{"id":74824,"date":"2026-06-09T09:05:43","date_gmt":"2026-06-09T08:05:43","guid":{"rendered":"https:\/\/www.systra.com\/uk\/?post_type=expert_insights&#038;p=74824"},"modified":"2026-06-09T09:07:57","modified_gmt":"2026-06-09T08:07:57","slug":"beyond-safety-addressing-the-security-gap-in-railway-software-standards","status":"publish","type":"expert_insights","link":"https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/","title":{"rendered":"Beyond Safety: Addressing the Security Gap in Railway Software Standards\u00a0"},"content":{"rendered":"\n<p class=\"has-light-eggplant-color has-text-color has-medium-font-size wp-block-paragraph\"><strong>The railway industry\u00a0operates\u00a0under strict regulations, with software solutions expected to meet both safety and security requirements. While considerable focus is placed on safety-critical software, it raises the question: is security given equal priority? How is the industry managing the \u201celephant in the room\u201d,\u00a0tackling the significant challenge of bridging gaps in software standards and best practices related to security?\u00a0<strong>Lucia Capogna<\/strong>, our\u00a0Cyber Security and Software Assurance Team Leader,\u00a0sets\u00a0the scene and examines\u00a0the current landscape surrounding these issues.\u00a0<\/strong><\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Digitalisation\u00a0has been introduced exponentially across railway solutions in recent years.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">The prevalence of this\u00a0new technology\u00a0means the rail network is more flexible and\u00a0inter-connected. Railways are more advanced than ever before \u2013 they are easier to enhance and customize and more responsive to sub-system failures.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">But with this digital evolution comes new and diverse risks that evolve over time \u2013 particularly\u00a0in regard to\u00a0cyber security.\u00a0<\/p>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 id=\"h-what-are-the-threats-to-the-railway-from-cyber-security\" class=\"wp-block-heading\"><strong>What are the threats to the railway from\u00a0cyber security?<\/strong>\u00a0<\/h3>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">The digital risks for the railway are higher than they\u00a0ever have\u00a0been.\u00a0They are\u00a0dangerous,\u00a0with the potential to be highly damaging.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">The\u00a0ENISA 2023 report\u00a0identified\u00a0one of the biggest\u00a0threats\u00a0comes from supply chain compromise of software dependencies.\u00a0This is when malicious actors may exploit flaws or defects in\u00a0software or\u00a0inject malicious code into\u00a0open source\u00a0libraries \u2013 causing shutdowns of crucial services and infrastructure.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">For the railway, this\u00a0can play out through attacks on\u00a0digital signalling, remote access for electrical isolations and even with the provision of Wi-Fi on trains.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">The digital risk comes from the fact rail systems are built to achieve targets around safety,\u00a0reliability\u00a0and functionality \u2013 but\u00a0cyber security is addressed separately from system design and engineering.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Software standards in general do not address the\u00a0cyber security requirements and often\u00a0fail to\u00a0provide recommendations on the\u00a0development\u00a0lifecycle and related activities.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Put simply, there is not a direct relationship between security levels (SL) and the\u00a0safety\u00a0integrity levels (SIL) protecting people from system failures \u2013 however, if\u00a0it\u2019s\u00a0not secure,\u00a0it\u2019s\u00a0not safe.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">The current\u00a0operational technology\u00a0regulations\u00a0for manufacturers and developers\u00a0do not go far enough. They\u00a0are\u00a0high level requirements that are not specific for railway applications, which makes it difficult to align with associated software development lifecycles.\u00a0<\/p>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-2 is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"576\" data-id=\"74826\" src=\"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-1024x576.png\" alt=\"\" class=\"wp-image-74826\" srcset=\"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-1024x576.png 1024w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-300x169.png 300w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-768x432.png 768w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-1536x864.png 1536w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-286x160.png 286w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-474x266.png 474w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-1352x761.png 1352w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-800x450.png 800w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-180x101.png 180w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-153x86.png 153w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2-230x129.png 230w, https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-2.png 1600w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/figure>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 id=\"h-what-is-needed-to-address-cyber-security-risks\" class=\"wp-block-heading\"><strong>What is needed to address\u00a0cyber security risks?