Creating an accurate asset inventory, and keeping it updated can be challenging and extremely time-consuming. Not only do rail operational networks contain a large number of devices/systems from multiple vendors, but assets are also often added and changed frequently, intentionally or by human error. Leaving maintenance laptops connected to the live network with remote access and misconfigurations that add segments to safety-critical zones, are some of the common human errors made in rail operational environments.
These complex signaling and control networks typically contain security blind spots you might not even be aware of. In addition, these complex networks contain proprietary rail technologies and protocols that require specific expertise in order to automatically extract your asset inventory from their dataflow. An accurate, centralized asset inventory is essential for an effective cybersecurity program and operational monitoring.
Our asset inventory management service uses self-discovery functionalities to automatically identify all operational assets, enabling you to know what is on your signaling and control network at each point in time. Easy to implement, our service creates the base for your cybersecurity program, enabling you to identify and address risks and vulnerabilities related to your assets.
In accordance with the IEC 62443-2-1 standard, maintaining an up-to-date asset inventory is one of the main activities that you should be undertaking. We can provide you with an automatic, on-going and
repetitive process to keep your asset inventory systematically accurate. We can also provide this as a one-time service.
We have the expertise to analyze your proprietary technologies and protocols and by applying our CylusOne cybersecurity software solution we can understand your systems’ configuration. We can then map out the existing zones, conduits, components, and communications on real network data from your signaling and onboard systems, computer-based interlocking, passenger information systems, CCTV, and
You may choose to integrate our solution into your network or provide us with the network data exported from the relevant systems in a periodical manner (known as PCAP files).