Cybersecurity for Railways and Public Transport

Cybersecurity for railways is a big and hot issue. Railways and public transport in general have consistently leveraged the digital technologies in order to respond to the ever-growing customer and budget demands; however, for every edge that gets added to an organisation’s system, there is one more potential breach points in its infrastructure. This is even more true with non-PC – type of devices that notoriously have only basic security features and may be easy to exploit, so then the entire digital network.

Cyber and physical security gap in the public transport sector

Cybersecurity is affecting public transport in a way that security managers are not used to. The increasing interconnectivity of different operational sub-systems that could be targets of cyber-attacks on one hand, and the inability of public transport and railways organisations to pay adequate attention to the cyber and physical security of their legacy systems on the other hand, has resulted in a fast-growing security gap.

Since the edge devices of railways and public transport networks are particularly exposed on the field, they could be openings for malware intrusion or, more commonly, for potential disruptions due to operators’ mistakes. Being intended or not, any sabotage or incorrect manipulation of the networked devices could be dreadful in terms of function continuity and efficiency, as well as in terms of national stability and security.

Nelysis’s solution for cybersecurity for railways and public transport

Because the physical security and control networks of railways and public transport organisations tend to grow in both the number of elements and the perimeter of the physical areas, entire networks could be easily compromised if there is no monitoring and blocking capability.

Starting from this need, Nelysis developed a unique system, the Vanguard Network Cyber Management System, that allows early detection, warning and prevention of cyber threats on Physical Security and Control Systems networks. As a matter of fact, Vanguard ensures the finest possible protection of the networked assets from cyberattacks that can potentially have devastating effects such as impeding or subverting the correct functioning of the railways or transport system (or even of the military Command and Control centres).

Why is Vanguard particularly recommended for cybersecurity for railways and public transport?

The Vanguard NCM system was specifically designed for Physical Security networks where many critical sub-systems and edge devices are lacking of security features and exposed to potential collapse or neutralisation by external attacks or by internal activities (such as a wrong setup) leading to disruption of the operations.

Here are the main points why Vanguard is particularly recommended for cybersecurity for railways and public transport:

• Complete and seamless tool for IT security: from the perimeter sensors to the alarm and fire detection devices, from the video surveillance systems and CCTV cameras to the access control devices, Vanguard provides total integration and protection without disrupting the integrity of the physical security and control networks.
• Continuous monitoring of all the network elements and network traffic: Vanguard extracts network metadata through DPI (deep monitoring at packet level so that every detail is controlled), detects mismatches with established behaviour profiles and issues alerts. Besides, the metadata are stored in a Big Data Repository for forensic analysis.
• Physical monitoring of the infrastructure connections: Vanguard reads real time all low level network traffic and detects any change such as any unauthorised access, new devices, any damage or connection to optical fibres, copper cables or any other transmission media.
• Analysis of the whole network structure: Vanguard tracks and identifies all the network elements using network parameters and topology parameters as well as manufacturer data.
• Prevention of cyber threats and related risks to ensure function continuity: Vanguard prevents the intrusion of malicious actors and reduces the consequences of human factor mistakes by searching and retrieving significant data before the collapse of the network component could actually happen. Moreover, since Vanguard is not based on digital signatures, it can detect any behaviour anomaly, any new network threat or attempted cyber attack.
• Non-invasive and easy-to-install cybersecurity solution: Vanguard supports the existing infrastructure and requires minor changes in the existing network. On the other hand, since the deep packet inspection is non-intrusive, Vanguard preserves all the data integrity and timing.

For more information on Vanguard solution for Cybersecurity for Railways