back arrow
Back to Resources
Case Study

Uplifting Rail Infrastructure Security Postures with Advanced Visibility, Threat Detection, and Response

Uplifting Rail Infrastructure Security Postures with Advanced Visibility, Threat Detection, and Response
Case Study

Uplifting Rail Infrastructure Security Postures with Advanced Visibility, Threat Detection, and Response

Light Rail Transit
icon location
Real-Time Asset Visibility, Continuous Threat Detection, Monitoring, and Response
Demonstrated Compliance with Cybersecurity Requirements
Demonstrated Threat Detection of all Penetration Testing Attempts
customer icon

The Customer

The customer is a company responsible for the design and construction of a mass transit system for the a big metropolis in the EMEA region.
The line that CylusOne platform was installed on is integrated into a network of a Light Rail Transit (LRT) system and represents part of a comprehensive plan to improve the welfare and quality of life of the citizens of the region.
The total distance of the line is over 20km with more than 25 stations.

By integrating CylusOne in our signaling system, we now provide solutions to problems that did not even exist when the new LTR was planned and approved. The solution is designed to protect the line for many years to come
Regional Managing Director, CBTC Vendor
challenges icon

The Challenges

In its role managing the construction of the new light rail line, the customer awarded the signaling communications network (SCN) to one of the industry’s prominent vendors to implement its communications-based train control (CBTC) signaling system.

The strict cybersecurity requirements this vendor had to adhere to for the project were jointly developed by the customer and the national cybersecurity authority and designed to protect the line for many years to come.  In evaluating the cybersecurity requirements, the signaling vendor determined that a rail-specific cybersecurity overlay solution was needed. Specifically, the signaling vendor required a continuous threat detection and monitoring solution to improve the overall security posture of the SCN directly fulfilling many of the cybersecurity requirements being mandated and acting as a compensating control for more requirements.

The solution had to be capable of monitoring all in-transit data within the critical signaling, control and communications networks, without impacting either the network or the safety case.

solution icon

The Solution

The signaling vendor partnered with Cylus to incorporate the CylusOne rail tech security platform, an advanced cybersecurity solution designed specifically for rail systems, into its CBTC. This integration aims to enhance the protection of the customer's LTR line by bolstering the security of its signaling and train control systems. The active involvement of the customer's cybersecurity professionals played a vital role in the decision-making process to implement the CylusOne system into the new line.

CylusOne was selected partially because it seamlessly integrated into the signaling vendor’s system enhancing the overall cybersecurity and efficiency of the CBTC system providing visibility into all assets in the CBTC system, including ATS, ATP, and ATO. This visibility into the rail signaling systems allows a more comprehensive understanding of the system and helps ensure its security. 

Additionally, the solution includes advanced threat detection using machine learning and deep packet inspection to passively monitor all in-transit data on the CBTC signaling network uncovering both application-level and network-level threats. When detected, threat alerts are immediately brought to the attention of the rail network’s cyber security operations center (CSOC), along with remediation/mitigation playbooks, to respond to the impending threat.

At multiple times during and at the conclusion of the design and build (D&B) phase of the the new LTR line project, the national cybersecurity authority conducted advanced cybersecurity audits and testing on the security capabilities of all the new line’s systems including the signaling vendor’s SCN. CylusOne successfully detected and alerted on all the authority’s penetration testing attempts within the signaling infrastructure.

CylusOne is now fully integrated into the Cyber Security Operations Center of the new LTR line’s operations.

I welcome the emerging cooperation to increase the resilience of our new LTR line, with an in-depth view and comprehensive tools for dealing with cyber threats
Head of Cybersecurity

Let’s Talk About Securing Your Rail

Our experts will get you back on track

Schedule a Call
Blue right arrowWhite right arrow