<\/strong>\u00a0<\/h3>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">As the existing standards\u00a0illustrate,\u00a0generalised, high-level requirements for secure coding are not fit for railway purposes.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">It means there needs to be a defined approach\u00a0for\u00a0different levels\u00a0and stakeholders along the process.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">For manufactures and product suppliers, they need to integrate secure coding practice within the software development lifecycle.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Teams must\u00a0identify\u00a0software vulnerabilities in the software dependencies or existing software\u00a0versions, and\u00a0consider\u00a0end of life or end of support for those dependencies.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Asset owners in turn need to add specific security requirements for software development lifecycles and best practice.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">And the industry,\u00a0as a whole,\u00a0will\u00a0need to develop a standard or guideline that covers both safety and security aspects apportioned to software components.\u00a0<\/p>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 id=\"h-systra-s-approach-to-cyber-security-integration\" class=\"wp-block-heading\"><strong>SYSTRA\u2019s approach to\u00a0cyber security integration<\/strong>\u00a0<\/h3>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">SYSTRA\u00a0specialists\u00a0provides\u00a0a diversified set of services from policy and strategy definition, planning and process definition\u00a0and also\u00a0risk assessment.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">We recognize\u00a0cyber security threats and vulnerabilities span all lifecycle phases of a railway system, from the planning and design through to in-service use.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Poor implementation of digital assets can easily and unintentionally create\u00a0cyber security vulnerabilities between infrastructure and rolling stock; between operations and asset data; and even interrupt operations along the project design and build supply chain.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Our\u00a0Cyber security and Software Assurance team\u00a0operates\u00a0cross-industry and across all organisational levels. This includes setting strategic vision to the definition of operational processes and the tactical review of designs\/deliverables produced by others.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">We carry out the work\u00a0either as independents to support a\u00a0third\u00a0line of defence assurance regime or as acceptance of design and deliverables on our projects and programmes.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Managing cyber security and defining security requirements at the start saves time and costs down the track.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">The rail industry needs to shift from a position where\u00a0cyber security is an afterthought and an\u00a0additional\u00a0layer placed around a system, to one that is integrated throughout the design, build and\u00a0ultimately operation\u00a0of a system.\u00a0<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Cyber risks and threats are continually evolving.\u00a0Failure to stay\u00a0up-to-date\u00a0in relation to the changing threat landscape\u00a0means the\u00a0rail industry\u00a0risks not\u00a0achieving\u00a0value for money, best\u00a0practice\u00a0and an assured solution.\u00a0<\/p>\n\n\n\n<div style=\"height:64px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-group who-pattern-content-feed\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-8f761849 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\">\n    <div class=\"who-block-content-feed\">\n        \n\t\t<div class=\"tile tile--services \">\n\t\t<figure class=\"tile__thumbnail\">\n\t\t\t<img decoding=\"async\" width=\"1024\" height=\"645\" src=\"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2023\/07\/systems-engineering-integration-1024x645.jpg\" class=\"attachment-large size-large wp-post-image\" alt=\"\" \/>\n\t\t\t<figcaption class=\"tile__content\">\n\t\t\t\t\t\t\t\t\t<ul class=\"tile__tag__wrapper\">\n\t\t\t\t\t\t<li class=\"tile__tag\">\n\t\t\t\t\t\t\tservices\t\t\t\t\t\t<\/li>\n\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t\t<h3 class=\"tile__title\" style=\"color:#fff !important\">Systems Engineering &amp; Integration<\/h3>\n\n\t\t\t\t<a class=\"tile__link\" href=\"https:\/\/www.systra.com\/uk\/services\/systems-approach\/systems-engineering-integration\/\">\n\t\t\t\t\tRead more\t\t\t\t\t<span class=\"screen-reader-text\"> sur Systems Engineering &amp; Integration<\/span>\n\t\t\t\t<\/a>\n\t\t\t<\/figcaption>\n\t\t<\/figure>\n\t<\/div>\n    <\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\">\n    <div class=\"who-block-content-feed\">\n        \n\t\t<div class=\"tile tile--services \">\n\t\t<figure