Protection of Digital Train Fleets

Challenge

Ensuring cyber security compliance in a large digital fleet

When Northern Rail were procuring a new digital train fleet, they recognised the need to address emerging EU cyber security regulations. These regulations, introduced as the NIS Directive, required a proactive approach to ensure compliance and protect critical systems before the fleet’s delivery.

As the operator, they recognised operating the new train fleet would also introduce new cyber security risks associated with the advanced connected systems onboard. These systems, while essential for modern functionality and passenger experience, brought additional challenges to to ensure safety, compliance, and operational reliability.

In addition, Northern were also updating and retrofitting the remaining train fleet with advanced digital systems which also had to be considered alongside the new train fleet and made secure and compliant. 

Solution

Single pane of glass view across the entire fleet

The solution involved deploying Delta, our Intrusion Detection System (IDS) to monitor the fleets' systems and networks. Using anomaly detection, Delta learns 'what is normal' for critical systems and detects deviations that could indicate potential issues, attacks or threats. This included examining over 700 data points, including running software, installed software, active network ports, system logs, and critical onboard files.

This comprehensive IDS enabled Northern Rail to identify anomalies across their entire digital train fleet. Using advanced anomaly detection, rather than traditional signature-based methods, issues were quickly diagnosed and resolved, ensuring smooth and reliable operations.

Echo, our real-time monitoring solution was also used to provide an accurate view of the status and availability of onboard systems. It analysed differences in software versions, security patches and configurations. Ensuring compliance across the fleet and prevented configuration drift across different train classes.