 2020 to 2025, and it is expected that we will see early deployments in Europe from 2025 onwards, the possibilities of how this communications platform and 5G can reshape the railways is now beginning to be understood. Read more

cyber attacks

Protecting critical infrastructure from cyber attacks

As Australia’s rail sector has not been immune from the risk of cyber attacks, industry bodies are joining with government agencies to mitigate the ongoing threat.

In November 2016, The San Francisco Municipal Transport Agency was hit by a cyber-attack. The HDDCryptor malware spread across over 2,000 computers, meaning that the Agency’s network was opened up free for the public.

While the agency’s ability to provide transport across its fleet of light rail vehicles, streetcars, trolley and hybrid buses was not compromised, ticket machines, payment services, and emails were affected.

The hackers demanded a ransom of 100 bitcoin, equivalent to $102,644 at the time. This type of attack, shutting down a network’s computer systems and demanding a payout, is known as ransomware, and can be caused by a person simply clicking on an infected link in an email or downloading an infected file. The networked nature of large transport authorities means that this can quickly spread throughout an organisation.

While San Francisco did not pay off the hacker and was able to restore its systems by the next Monday, the hack was one of the most visible instances of how cyber threats are coming to the rail transportation sector.

Earlier that year, cyber criminals struck the rail network in NSW, targeting regional train services provider NSW TrainLink. Hackers were able to infiltrate the booking service and capture customer credit and personal data.

Unlike the San Francisco hack, this breach targeted a rail organisation’s repository of customer details, including things like bank details and personal information. The opportunistic attack exposed how people using the same passwords for multiple accounts can make a system vulnerable, and in this case, with rail operators having data on large numbers of people, others could be seen as a honeypot for potential attackers.

Western Australia’s Public Transport Authority was also targeted in an attempted attack in 2016, leading the rail agency to shut down its own website and websites for specific services such as Transperth to prevent further intrusions.

More recently, the number of cyber- attacks has been increasing. In May 2020, Swiss rail manufacturer Stadler reported that hackers had targeted the company hoping to extort a large amount of money and threatening the publication of data to hurt Stadler and its employees. Although not impacting production lines, the hack came a week after Australian logistics operator Toll also suffered a ransomware attack, the second that company had suffered in 2020.

A spokesperson for the Australian Cyber Security Centre (ACSC) reiterated comments made by Minister for Defence Linda Reynolds that malicious cyber activity against Australia is increasing in frequency, scale, and sophistication.

“Rail, and the transport sector more broadly, is part of Australian critical infrastructure and provides essential services to Australians,” the spokesperson said.

Ransomware attacks are becoming more common for organisations across the rail sector. As these few examples demonstrate, the reliance of all parts of the rail industry on digital systems means that cyber-attacks are not targeting any one sector of the industry. Furthermore, as large, often widely distributed organisations that deal with personal and safety critical information, the rail sector has many facets of the organisation that are involved with cyber security, not only in operational roles.

“A cyber incident involving critical infrastructure can seriously impact the safety, social or economic wellbeing of Australians, due to the significant disruption it can cause if the systems are damaged or unavailable for extended periods of time,” said the ACSC spokesperson.

This is not to suggest that the rail sector has been blind to the risk posed by cyber- attacks. In the UK, in 2016, the Department for Transport published the Rail Cyber Security: reducing the risk of cyber attack guidelines. In the document, the increasing threat of cyber-attacks in the rail industry is clearly stated.

“Railway systems are becoming vulnerable to cyber-attack due to the move away from bespoke stand-alone systems to open-platform, standardised equipment built using Commercial Off-the-Shelf (COTS) components and increasing use of networked control and automation systems that can be accessed remotely via public and private networks.”

These vulnerabilities leave the rail sector open to impacts of cyber-attacks, from threats to safety, disruptions of the network, economic loss, and reputational damage. The guidelines outline how rail organisations should respond, from the level of governance, through to design, the integration of legacy and third-party systems, and staff training.

As the spokesperson for the ACSC outlined, as rail reaps the benefits of digitalisation, there are also challenges.

“The rail sector is continually modernising through the adoption of new operational technologies. However, with this, comes potential cyber security vulnerabilities,” said the spokesperson.

“The increased adoption of inter-connected technologies has the potential to increase the cyber threat ‘attack surface’.”

