Reminder: CYRAIL is a collaborative project selected by the European Commission as part of the call for proposals under the Shift2rail programme for Rail Research and Innovation (R&I), addressing the topic “Threat detection and profile protection definition for cybersecurity assessment”. The project, led by EVOLEO, started on October 2016 and will last 24 months. At UIC the project is managed by the security division.

This workshop was dedicated to Rail Cybersecurity and brought together representatives from Alstom and Thales (Shift2Rail), Huawei (IT and communications provider), EUROC representing rail end-users, Railenium representing research organisations and the partners of the CYRAIL consortium (Evoleo, Airbus, ATSEC, Euskoiker, and UIC).

The objective was to have an overview of ongoing work regarding rail cyber security and to discuss the scope of the operational scenario to be considered within CYRAIL.

The session started with an overview of CYRAIL project given by the coordinator (Magno Santos from Evoleo) and Staffan Persson from ATSEC: a key feature of CYRAIL is to take advantage of developments in other industries (aeronautics, automotive and information Technologies) and bring them into the railway sector, taking similarities and specificities into account. One of the main achievements in CYRAIL will be the specifications for protection profiles including security problem definition, security objectives and requirements, security standard framework definition and evaluation of security assurance level.

Marc Antoni, Director of the UIC Rail system department, gave an overview of the main components of railway transport, the main risk situations and principles of signalling systems with a comparison between “historical” architecture, “today” and “tomorrow” architecture based on centralisation and IP network. Two main aspects need to be considered: on thev one hand the technical components of signalling systems and on the other hand the organisational and strategic aspects such as safety and security levels required.

Following this first session, presentations were given on ongoing related projects. François Hausman from Alstom, representing Shift2Rail, presented the X2RAIL-1 project and in particular work package 8 (WP8) on cyber security of rail systems: the WP will deliver guidelines for security assessment dedicated to Railway and Urban, specification for a secure railway network including threat detection, prevention and response mechanisms and then specify related demonstrators. A security by design standard will finally be drafted and demonstrated. This WP led by Alstom is very complementary to the work that will be developed in CYRAIL and close cooperation is foreseen through the CYRAIL advisory board.

The other ongoing project called ARGUS was then presented by Marc Antoni: ARGUS is a UIC project which started in 2015 involving several European Infrastructure managers. The project will deliver an IRS (International Railway Solution) on “managing the security of computerised and connected signalling system” by the end of the year.

Marc Antoni underlined the need to cooperate and to exchange best practices in order to better understand and manage cyber risks with a system point of view. Another key point is to consider security and safety together: Marc said “Security-is-Safety & Safety-is-Security’’.

Then, Frank Lett from Huawei gave a presentation on cyber security and the Internet of Things (IoT). There are many critical areas regarding IoT security such as authentication, data privacy, intrusion detection, data integrity, secure communication…. For now there is a lack of internationally agreed standard for cyber security. A key challenge for the industry is to improve the process of response in case of security vulnerability of a product.

The last session of the workshop was dedicated to discussions on the operational scenario that will be built within CYRAIL for further security assessment (WP3 of CYRAIL), threat analysis and attack detection (WP4), preparation of innovative mitigation and countermeasures solutions (WP5) and recommendations (WP6). Marc Antoni proposed a scenario involving different types of environments (commuter train with automatic driving and freight train with conventional spacing), different generation of systems, and different levels of integration.

During the discussion involving all the participants, it was decided to focus on communication systems within CYRAIL.

A second workshop will be organised during 2017 with rail operators and infrastructure managers to finalise the scenario.