Schweiz - Switzerland
Cybersecurity is an essential factor in risk prevention – because security and safety go hand in hand
New, digital business models require ubiquitous networking and online connectivity of rail vehicles. In addition, the increased use of standardized commercial off-the-shelf products brings decisive cost advantages. At the same time, however, this also creates security vulnerabilities with potentially serious consequences, these range from significant economic losses to a serious threat to passenger safety. Cybersecurity is an essential factor in risk prevention – because security and safety go hand in hand. Security standards play a decisive role in this. The pressure on operators is increasing – not least because of the numerous new conformity regulations. Solutions with integrated cybersecurity are in demand.
The key to security: Identity and access control
Protecting trains from cyber attacks is a complex task. A defense in depth security concept is fundamental. Security policies recommend implementing multiple security barriers. Identity and access control for devices, software and configuration tools is considered the primary defense measure.
Digital identities can be assigned to a device or its software using security certificates and public key infrastructures (PKIs). Each and every one of us uses a PKI without knowing it – when surfing the Internet for example. When your browser warns you that a website is not trustworthy, this is because a PKI is working in the background and has detected an invalid certificate. The same principle can also be used between communicating train devices. For example, Knorr-Bremse recently launched a PKI solution under the leadership of Selectron to protect the identity of its devices. As the cybersecurity leader, Selectron is the first company in the Group to use the PKI. Already, selected Selectron software will be digitally signed with security certificates issued by the PKI, thus protecting it from forgery and modification. The new generation of controllers from Selectron will also be able to communicate with the PKI and check the integrity of the digital ID. Combined with a Trusted Platform Module (TPM) integrated in the controller, changes to the hardware and operating system are checked every time the train is started. The combination of PKI and TPM ensures reliable threat detection and prevention of attacks.
Threat monitoring: The early warning system for cyber threats
However, what happens if the digital ID cannot be verified, for example because there is no connection, checking is not possible with the PKI service or the certificate is no longer valid? New security vulnerabilities arise. The train must be protected by additional measures; several security levels are essential.
This is where threat monitoring comes in. Network traffic and device behavior are continuously monitored in real-time. If an anomaly occurs, it will be reported. Railway operators are required by law to ensure continuous monitoring of their control system – including during operation.
New Selectron Threat Detection Solution
Selectron has recognized the need for threat monitoring in the railway industry. This is why we have made it our mission to develop a specific intrusion detection system for the railway industry – the Selectron TDS (Threat Detection Solution). We are working together with Irdeto and T-Systems, two experienced partners from the areas of IT and automotive security, to derive optimum synergy effects in terms of expertise. The prototype was put into operation and tested in early 2020. The early warning system will be available on the market in two versions – Local and Advanced – from 2021.