In a recent whitepaper, UNIFE, the association representing European rail supply companies, identified cybersecurity as one of the five most critical focus areas to drive rail digital transformation and optimize passenger experience, improve logistical performance, and enhance their capacity for carrying freight.
UNIFE is spot on: Cybersecurity is essential to maintaining and boosting rail’s appeal and competitiveness.
Trains’ allure is obvious. No other form of transportation can carry more people per hour. They’re far safer than almost any other form of ground transportation. But the mobility revolution of recent years – from new advances toward autonomous driving to the integration of multiple modes of transportation services – is bringing disruption on a virtually unprecedented scale, posing a strongly competitive challenge to rail.
While global train use increased by about 9 billion rides between 2012 and 2017, the competition is rapidly gaining steam. Securing rail’s place in the future of transportation will require an unwavering commitment to innovation and cutting-edge technologies.
With digitization and innovation, cybersecurity will become all the more important. All the elements essential to maintaining rail’s competitive edge – including AI, digitization and performance-optimizing technologies like data analytics tools – will only spur the desired improvements if the railways are well-fortified against ever-evolving cyber threats.
Keeping Railway Technologies on Track
As UNIFE noted in its paper, the smooth functioning of smart railways will only be possible if operators, infrastructure managers, and suppliers are able to collaborate across networks – cooperating on issues like managing railway traffic, system performance, infrastructure status and repairs, and so on. Effective interoperability in this highly digitized context will require system integration across different railway stakeholders and even international borders, making cybersecurity paramount.
Simply put, smart railways will be connected railways. But while greater connectivity carries the promise of significantly enhanced performance and better service for passengers, it also carries the risk of potentially devastating, far-reaching disruptions in the event of a cyber-attack.
Not only could cyber-criminals disrupt system performance with a well-planned attack on railway operators’ digital assets, they could even threaten the safety of passengers – by disrupting signaling systems, for example, sending trains hurling off the tracks or into one another.
How can the industry head off such scenarios? The European Union’s Network and Information Systems (NIS) Directive, which took effect in May 2018, is a step in the right direction. The NIS Directive sets a baseline of cybersecurity standards for operators of critical infrastructure, including railways, with an eye toward ensuring exceptional system integrity and effective protocols for dealing with cyber breaches.
Because not all systems can be equally secured, the industry should prioritize the protection of its most sensitive assets – those affecting key objectives like safety and service availability. Rail companies should develop frameworks for sharing information about cyber events and for continuously collaborating to strengthen the industry’s defenses in the face of dynamic, evolving cyber threats and increasingly sophisticated malicious actors. The development of comprehensive, unified cyber solutions designed specifically to the rail industry is critical in a closely connected industry that is only as strong as its weakest link.
Amidst a global shortage of nearly 3 million cybersecurity professionals, the rail industry must invest in cybersecurity education at all levels, recognizing that every employee, regardless of her or his function, is indispensable to keeping systems secure. This includes the rail companies as well as the rail manufacturers, who must make cybersecurity an integral part of their future product design.
Exceptionally safe, efficient, and environmentally friendly trains will be invaluable to intelligent mobility ecosystems. But without digital transformation and uncompromising level of cybersecurity, the railways risk losing out on a vital opportunity to shape the future of mobility. By investing in cybersecurity today, the railway industry will go a long way toward safeguarding its future for decades to come. The automotive industry has recognized the crucial nature of cybersecurity in its drive towards the future. It’s time for the railway industry accelerate as well.
*This post was originally published in: https://www.linkedin.com/pulse/unife-confirms-cybersecurity-driving-rails-digital-amir-levintal/