KRISHNA PANDIT AND JÜRGEN SEPT OF SIEMENS MOBILITY GMBH DESCRIBE THE SYSTEMATIC TREATMENT OF SAFETY FUNCTIONS IN THE CYBER SECURITY PROCESS OF A RAIL VEHICLE MANUFACTURER
Cyber attacks have increased in frequency in recent years. Those covered in the media include the ransomware Wannacry, the hacking attack on the Ukrainian power grid or the ransomware in San Francisco’s public transport system. The lawmakers have reacted with a plethora of laws that have recently been passed or are currently in the making. These include:
■ European Network and Information Systems (NIS) directive to protect critical infrastructure;
■ the EU Cybersecurity Act;
■ the Network and Information Systems Regulation 2018 in the UK.
Legislation generally requires compliance with standards, but in the fairly new field of cyber security for railway systems, the standards are still in the making – for example, CENELEC (the European standardisation body) TC9X WG 26.
What makes rail vehicles unique in the context of cyber security is that different networks are interconnected: the train control network, the operator network and the passenger entertainment network. A cyber attack on the train control network could have a safety impact, …