In the case of passenger networks, bespoke systems such as electronic signage, ticketing systems, electronic passenger gates, building management and public address systems are areas of concern. In the freight sector, the interconnectedness of the industry and its automation contributes to the vulnerabilities the sector faces.

The exposure of the rail sector was highlighted in a 2016 Victorian Auditor- General report into the security of critical infrastructure control systems for trains. After a 2010 report identified weaknesses, the 2016 report found little improvement since then.

The reasons for the lack of progress were poor governance arrangement, limited security frameworks for control systems, limited security controls for identifying, preventing, detecting, and responding to cyber security events, and a poor transfer of accountability and risk during machinery-of- government changes.

In the Auditor-General report, 10 recommendations were made, all of which were accepted by Public Transport Victoria and the Department of Economic Development, Jobs, Transport and Resources, which has since been broken up into the Department of Transport and the Department of Jobs, Precincts and Regions.

Since the Victorian Auditor General’s report, moves have been made to standardise and improve the Australian rail industry’s cyber security response. In 2018 the Rail Industry Safety and Standards Board (RISSB) published its Australian Rail Network Cyber Security Strategy. Identifying similar threats, the document outlined the vision for the industry of the elimination of cyber risk, resulting in zero cyber-attacks on the Australian rail network. To do this, the strategy follows the principles of understand, protect, detect, and respond.

In addition, also in 2018, RISSB published AS 7770 – Rail Cyber Security, the Australian standard for managing cyber security risk on the Australian railway network.

To improve the response of the rail sector to the cyber security threat, ACSC provides sector-specific resources and materials.

“The ACSC is working with all critical infrastructure sectors to help them increase their cyber defences as well as transport sector entities through the ACSC Partnership Program.”

The ongoing adoption of industry standards as well as the implementation of sector-wide strategies will ensure that the rail industry continues to be prepared to deal with cyber attacks as the threats morph and change.

cyber security

Securing a digital railway

Siemens explains to Rail Express how digitalisation in rail requires a focus on cyber security.

On June 19, Prime Minister Scott Morrison warned Australian businesses and agencies that they were under a sustained cyber- attack from a sophisticated state-based actor. Rather than describing the nature of a singular attack, Morrison outlined the constant and ongoing threat that Australia’s critical infrastructure was facing.

This reminder of the cyber threat that Australia was facing aligned with what Serge Maillet, head of industrial cyber security, Siemens Australia and New Zealand, has observed.

“Over the past 12-18 months there’s been a significant increase in terms of cyber-attacks that Australia is seeing across all industries. This is happening world-wide but unfortunately Australia is among the top 10 countries being targeted.”

Based on data from the Centre for Strategic and International Studies, a US think tank, Australia is the sixth most targeted country for cyber-attacks, with 16 significant attacks between May 2006 and June 2020. The nature of these attacks is not leaving the rail industry unscathed.

“Any entity attempting cyber threats, also known as threat actors, are increasingly targeting a lot of our critical infrastructure. Rail is certainly part of that critical infrastructure,” said Maillet.

The types of attacks that are occurring are the intrusion of malware due to failed security controls, in many cases, due to human error.

“The reality is that the majority of organisations in Australia are going to be attacked at some stage. The only variables are the type of attack vector, the size of impacts and if the attack is going to be successful or not,” said Maillet. “If it is a successful attack, you want to make sure that you’ve got measures in place to be able to recover from those attacks and bring the critical systems back online as quickly as possible, while minimising any negative impacts on public safety or production.”

THE CONVERGENCE OF IT AND OT
What has made the rail sector and critical infrastructure particularly susceptible to cyber-attacks, and why governments are concerned is the convergence of what were previously two separate systems, information technology (IT) and operational technology (OT).

“While cyber-attacks have been able to target data in an IT environment, the interconnection of IT with OT opens the potential for threat actors to penetrate machines and processes, causing significant harm,” said Maillet.

“If we look at OT in the context of rail, it’s really about machines and process control. This could be rail signalling, rail control, automation, telemetry and more.”

Previously, these systems were insulated from cyber-attacks due to their lack of connection to external or untrusted networks. While IT systems were constantly being patched with new software, OT systems ran on their own proprietary technology, and did not require regular updates.

