On 28 January 2015, the UIC Rail System Department and Security Division organised a workshop on “How to protect signalling system against cybercrime” which took place at UIC HQ in Paris.

More than 40 people attended this event which focused on the ongoing projects ARGUS and SECRET with the presentation of the scope of both projects, their respective approach to assess the risks and the protection solutions studied.

The keynote speech of the morning session was given by Cedric Levy from ENISA (European Union Agency for Network and Information Security). He underlined the fact that railway signalling relies more and more on ICT systems. Every sub-system has specific cyber security concerns and it requires cooperation from all levels. In this context ENISA aims at facilitating the deployment of cyber security measures through good practices and recommendations. Cross-border collaboration is therefore needed between the stakeholders at both technical as well as operational and organisational level.

Marc Antoni, Director of the UIC Rail System Department, then presented the ARGUS project (security and safety analysis for electric and computerised signalling systems) launched in 2014 which aims to identify cyber-vulnerabilities of signalling systems and to develop adapted responses. Threats against safety and security of real-time systems and especially information integrity are a key concern and will be considered. Human factor management at design and operation level will also be addressed. At this stage, the strategic aims of the project are:

  How to avoid on a “railway level” unfortunate consequences from threats (cyber attacks…) on operational signalling networks?”
  How to provide alternative structures/architecture to operate until the main structures have been “cleaned”?
  To converge as quickly as possible, using the existing or ongoing work for all domains or kind of systems.

The following presentation was given by Sergey Adadurov, Chairman of the COLPOFER Cyber Security Working Group. The purpose of the group is to share experience and information, develop recommendations on railway information infrastructure protection and to support cyber security system deployment.

Nadia Ammad from SNCF gave an overview on safety and security requirements at national level and underlined the need to define proactive solutions and build common guidelines within UIC.

To conclude, Marc Antony presented the structure of the ARGUS project which is organised into four work packages:
  WP1 (led by UIC): State-of-the-art and benchmark of good practices regarding the specificities of railway signalling networks (operational networks)
  WP2 (led by DB): Adding “security” to the safety analysis on the V-cycle
  WP3 (led by RZD): human factors regarding security during the life cycle (awareness, education, knowledge…)
  WP4 (led by UIC): summary and guidelines

The afternoon session was opened by Chaouki Kasmi from ANSSI, the French Network and Information Security Agency. He gave an overview of the French defence and national security strategy in the field of cyber security.

The following presentations were dedicated to the EU SECRET project (SECurity of the Railway network against Electromagnetic ATtacks) with the presentation of intermediate results and the next steps until the end of the project which is planned for 31 July 2015.

Virginie Deniau from IFSTTAR (French institute of science and technology for transport, development and network), coordinator of the SECRET project, presented the scope and structure of the project.

The project is co-funded by the European Commission within the FP7 programme and involves 10 partners from five European countries (SNCF, Alstom, Fraunhofer, Politecnico di Torino, TRIALOG, University of Liege, Institut Montefiore, University of the Basque Country, ZANASI Alessandro Srl and UIC as leader for dissemination).

SECRET assesses the risks and consequences of EM attacks on the rail infrastructure, work on preventive and recovery measures and develops protection solutions to reinforce the security of the rail network, subject to intentional electromagnetic (EM) interferences, which can disturb command-control, communication or signalling systems.

In the final step the project will propose contributions for more resilient architecture to Technical Recommendations (TecRec) in line with the UNISIG/UNIFE standardisation process. Some EMC (Electro-Magnetic Compatibility) recommendations will also be provided to more specialised standardisation committees, as well at hardware level to committees like CENELEC (European Committee for Electro-technical Standardisation), CEN (European Committee for Standardisation, except electro-technical and telecom) or ETSI (European Telecommunications Standards Institute).

During the concluding session, the participants praised the work presented throughout the day and highlighted the importance of exchanging information between the railways. The UIC Rail Forum and the Security Platform will continue their work together and organise another workshop before the end of the year.