At Wayside Digitalisation Forum (WDF) 2025, industry leaders outlined how Europe’s railways must prioritise cybersecurity in the rollout of digital infrastructure.
As rail systems become more connected and data-driven, their vulnerability to cyber threats increases. The digitalisation of signalling, train control and maintenance networks brings immense efficiency gains, but also a vastly expanded attack surface.
Against this backdrop, keynote speakers at WDF offered complementary perspectives on how to safeguard this transformation.
Max Schubert, Managing Director of INCYDE GmbH, made the case for cybersecurity as a lifecycle discipline. He urged operators and suppliers to move beyond seeing cybersecurity as an optional overlay. In compliance with regulations such as the EU Cyber Resilience Act (CRA) and NIS2 Directive, rail must treat cybersecurity as an integral part of engineering and asset management.
His model combines three pillars: secure products, secure operations and secure lifecycle management. Security, he stressed, is not a feature to be patched on but a property to be designed in, through principles such as ‘security-by-design’ and ‘defence-in-depth.’
Implementation
Following Schubert’s keynote speech, Dominik Eger, Information Security Officer (CISSP) at OHB Teledata GmbH, shared real-world lessons from the implementation of open, standardised signalling architectures.
Eger drew on experiences from SNCF Réseau’s modernisation of its national signalling system. Key to SNCF’s approach is the adoption of EULYNX specifications, which enable modular digital interlocking systems and standardised interfaces. This standardisation supports interoperability and future system upgrades, while reducing dependence on single suppliers. This is a critical factor for cybersecurity, as reliance on one vendor can create systemic vulnerabilities and single points of failure in the network.
However, Eger emphasised that implementing open standards in a live national network comes with challenges:
- Supplier diversity: Suppliers differ in technical maturity, interpretation of standards, and implementation timelines
- Integration complexity: Multiple vendors’ equipment must coexist seamlessly, often requiring careful mechanical, electrical, and software integration
- Local adaptation: National operational and technical characteristics sometimes necessitate adaptations to the standardised interfaces
- Consistency and terminology: Differences in language and technical terminology across international partners
Eger noted that overcoming these challenges requires meticulous coordination, phased deployment, and an emphasis on long-term modularity rather than short-term convenience. For SNCF, this has involved pilot deployments, close collaboration with industrial partners, and maintaining flexibility to integrate local requirements without compromising the benefits of standardised, cyber-secure interfaces.
Both keynotes stressed that the future of digital rail depends on building cybersecurity and interoperability in tandem. Crucially, modular architectures, supported by standard interfaces, simplify upgrades and reduce systemic risk by avoiding single-vendor dependence.
Read more from WDF 2025:
- Leveraging Digital Signalling to Maximise Railway Efficiency
- India’s Digital Transformation Strategy for Rail Presented at WDF
- North America Sees Gradual Shift in Rail Signalling
- Brightline West and California High-Speed Rail: What Signalling Systems Will They Use?
