Inligo Networks to deliver keynote showcase at Submarine Networks World 2022
VTC 1030 and nROK 1030 Fanless Box PCs for Rolling Stock and Vehicle Fleets
Discover Smart Pantograph-Catenary Monitoring Systems from Intel
Going from data to insights: The value of a digital twin in rail
Railway-certified modular IoT edge gateways
Demand for Inspection Robots Expected to Spike by 2023
Handheld Announces Major Upgrades to Its Popular Nautiz X2
Why use a commercially supported C/C++ toolchain?
If you see it, you can monitor it
Cognitive rail pilot: can robots take over train driving?
Technology has led to the advent of connected vehicles intelligent enough to interact with the driver and link to the cloud. But this has opened up a new avenue of cyberattacks in which bad actors could disrupt a vehicle’s operations by hacking into its control network.
With connected vehicles becoming more commonplace on the highways, cybersecurity programs have been pursued to good effect in the auto industry. However, cyberattacks can be equally disruptive to railroads.
FreightWaves spoke with Amir Levintal, the CEO of Cylus, an Israeli rail cybersecurity startup, to understand the potential impact of a hacking event.
“Over the last decade, more and more technologies have been introduced in the rail industry for both signaling systems and the rolling stock. By using wireless communication to control the train, the rail system is exposed to cyberattackers who can get into the network and do sensing and control the same way switches can,” said Levintal.
The rail freight business is based on a failsafe mechanism. When the train detects a communication signal that is not part of the process, the engine stops for safety. “Stopping the train might be safe, but it is not secure [because] if the attacker succeeds to get into the network and send just one command that is not part of the process, it will stop the train,” said Levintal.
While that might not be a catastrophe in itself, it could cause a huge disruption to freight movement. If, for instance, the train carries goods with short expiration windows, such as produce, unexpected halts could spell disaster.
“For rail companies to prevent such attacks, they must have visibility into situations where hackers are trying to attack their network. Once they have that, they can understand what someone is trying to do, and remediate and remove the attacker,” said Levintal. “But to detect the attacker is a real challenge as the networks are very complicated and spread over a large area.”
Real-time visibility into the network will allow railway companies to automatically detect hackers and establish protective measures around the network in case of an attack. According to Levintal, rail companies currently lack that visibility.
“For rail cybersecurity, there is no single solution that fits all. Rail companies need a solution that is specifically designed for them. This is because most of these systems are proprietary technologies and communications, and generic solutions cannot work,” said Levintal.
Levintal explained that Cylus can help here because it is focused on the rail industry and understands the cybersecurity issues that surround it.
The cybersecurity measures start with Cylus nonintrusively analyzing data from networks and then doing more in-depth inspections for data anomalies, which hackers look to capitalize on during an attack. “If we detect malicious activity, we provide actionable insights to the operator and controlling station and let them know what to do with the attack,” Levintal said.
Levintal said solutions like Cylus complement the expertise of the people working at the control system.
“They are great at train signaling and freight locomotives but are not necessarily good at cybersecurity,” Levintal said. “There is a very close relationship between security and safety, and the fact that a system is safe doesn’t mean that it is secure. Once the rail companies understand that cyberattacks might harm safety, they would deal with security in the same way they deal with safety.”
This article first appeared on www.freightwaves.com
About this website
Railpage version 3.10.0.0037
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest is © 2003-2022 Interactive Omnimedia Pty Ltd.
You can syndicate our news using one of the RSS feeds.