“Because of that there’s been a lack of focus from organisations on their own OT systems from a security perspective,” said Maillet. “Now that we’re seeing a lot of convergence and hyper convergence happening between IT and OT it’s creating a lot of new challenges, especially for industrial applications, and it’s increasing the risk profile of our critical infrastructure.”

In addition, while enterprise IT is expected to have a lifecycle of three to five years, OT devices are often expected to run for 20 years, if not longer. As these older systems are beginning to be integrated with the wider rail IT network through the process of digitalisation, safety critical technology is becoming increasingly vulnerable to cyber-attacks, said Maillet.

“The challenge from that perspective is that a lot of the legacy OT devices that are still in operation today for a lot of critical infrastructure were never designed with security in mind, because they were never intended to be converged with IT.”

While digitalisation promises and has delivered many benefits to rail networks, the issue of cyber vulnerability and exposure are sometimes overlooked, and the cost of digitalisation is only accounted for in financial terms, not in terms of cyber security, cautioned Maillet.

With more devices than ever connected to the rail network, organisations must be vigilant about security

THE CONSEQUENCES OF DIGITALISATION
To some, the solution may look simple. Why not just update the software that runs these safety critical systems, or install the latest security patch? This is easier said than done, Maillet points out.

“In OT infrastructure the priority is always going to be to maintain the safety, reliability, availability, and integrity of those platforms. So, when you look at putting in a new patch or making a configuration change, that will always introduce potential risk to jeopardise the availability or performance of that system. Often, these elements will take priority over the actual integrity of the system.”

That’s not to say that the patches are not available. Many OT systems run on operating systems such as Microsoft Windows, which have has regular security patch updates to account for vulnerabilities identified in the system. Trying to find a time when the system that controls a rail network can be taken offline for an upgrade is tricky.

Another limit on the possibility of upgrading these systems is the potential for human error. Stephen Baker, head of product innovation and through-life support at Siemens Mobility says that this leads to a bunker-like mentality.

“The problem is that you end up with an infrastructure that is safe and reliable, but you can’t do anything with it, you can’t run analytics, you can’t do downstream processing. The convergence of OT and IT can’t be put on hold.

“Let’s face it,” said Baker. “You can imagine what would happen if all of a sudden you stopped running trains in Melbourne or Sydney because the operation of a vital network has been compromised.”

DEALING WITH AN EVOLVING THREAT
To mitigate the threat of a cyber-attack while still reaping the benefits of digitalisation Siemens have developed a full cycle of expertise that is focused on the people, processes, and technologies that can keep a rail system functioning.

“Industrial security, which includes rail security, is really a dynamic topic. Because the risks are constantly evolving and changing in nature, it’s creating a lot of challenges. So, our job at Siemens is to help our customers better understand where those vulnerabilities are and what types of solutions are best to maximise the security posture of a system,” said Maillet.

When working in the rail industry in particular, Siemens have developed solutions designed for rail.

“When we look at mainline train systems or metro systems, we know that they are deploying a lot of Industry 4.0 technologies, a lot of digitalisation, which is increasing the operational efficiency and reliability of those systems,” said Maillet. “We also have to ensure that we implement technologies that enhance cyber security for the network that the trains systems operate on, as well as the control systems that manage the rail infrastructure.”

With 90 per cent of successful cyber- attacks due to human error, the solution must begin with people.

“We know that even if you have all the right technology put in place, if your people do the wrong thing due to lack of awareness or not having the right level of training in cyber security, then that’s likely to expose a vulnerability,” said Maillet.

“Sometimes it’s as simple as plugging a USB into a computer. If it’s a computer asset in an OT environment, that USB could easily introduce a vulnerability. Another common breakdown is when someone clicks on an email that they shouldn’t which can create a virtual doorway for a threat actor to bypass the security measures that have been put into place to protect critical assets.”

The next step is the processes. In a rail organisation these processes could include how staff fix issues, how assets are managed and what procedures are in place to ensure that assets are maintained securely.

The final piece is the technology, and here Siemens is working on solutions that can enhance the secure digitalisation of rail. Andrew Chan, development engineer at Siemens Mobility’s Centre of Excellence, describes how the company is looking at extracting information from a digital rail asset without the potential risk of exposing it to external attacks.

“A data diode basically allows data to flow in one direction and in that way, we can safely get safety critical information from our axle counters and interlockings out into the IT environment. That’s where we can do amazing things with data.”