class=\"tile__thumbnail\">\n\t\t\t<img decoding=\"async\" width=\"1024\" height=\"645\" src=\"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2025\/11\/header-digital_data-1024x645.jpg\" class=\"attachment-large size-large wp-post-image\" alt=\"\" \/>\n\t\t\t<figcaption class=\"tile__content\">\n\t\t\t\t\t\t\t\t\t<ul class=\"tile__tag__wrapper\">\n\t\t\t\t\t\t<li class=\"tile__tag\">\n\t\t\t\t\t\t\tservices\t\t\t\t\t\t<\/li>\n\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t\t<h3 class=\"tile__title\" style=\"color:#fff !important\">Digital Solutions &amp; Software Development<\/h3>\n\n\t\t\t\t<a class=\"tile__link\" href=\"https:\/\/www.systra.com\/uk\/services\/digital-solutions-and-software-development\/\">\n\t\t\t\t\tRead more\t\t\t\t\t<span class=\"screen-reader-text\"> sur Digital Solutions &amp; Software Development<\/span>\n\t\t\t\t<\/a>\n\t\t\t<\/figcaption>\n\t\t<\/figure>\n\t<\/div>\n    <\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\">\n    <div class=\"who-block-content-feed\">\n        \n\t\t<div class=\"tile tile--services \">\n\t\t<figure class=\"tile__thumbnail\">\n\t\t\t<img decoding=\"async\" width=\"1024\" height=\"645\" src=\"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2023\/07\/transport-communication-networks-1024x645.jpg\" class=\"attachment-large size-large wp-post-image\" alt=\"\" \/>\n\t\t\t<figcaption class=\"tile__content\">\n\t\t\t\t\t\t\t\t\t<ul class=\"tile__tag__wrapper\">\n\t\t\t\t\t\t<li class=\"tile__tag\">\n\t\t\t\t\t\t\tservices\t\t\t\t\t\t<\/li>\n\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t\t<h3 class=\"tile__title\" style=\"color:#fff !important\">Transport Communication Networks<\/h3>\n\n\t\t\t\t<a class=\"tile__link\" href=\"https:\/\/www.systra.com\/uk\/services\/technical-systems\/transport-communication-networks\/\">\n\t\t\t\t\tRead more\t\t\t\t\t<span class=\"screen-reader-text\"> sur Transport Communication Networks<\/span>\n\t\t\t\t<\/a>\n\t\t\t<\/figcaption>\n\t\t<\/figure>\n\t<\/div>\n    <\/div>\n<\/div>\n<\/div>\n<\/div><\/div>\n\n\n\n<div style=\"height:85px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<div class=\"wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button has-custom-width wp-block-button__width-100\"><a class=\"wp-block-button__link has-dirty-purple-color has-pale-mauve-background-color has-text-color has-background has-link-color wp-element-button\" href=\"https:\/\/www.systra.com\/uk\/register\/join-our-community\/\">JOIN OUR COMMUNITY<\/a><\/div>\n<\/div>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"featured_media":74825,"template":"","type-insight":[],"class_list":["post-74824","expert_insights","type-expert_insights","status-publish","has-post-thumbnail","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.7 (Yoast SEO v27.7) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Beyond Safety: Addressing the Security Gap in Railway Software Standards\u00a0 - SYSTRA UK<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Beyond Safety: Addressing the Security Gap in Railway Software Standards\u00a0\" \/>\n<meta property=\"og:description\" content=\"The railway industry\u00a0operates\u00a0under strict regulations, with software solutions expected to meet both safety and security requirements. While considerable focus is placed on safety-critical software, it raises the question: is security given equal priority? How is the industry managing the \u201celephant in the room\u201d,\u00a0tackling the significant challenge of bridging gaps in software standards and best practices [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/\" \/>\n<meta property=\"og:site_name\" content=\"SYSTRA UK\" \/>\n<meta property=\"article:modified_time\" content=\"2026-06-09T08:07:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@SYSTRA_LTD\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/expert_insights\\\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\\\/\",\"url\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/expert_insights\\\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\\\/\",\"name\":\"Beyond Safety: Addressing the Security Gap in Railway Software Standards\u00a0 - SYSTRA UK\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/expert_insights\\\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/expert_insights\\\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/wp-content\\\/uploads\\\/sites\\\/11\\\/2026\\\/06\\\/cybersecurity-expert-insight-graphic-1.png\",\"datePublished\":\"2026-06-09T08:05:43+00:00\",\"dateModified\":\"2026-06-09T08:07:57+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/expert_insights\\\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.systra.com\\\/uk\\\/expert_insights\\\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/expert_insights\\\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/wp-content\\\/uploads\\\/sites\\\/11\\\/2026\\\/06\\\/cybersecurity-expert-insight-graphic-1.png\",\"contentUrl\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/wp-content\\\/uploads\\\/sites\\\/11\\\/2026\\\/06\\\/cybersecurity-expert-insight-graphic-1.png\",\"width\":1600,\"height\":900},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/expert_insights\\\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Expert