Reminder: CYRAIL project has received funding from the Shift2Rail Joint Undertaking under the European Union’s Horizon 2020 research and innovation programme under grant agreement No 730843. CYRAIL is addressing the topic “Threat detection and profile protection definition for cybersecurity assessment”. The project, led by EVOLEO, started on October 2016 and will last 24 months. At UIC the project is managed by the security division.
This workshop was dedicated to Rail Cybersecurity and brought together representatives from Alstom and Thales (Shift2Rail), Network Rail and EUROC representing rail end-users, Railenium representing research organisations and the partners of the CYRAIL consortium (EVOLEO, Airbus, Fortiss, Atsec, Euskoiker and UIC).
The objective was to present the overall progress of the project deliverables and to exchange on the operational scenario as well as on the security assessment methodology developed within CYRAIL.
The session started with an introduction from EVOLEO reminding the goals of CYRAIL, the structure of the project and the main points of focus.
The UIC’s Rail System department presented the progress of the task on rail systems within the transport environment. This part will be completed by the next task led by EVOLEO on the security technologies and processes already used in the rail environment. Both tasks will then be consolidated within WP2 “Operational Context and Scenario” into a single deliverable on requirements of rail transport in multi-stakeholder environments.
After this first session on WP2, discussions followed concerning the ISA/IEC 62443 series of standards on industrial automation and control systems security. Presentations were then given on the security assessment methodology being developed within CYRAIL and on the operational scenario which will focus on communications as defined during the last workshop. Security by designs concepts, including Multiple Independent Levels of Security, were presented by Fortiss.
During these presentations, the importance of close cooperation between X2RAIL-1 work package on cyber security of rail systems and CYRAIL through the advisory board was emphasised, as X2RAIL-1 will deliver guidelines for security assessment dedicated to Railway and Urban, specifications for a secure railway network including threat detection, prevention and response mechanisms and will then specify related demonstrators.
The workshop ended with a discussion on the approaches of centralised and distributed architectures from a cybersecurity point of view.