Other technologies that Siemens are deploying include edge processing for intrusion detection, and cloud services to mine data for cyber security analytics.

Servicing all areas is an example of Siemens’s distinct approach, said Baker.

“We’re probably one of the few total solution providers – we design the interlocking hardware, we design the control systems, all the network requirements and defences are part of the safety case, we design the networks and even the analytics, so every layer is internal. We’re one of the few organisations that can give you everything from broad level design of the signals and the railways, right through to the cloud analytics which tells the asset owner how the infrastructure is performing.”

While Siemens has a number of areas of the business which deal with rail cyber security, its industrial security services provide the hardware and software services, as well as professional services to rail customers.

These industrial cyber security solutions are provided across three key pillars, security assessments, security optimisation, and security management, all underpinned by holistic approach to industrial security, known as the Defence in Depth security framework.

“Defence in Depth is having as many security measures and layers in the infrastructure as possible based on well-known security best-practices and frameworks. It provides us the ability to have a depth of staggered defences in infrastructure,” said Maillet.

As Australia grapples with the increasing cyber threat, increasing resilience will be a key factor in the success of the digitalisation of rail.

Thales to support NSW digital strategy

Global technology provider and rail signalling manufacturer Thales will develop a leading digital control, communication, and signalling centre in Sydney.

The announcement follows Premier Gladys Berejiklian’s $1.6 billion Digital Restart Fund which aims to make NSW the digital capital of the southern hemisphere.

Thales Australia CEO Chris Jenkins said that the announcement enables Thales to commit to basing its digital innovation in Sydney.

“This is incredibly exciting for the many innovative companies operating in this state. To back the NSW ambition, we are committed to establishing a digital innovation lab in western Sydney to develop digital solutions for public transport,” said Jenkins.

Thales supplies digital transport systems to Sydney Metro and has supplied telemetry solutions to Sydney Trains.

Jenkins said that Thales would be drawing on its global expertise and tailoring the solutions to the needs of NSW and Transport for NSW, focusing on Metro, light rail, transport cyber security, and digital rail signalling.

“The Digital Innovation Lab will continue to grow smart jobs in western Sydney, enhancing our existing team of world-class engineers and software developers already based in our Transport business.”

NSW Treasurer Dominic Perrottet said that investment in digital technology would drive the state’s economy.

“This record investment in technology recognises that digital infrastructure is as important as transport infrastructure to the State’s economic growth.

“We must be fast followers in the Digital Revolution to accelerate agility, lift productivity and generate the jobs of tomorrow.”

The $1.6bn in funding also includes $240 million to enhance NSW’s cyber security capability, the biggest single investment in cyber security in Australia’s history, said Minister for Customer Service Victor Dominello.

Cyber security is also a focus for Thales.

“It’s never been more important that our public transport systems are protected with the highest levels of cyber security, which Thales delivers to public transport operators around the world,” said Jenkins.

The use of data in digital rail

Nuno Guerra, who is leading Thales Australia’s Metro agenda, explains how the implementation of digital rail systems can benefit a network operator.

Australia’s major cities are growing at an exponential rate, and pressure is being placed on infrastructure and transportation services to improve operational efficiencies and the passenger experience. A digital revolution in smart-mobility is already occurring, allowing town planners to manage and capitalise on these pressures. Rail infrastructure will play a central role in this revolution, with disruptive technology enablers such as artificial intelligence (AI), big data analytics, the industrial internet of things (IIoT), and cloud computing driving its transformation.

In Australia, both Sydney and Melbourne are at the forefront of the rail revolution: Sydney announced the North West Metro in 2008 and the new CBD and South East sections of its Light Rail in 2014. Both projects are now complete and open to the public. Similarly, Melbourne has announced its Melbourne Airport Rail Link – a critical connection between Tullamarine Airport, the metro, and regional networks – and the Suburban Rail Loop, both scheduled to begin construction in 2022.

Rail networks are awash with data and, with projects like those we are seeing in Sydney and Melbourne, the potential for utilisation is immense. Though there are many assets that incorporate and utilise digital technologies, only a fraction of this data is captured and analysed to generate actionable insights and improvements for customers and efficiencies for operators. There is potential for operators to boost revenue by as much as 30 per cent by implementing data-driven decision-making capability into their networks.

