Helping Rolling Stock Manufacturers & Train Operators Align with TS 50701

RazorSecure specialises in providing cyber security solutions for the rail industry, and is involved in the creation of standards through our involvement in CENELEC and IEC.  We have developed an understanding of what train operators specifically need and also the engineering challenges of delivering solutions through OEMs. 

As a result, we have created solutions to help OEMs meet security requirements derived from sources such as:

• CENELEC TS 50701 technical specification (Europe)
• EU NIS Directive
• NIST Cyber Security Framework (USA)
• The series of ISA/IEC 62443 standards (International)
• AS 7770 (Australia)
• TSA Security Directive

What is TS 50701?

TS 50701 is a technical specification for cyber security in rail, from IEC62443. It was developed by the CENELEC Technical Committee 9X (TC9X) Working Group 26 (WG26) who cover everything to do with electrical systems and electronics for railways. 

The aim of TS 50701 is to define the processes for the identification, assessment and management of cyber threats and risks in railway applications. TS50701 makes available a cyber security technical specification that covers not just signalling, rolling stock, or fixed installations, but the whole rail ecosystem, and provides a framework for cyber requirements for both new procurements and legacy fleets

TS 50701 key railway application cyber security aspects:

• Defines the processes for the identification, assessment and management of cyber threats and risks in railway applications, including identifying potential vulnerabilities and possible attacks, and assessing their impact on operations and security.
• Proposes measures for the protection of critical functions in railway applications, including technical measures such as data encryption, user authentication, access rights management, and network monitoring.
• Defines the procedures for managing cyber incidents in railway applications, including incident reporting, investigation and analysis, and taking appropriate action to minimise harm.
• Recommends the implementation of safe development processes for railway applications, including risk analysis and testing. 

Why is TS 50701 important?

The railway industry is a key part of our critical national infrastructure, and as rail systems become more digitised and interconnected, the sector faces increasing cyber security threats. A train is part of a diverse cross-border eco-system with safety critical and non-safety critical systems in the environment. Attackers can have easy physical access to systems, therefore on-going monitoring is an essential way to ensure these systems have not been compromised. 

TS 50701 provides a framework for railway organisations to manage increased vulnerability and exposure to cyber security risks, helping to protect their critical assets. The standard puts the case forward that rail networks are more complex than conventional networks and therefore require a cyber security programme that considers the distinctive challenges seen within rolling stock. With this standard in place, rail operators can ensure their systems are secure by design, have defence in depth, and are capable of the on-going monitoring and intrusion detection of their systems, devices, and networks.  

How can RazorSecure help?

RazorSecure can help you reach your target security levels by providing specific solutions for key security countermeasures. 

We have developed our solutions to align with the cyber security frameworks, whilst also supporting efficient ongoing operations. To learn more about how RazorSecure can help rolling stock manufacturers and train operators align with rail cyber security standards and regulations contact one of our team today: