If your railway telecoms and signaling infrastructure is a mix of historic existing equipment and new, modern technology, you are not alone!
With typical product lifecycles of over 20 years and a planned move from GSM-R to FRMCS from 2026, today’s railways face several challenges when it comes to detecting and managing cyber security.
In this short article, we’ll highlight three of these challenges and share ideas on how they can be overcome.
How Secure Are My Current Systems?
First introduced in 2000, GSM-R is an international wireless communications standard for railway communication and applications and the telecoms component for ERTMS systems.
Used for mission critical voice and data communication between railway operational staff, including drivers, dispatchers, shunting team members, train engineers, and station controllers, without GSM-R the trains cannot run.
However, as with any industrial technology that’s over 20 years’ old, GSM-R equipment and infrastructure can be more vulnerable to modern cyber-attacks as a result.
The table below shows some of the vulnerabilities in ETCS signaling systems:
How Easy Is It to Detect Vulnerabilities in the System?
Cyber-attacks can come from anywhere – inside or outside the organization. This is means it’s vital to keep watch over any potential entry points and monitor how the telecoms, signaling and interlocking equipment operates. If there are any changes to behavior or new unauthorized ‘actors’, these need to be investigated at once. For example, if there are calls to RBCs starting from an unauthorized BTS, unauthorized SIM cards making ETCS connection attempts, or a high number of call attempts to an RBC in a set period of time.
The good news is that if you already use probes to monitor your mission critical GSM-R networks and ETCS systems, you are well positioned to monitor for cyber-attacks, as well as Quality of Service (QoS).
Using the same data lake and probe infrastructure, you can integrate new cyber-functionalities to discover system vulnerabilities, detect attacks, monitor current statuses, and provide reports.
How Can I Improve My Cybersecurity?
Compliance with industry standards strengthens your systems’ protection. For railway, the most relevant are IEC 62443 (an international series of standards that address cybersecurity for operational technology in automation and control systems) and the new TS-50701 railway cybersecurity standard.
Meeting these standards enables operators to, for example:
- Monitor access from untrusted networks
- Audit records generated by equipment
- Protect the integrity of transmitted information
- Prohibit unnecessary ports, protocols and services
- Track unsuccessful login attempts
- Produce a report list of components
- Produce reports on unauthorized wireless devices
- Recognize changes to information during communication
This diagram summarizes what’s possible with the right railway-cyber partner, such as VIAVI Solutions.
To learn more, meet VIAVI at RailLive! in Malaga, Spain on 29th November – 1st December or book a meeting with our team at [email protected]
This article was originally published by Comtest Wireless.