Insight\",\"item\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/expert_insights\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Beyond Safety: Addressing the Security Gap in Railway Software Standards\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/#website\",\"url\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/\",\"name\":\"SYSTRA UK\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/#organization\",\"name\":\"SYSTRA UK\",\"url\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/wp-content\\\/uploads\\\/sites\\\/11\\\/2023\\\/07\\\/systra-logo.jpg\",\"contentUrl\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/wp-content\\\/uploads\\\/sites\\\/11\\\/2023\\\/07\\\/systra-logo.jpg\",\"width\":400,\"height\":400,\"caption\":\"SYSTRA UK\"},\"image\":{\"@id\":\"https:\\\/\\\/www.systra.com\\\/uk\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/SYSTRA_LTD\",\"https:\\\/\\\/uk.linkedin.com\\\/company\\\/systra_ltd\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Beyond Safety: Addressing the Security Gap in Railway Software Standards\u00a0 - SYSTRA UK","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_GB","og_type":"article","og_title":"Beyond Safety: Addressing the Security Gap in Railway Software Standards\u00a0","og_description":"The railway industry\u00a0operates\u00a0under strict regulations, with software solutions expected to meet both safety and security requirements. While considerable focus is placed on safety-critical software, it raises the question: is security given equal priority? How is the industry managing the \u201celephant in the room\u201d,\u00a0tackling the significant challenge of bridging gaps in software standards and best practices [&hellip;]","og_url":"https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/","og_site_name":"SYSTRA UK","article_modified_time":"2026-06-09T08:07:57+00:00","og_image":[{"width":1600,"height":900,"url":"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-1.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@SYSTRA_LTD","twitter_misc":{"Estimated reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/","url":"https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/","name":"Beyond Safety: Addressing the Security Gap in Railway Software Standards\u00a0 - SYSTRA UK","isPartOf":{"@id":"https:\/\/www.systra.com\/uk\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/#primaryimage"},"image":{"@id":"https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/#primaryimage"},"thumbnailUrl":"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-1.png","datePublished":"2026-06-09T08:05:43+00:00","dateModified":"2026-06-09T08:07:57+00:00","breadcrumb":{"@id":"https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/#primaryimage","url":"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-1.png","contentUrl":"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2026\/06\/cybersecurity-expert-insight-graphic-1.png","width":1600,"height":900},{"@type":"BreadcrumbList","@id":"https:\/\/www.systra.com\/uk\/expert_insights\/beyond-safety-addressing-the-security-gap-in-railway-software-standards\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.systra.com\/uk\/"},{"@type":"ListItem","position":2,"name":"Expert Insight","item":"https:\/\/www.systra.com\/uk\/expert_insights\/"},{"@type":"ListItem","position":3,"name":"Beyond Safety: Addressing the Security Gap in Railway Software Standards\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/www.systra.com\/uk\/#website","url":"https:\/\/www.systra.com\/uk\/","name":"SYSTRA UK","description":"","publisher":{"@id":"https:\/\/www.systra.com\/uk\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.systra.com\/uk\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.systra.com\/uk\/#organization","name":"SYSTRA UK","url":"https:\/\/www.systra.com\/uk\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.systra.com\/uk\/#\/schema\/logo\/image\/","url":"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2023\/07\/systra-logo.jpg","contentUrl":"https:\/\/www.systra.com\/uk\/wp-content\/uploads\/sites\/11\/2023\/07\/systra-logo.jpg","width":400,"height":400,"caption":"SYSTRA UK"},"image":{"@id":"https:\/\/www.systra.com\/uk\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/SYSTRA_LTD","https:\/\/uk.linkedin.com\/company\/systra_ltd"]}]}},"lang":"en","translations":{"en":74824},"pll_sync_post":[],"_links":{"self":[{"href":"https:\/\/www.systra.com\/uk\/wp-json\/wp\/v2\/expert_insights\/74824","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.systra.com\/uk\/wp-json\/wp\/v2\/expert_insights"}],"about":[{"href":"https:\/\/www.systra.com\/uk\/wp-json\/wp\/v2\/types\/expert_insights"}],"version-history":[{"count":1,"href":"https:\/\/www.systra.com\/uk\/wp-json\/wp\/v2\/expert_insights\/74824\/revisions"}],"predecessor-version":[{"id":74828,"href":"https:\/\/www.systra.com\/uk\/wp-json\/wp\/v2\/expert_insights\/74824\/revisions\/74828"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.systra.com\/uk\/wp-json\/wp\/v2\/media\/74825"}],"wp:attachment":[{"href":"https:\/\/www.systra.com\/uk\/wp-json\/wp\/v2\/media?parent=74824"}],"wp:term":[{"taxonomy":"type-insight","embeddable":true,"href":"https:\/\/www.systra.com\/uk\/wp-json\/wp\/v2\/type-insight?post=74824"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}