Cyber security for railways
Increasing digitisation enables smart mobility solutions and significant efficiency gains. However, the other side of the coin is the emergence of new cyber threats. The new Selectron attack detection system TDS (Threat Detection Solution) is designed to effectively counter these dangers and secure railways against cyber attacks in future.
Railway networks are becoming more vulnerable to cyber threats due to the everincreasing networking and the use of open standards. Rail transport services are part of critical infrastructure according to the EU NIS Directive 2016/1148 and must be protected against cyber attacks to ensure a high level of availability, reliability and safety of rail transport. Rail operators are required to continuously monitor their control systems. Deviations in network traffic are subject to mandatory reporting. This is why the Swiss company Selectron Systems has developed a new attack detection system: the Selectron TDS (Threat Detection Solution). It is based on proven intrusion detection technology and has been adapted to the technological and organisational characteristics of TCMS systems. The TDS was designed to be efficiently integrated into existing systems without any retroactivity.
The solution which has been developed according to the holistic ‘Defense in Depth’ approach is certified to IEC 62443 Security Level 2 and ensures continuous real-time monitoring of network traffic. In Selectron‘s holistic cyber security concept, it thus takes on the role of an alarm system. If it detects an anomaly, a warning message is sent to the railway operator, who can then take appropriate counter-measures before any damage occurs. The results of current pilot projects with long-standing customers confirm the great success potential of this solution for the railway industry. In future, railway operators will be able to recognise attack patterns at an early stage and to comply with increased legal requirements.
The early warning system is scheduled to be available on the market from early 2021 both in a basic and a full version. While the basic version will work locally and can therefore be easily integrated into legacy systems, the full version will offer additional functions including a tighter detection of anomalies based on artificial intelligence in cloud applications.