COMPETITION
When comparing the rail sector to the likes of road transportation, there has been an explosive growth of ride sharing apps and online booking platforms. The roads sector has successfully leveraged data and used technology to connect directly with the customer and as a result built a competitive edge. The rail sector, by comparison, has not capitalised on data at the same pace. However, the rail industry is at the threshold of a major transformation in this data revolution. The benefits of rail travel to the community are hard to dispute, with each passenger journey made by rail rather than road generating benefits for society of between $3.88 and $10.64 by reducing congestion, accidents, and carbon costs, according to the Value of Rail report produced by Deloitte Access Economics for the Australasian Railway Association.

WHAT ARE THE MAIN DIGITISATION AND SMART-MOBILITY PRIORITIES?
The keys to success when it comes to digital revolution and smart-mobility, which are at the forefront of Thales’s development roadmap are safety and security, efficiency, and reliability. These shape our thinking in terms of what we aim to achieve in a smart network and address the five key digitisation priorities that are outlined below.

First and foremost, improvements in safety and security are paramount – Thales’s safety and mission critical systems such as signalling and supervision & control systems are digital and cyber secured by design by default, providing real-time data on congestion, occupancy, and security.

In relation to cyber-security, the digital railway presents a special challenge to traditional security measures due the deployed nature of the assets and their susceptibility to hackers. Thales has tackled these issues using a two-technology approach – traditional IT network security and ‘edge’ security (referring to devices deployed in the field). Thales Cybersecure by Design services focus on early threat detection and segmented networks to limit the access of direct connections outside the network. The ‘edge’ devices that make up the IIoT are manufactured under stringent security guidelines to ensure access points are not exploited, and reduce the risk of counterfeits and clones. Through limiting and securing access to these geographically scattered devices, organisations are also able to maintain tighter control and lower device maintenance and update costs. These technologies give operators confidence that their data and operations are safely expandable and secure.

The second priority is reducing maintenance and operational expenditure. Unplanned shutdowns are a major problem for operators, accounting for hundreds of millions of lost revenue per year. Research has shown that the top cause of unreliability is external problems, followed by signalling and train issues. To counter this challenge, we can tap into existing data sources such as Communications-Based Train Control (CBTC) systems, axle counters and point machines and use big data analytics algorithms to detect abnormal behaviour and predict maintenance requirements. This is the primary function of Thales’ digital TIRIS solution – processing hundreds of terabytes of data to monitor, in real-time, equipment installed on-board trains and along thousands of kilometres of track. The aim is a zero unplanned maintenance approach and customers have seen maintenance costs reduced by 30 per cent, site visits down by 50 per cent and overall downtime reduced by 40 per cent.

Thirdly, digital systems must help increase capacity. Data on passenger journeys, train occupancy, and platform crowding has enormous potential when taken in isolation, however, when combined and processed using big data analytics and AI, greater potential can be unlocked. The Thales NAIA solution processes passenger data in near- real time, allowing operators to discover and predict passenger behaviours, detect friction points in traffic flow and adapt staff and train services according to passenger demand. The flow-on benefits to train occupancy and capacity will have a distinct improvement on operational efficiency and customer satisfaction.

Asset availability presents the fourth priority. The ability to manage mobility across an entire city, and ensure availably and reliability of assets to meet passenger and freight demands is a critical challenge. Network visibility and real-time asset management enables more effective tools to manage this challenge. Multimodal Operation Control Centres (OCCs) provide these tools by tapping into multiple data sources and the industrial internet of things to create an ‘intelligent infrastructure’. Creating a dynamic visualisation of digitised assets across the network, enhancements to traditional systems such as signalling and interlocking systems will feed into this framework, exceeding current capabilities to increase frequency of operations and reduce delays.

Finally, digitisation must improve the passenger experience. As evidenced above, these modular digital solutions will combine to benefit the passenger in many ways. Ready access to comprehensive data will enable operators to make informed decisions on operations and maintenance to better manage passenger flow, train occupancy and wait times. Similarly, the passenger will benefit directly by more accurate and real-time information on congestion and delays. The Thales Central Control System (CCS), recently delivered on the Sydney Metro North West, is already providing this real-time information.

These disruptive technology enablers mean big change for the rail sector in Australia, and a leap forward for the smart-city architecture that is revolutionising our cities. Thales is at the forefront of this digital revolution, combining our global expertise in ground transformation with our data-driven digital service solutions to provide end-to- end solutions for our customers.