Rail resilience and beating the malware threat

+ In a world where every device and system is connected to the internet, railway stakeholders need to improve their resilience to cyber-crime.

Major cyber-security stories have become a recurrent feature on the news. Malware and hacking are now recognised daily global threats to every kind of infrastructure. I want to argue that across the world, the rail sector needs to become more aware of the dangers of hacking and catch up with the approaches we’ve seen in energy-generation, government, and banking. I think designers need to embed cyber-resilience thinking and protective measures early on in every rail project life cycle.

The rail sector is rapidly embracing digitisation. From the introduction of widespread public Wi-Fi to a rail workforce that now uses mobile devices to deal with track faults, the risks from cyber-crime in the rail industry are real and growing. 

To an extent, these risks have already been recognised and legislated for. Indeed, in Europe, under existing EU law, rail operators have obligations to protect the rail operations from a variety of risks. These fail-safe requirements now include cyber-crime e.g. malicious software instructing the system that a train’s doors are closed, when in fact they’re open. 

But regulation and the law can only ever be part of an effective response to the evolving threat of cyber-crime. Resilience has to be derived from reducing the likelihood of attack, developing systems to mitigate disruption and failures once systems come under attack. Rail infrastructure also needs sensitive monitoring that can provide detailed early warnings of attack and provide adequate contingency, recovery and continued operation of the rail network. 

Better technology, but increased risks

In a connected world, the service improvements that technology makes possible also bring with them additional dangers. The London Underground is an example of this, facing increasing demand on its railway system, London has added more trains and therefore runs them much closer together, with digital technology controlling and managing the service. Great news for passengers, but this also means that malware-related incidents or failures have a potentially bigger effect on the network and affect a greater number of travellers. And with more rail commuters, the network’s need to recover and return the service to normal will be an even bigger priority. 

Rail operators need to develop intelligent fail-safe systems, capable of monitoring and responding to train behaviour on the network in real time. For example, if they become aware of anomalous increases in train speed that fall outside normal operational boundaries, systems would automatically alert managers and remotely adjust speeds to safe levels.

Cyber-crime’s potential impact on safety and reliability is considerable and growing. Given the complex, connected nature of modern technology it’s vital that designers plan early and take a joined-up approach to cyber-resilience. Only then can security be improved at every stage of the project life cycle, from design to operation, decommissioning to disposal. 

I’d be interested to hear in the comments section below, from anyone who’s started to adopt this approach on rail projects around the world.