Cybersecurity is crucial in today’s world, as our society increasingly relies on connected infrastructure and devices. In the field of railways, connected trains and infrastructure are seen as a major source of improvement for the management of traffic and capacity, energy efficiency, and network communication. But this trend also means more potential threats of cyber-attacks. To protect the rolling stock and fixed installations, the support of adequate tools and requirements is needed.
CENELEC contributes to providing this protection with the brand new CLC/TS 50701 ‘Railway applications – Cybersecurity’ developed by CLC/TC 9X 'Electrical and electronic applications for railways’. This Technical Specification is a major landmark for the European railway sector, as it aims to provide requirements and recommendations to handle cybersecurity in a unified way for the railway sector.
This Technical Specification applies to communications, signalling and processing domain, to tolling stock and to fixed installations domains. It provides references to models and concepts from which requirements and recommendations can be derived and that are suitable to ensure that the residual risk from security threats is identified, supervised and managed to an acceptable level by the railway system duty holder.
CLC/TS 50701 takes into consideration relevant safety related aspects (EN 50126) and takes inspiration from different sources (IEC 62443-3-3, CSM-RA), adapting them to the railway context. It covers numerous key topics such as railway system overview, cybersecurity during a railway application life cycle, risk assessment, security design, cybersecurity assurance and system acceptance, vulnerability management and security patch management.
With the precious contribution of CLC/TS 50701, the European railway sector can further develop securely the necessary applications for the train network of tomorrow.
Marc-Antoine CARREIRA DA CRUZ
macarreira@cencenelec.eu