Back to overview

Assessment of the ICT security of a railway infrastructure

An operator of a medium-sized railway infrastructure was required to provide real-time information on the traffic situation to a national system. This required the introduction of new IT systems and a connection from the operational systems (OT) to an Internet interface.

Emch+Berger AG Bern was contracted to prepare a risk analysis for this project.

The risk analysis of the operational systems (OT) was based on a thorough assessment of the asset inventory including the configuration of firewalls, the identification of existing zones and their isolation as well as the type of data traffic between the zones. The probability and impact of various threats were derived for each zone.

During the analysis, undocumented direct connections to critical systems were discovered in the existing system, which would have allowed access from outside.

The analysis revealed further problems such as knowledge drain or weak protection of installations using virtual machines.

Emch+Berger AG Bern suggested using a dedicated gateway to achieve better isolation of the OT systems not only from the Internet, but also from exposed field elements.

The proposed solution achieved a significant improvement in system security at low cost.

Period

2022

Contact

Christian Nänni

Downloads

Assessment of the ICT security of a railway infrastructure (Reference sheet)

Fields of activity

Mobility and traffic;Rail systems;Safety / RAMS

Delivered services

Definition of the system to be analysed

Subdivision of the overall system into zones and conduits

Hazard and interface analysis

Identification and risk assessment of threat scenarios

Recommendations for ensuring cyber security in operations

Practical solution for effective risk minimisation at low cost

Other Projects

2012

2021

Development of Advanced Traffic Management and Decision Support Functionality for Rail Networks

The Danish rail infrastructure manager BDK is carrying out a full replacement of all signalling equipment, control and Business IT systems. Two contracts involving control systems have been awarded, one to Thales for Centralised Traffic Control (CTC) West and Passenger Information and one to Alstom for CTC East, Advanced Traffic Management and Decision Support and Planning functions. Emch+Berger AG Bern played the leading role in the RAEP consortium supporting BDK in ensuring this portion of the East (Alstom) contract satisfies the expectations of BDK. The specific challenges included:

Visioning, Blueprinting and Specifying a completely new approach to Traffic Management and Decision Support for a large Network with mixed traffic
Aligning the existing Product Base of the Supplier and Instructing the Processes
Developing Real Time Database Systems that cover Rolling Stock, State of the Railway, Topology
Integration of Disruption Management including Maintenance Contract Requirements into the Design
The support of the Customer in preparing the business changes to make best use of the emerging Technology

1990

2021

Test and Commissioning Activities in ETCS Signalling Projects

In ETCS projects the test and commissioning activities must ensure the timely completion of all tests required by system and subsystem requirements, safety and interoperability norms, operational scenarios, customer internal, national and international norms, etc. and must also assure the preparation and execution of commissioning activities.

Emch+Berger AG Bern provides highly skilled specialist for the Gotthard and Ceneri base tunnels and the Danish Fjernbane project, who consult the customer (and suppliers) in different test and commissioning topics, and specify and supervise all necessary test and commissioning activities.

Emch+Berger has done this successfully in the past in the Lötschberg base tunnel.

2009

2017

ETCS Gotthard Base Tunnel, Detailed Design and Realisation Train Control and Signalling System

Assistance of detailed design, realisation and commissioning of the new train control and signalling system for the Gotthard base tunnel on behalf of AlpTransit Gotthard AG.

The project is carried out by a consortium under the lead of Emch+Berger AG Bern. The works includes all signalling related systems on an ERTMS-basis in the perimeter of the project such as control and communication system, interlocking, ETCS/RBC and is embedded over special interfaces into other neighbouring signalling systems (conventional signalling systems).

2009

2011

ETCS Level 2 Denmark, Traffic Management

The Traffic Management is the railway-operation’s central element to assure the expected improvement in operational performance put forward to justify the investments into the Signalling Programme, the implementation of ETCS level 2 on the entire network of Denmark. With regards to the duplication of traffic in the future, latest science operational processes are applied to traffic management by centralised traffic control centres.

The objective of operational performance is satisfying the expectations of present and future rail customers. The institutional relationship between the infrastructure operator and the train operating companies is designed based on responsibilities to align processes to achieve this. The improvement in the effectiveness of the Traffic Management is based on the introduction of a control loop model of traffic management incorporating also conflict-prediction and real-time rescheduling processes (conflict resolution).