CYRAIL - Cybersecurity in the RAILway sector.

Date: 
08/03/2018

Railway infrastructures are moving towards more intelligent, connected, user-centric and collaborative systems. While it brings many advantages for the industry and users, it also poses new opportunities for cyber-criminals and terrorists.

CYRail aims to deliver tailored specifications and recommendations for secure modern rail systems design and operation. The challenges are multiple:

  • wide and distributed geographical display of rail systems limit the traditional cyber-protection and cyber-defence tools & practices;
  • the heterogeneous nature of rail systems make them vulnerable to blended attacks;
  • the collaboration with other transportation infrastructures increase the number of points for attack;
  • new passenger-centric services may expose rail systems to threats known in the IoT;
  • ICT supporting these trends are not necessarily trusted for critical applications.

CYRail will address those challenges through a methodical diagnosis and specification process, enforced at each step of the cyber-security chain: operational context and scenarios will be defined, followed by a security assessments of railway systems. An analysis of threats targeting those infrastructures will be developed as well as innovative, attack detection and alerting techniques.

Adapted mitigation plans and countermeasures will be defined, taking into account their potential impact on operations. Protection Profiles for railway control and signalling applications will be delivered to ensure security by design of new rail infrastructures. The CYRail consortium intends to take advantage of developments in other industries (aeronautics, automotive and energy) and bring them into the railway sector, taking similarities and specificities into account.

The Consortium is comprised of a well-balanced group of 6 partners from 5 European countries with complementary skills. An Advisory Board is foreseen, to bring on board the expertise from stakeholders within the railway value chain.

Week: 
Thursday, 8 March, 2018

Project type:

News

Europol - Internet Organised Crime Threat Assessment 2018

Europol has just released its fifth annual Internet Organised Crime Threat Assessment (IOCTA).

The report offers a unique law enforcement view of the emerging threats and key developments in the field of cybercrime over the last year and warns of 15 ways in which people can fall prey to cyber criminals.

Events

29/09/2018 to 05/10/2018
Cryptology And Network Security - 30th September/ 3rd October 2018 - Naples (Italy)

The International Conference on Cryptology And Network Security (CANS) is a recognized annual conference, focusing on all aspects of cryptology, and of data, network, and computer security. CANS 2018 will be held in Naples from the next 30th September until the 3rd October.

06/10/2018 to 11/10/2018
Security of Personal Data Processing Event - 8th October - Athens (Greece)

ENISA and Cyberwatching.eu co-organize in October 8, 2018 a workshop on security measures (article 32 GDPR) in Athens.