Rail safety-critical infrastructure is not your usual enterprise-IT case. The long service life of rail technologies limits the efficacy of security-by-design, shutdown time is costly and has to be minimized, and the critical network components use proprietary protocols, which limits the ability to use off-the-shelf industrial cybersecurity solutions.
To be able to secure signaling and control networks against cyber-attacks, one first needs to know what needs protection – from the network’s entire topology down to the granular level of each and every asset, including field elements, interlocking, management workstations and more. The digital revolution that affects the rail industry through and through comes with a built-in risk that will change the way we see rail operation in the near future. Cylus took upon itself the challenge of securing one of the world’s most critical infrastructures and will describe the ups and downs of this journey.
Cylus’ presentation will cover the following topics:
- Common misconceptions about rail cybersecurity
- A Hacker’s point of view: attack surfaces, kill chain, CNC (command and control).
- Relevant technologies for implementing a rail-specific cybersecurity monitoring solution: deep packet inspection, support of proprietary railway protocols, integration with other systems (e.g. SIEM)
- A deployment use-case
Cylus will then discuss the influence the cybersecurity threat has on the rail industry in the next decade going through the change in security requirements as seen in recent years, how railway infrastructure managers will need to adapt themselves to the revolution, and how cybersecurity can affect rail operations.