As a signature for transport solutions, SYSTRA has raised a cybersecurity practice in order to tackle this critical and complex topic for its clients. It is critical because it affects rail transport, which is considered as an essential activity in many countries, and therefore requires a high level of security. It is complex because it has to be approached under multiple facets including process, technological and human, and applied to different types of information systems such as telecommunications, control and command, signalling, auxiliary systems, passenger services, etc.
Taking advantage of their technical and operational knowledge of rail transport systems, our teams are able to understand and advise transport operators, infrastructure managers and authorities in order to ensure passenger safety, business continuity, protection of sensitive data and compliance with applicable regulations and standards.
SYSTRA is at the forefront of cybersecurity
SYSTRA is at the forefront of cybersecurity for the rail sector, as demonstrated by its participation at ER-ISAC in the CENELEC Working Group 26 and its recent contribution to the European Union Agency for Cybersecurity (ENISA) report. The aforementionned study concerns the implementation of cybersecurity measures for the rail transport sector under the enforcement of the NIS (Network and Information System Security) Directive, which aims to implement a common base of security and best practices in the European Member States.
Our teams are also active in other regions accross the world: in the United States, SYSTRA has implemented the encryption of radio communications for a transport operator and is carrying out audits and risk management activities; in Australia, SYSTRA has advised a transport authority on securing the telecommunication network and the automated train control system; in Asia, SYSTRA is involved in the security governance, risk management, implementation review and test of security functions for several metro and tramway infrastructures.