What are the threats?
How to assess the risks?
How to detect attacks targeting Rail systems?
How to mitigate the consequences, what are the counter measures?
What are the Resilience Mechanisms?

The final recommendations of the project was presented during this one-day conference on 18 September 2018 from 09:00 to 16:30


UIC INTRODUCTION – Jacques Colliard
ERA - Thomas Chatelet
CEN-CENELEC - Denis Miglianico
UIC Rail System Department – Francisco Marques on behalf of Marc Antoni
Context and objectives (EVOLEO)
Railway systems - Operational context and scenario (UIC)
What are the threats? (AIRBUS)
What are the main risks?
Overview on existing methodologies
Recommendation for rail
Assessment of existing solutions and Deployment of detection solutions on CYRAIL’s operational scenario (FORTISS)
Practices and solutions for alerts and incident management (AIRBUS)
Identification of mitigation strategies and Focus on Security-by-design and MILS (FORTISS)
Specification of countermeasures for CYRAIL’s operational scenario (AIRBUS)
Cyber resilience design principles and techniques
Applying cyber resilience on CYRAIL’s operational scenario
Common Criteria and Protection Profiles
Deriving requirements for the modular Protection Profile
Application to the railway


CYRAIL Recommendations on cybersecurity of rail signalling and communication systems


UIC press release published on 18 September 2018 link

EVOLEO Technologies LDA (Portugal) - Coordinator of CYRAIL Project

EVOLEO Technologies, Lda. is an SME, investing in skills related to the design of critical and complex electronic systems. EVOLEO embraces five areas of activity: Space, Transportation, Energy, Health and Industry. EVOLEO holds a skilled multidisciplinary engineering team seeking and promoting partnerships and networking between centers of knowledge and industry players. EVOLEO strongly cooperates, among others, with European Space Agency (ESA), Portuguese Medical Emergency Service (112), European Railway entities, Industrial entities as BOSCH and multiple international R&D groups in the frame of cooperation projects.

EVOLEO is a founding member of the Portuguese Railway Platform, which is an organisation created to manage the rail cluster in Portugal, bringing together Operators and Managers, Academia and R&D, Industry and SMEs, focusing on Research and Development and Innovation projects in areas such as Rolling Stock,
Command, Control and Communications, Interoperability, Infrastructure and Knowledge Management, amongst others.

EVOLEO key skills are related to the design, build and integration of electronic embedded systems solutions for monitoring and data processing (Remote Interface Units). Those may include integrated intelligence SW (embedded) for local data pre-processing or simply as transmitters of collected data to a central server.

EVOLEO has also skills in the implementation of multi-core systems (e.g. on FPGA) and has recently cooperated in an ESA project in the design of a Computer Unit and its on-board controlling SW for a satellite payload control with LEON3 processor and real time OS RTEMS, involving key players of the computing solutions such Aeroflex Gaisler in Sweden.

Role within CYRail :

EVOLEO is WP leader for WP1 “Project Management” and WP2 “Operational Context and Scenarios”. In addition they contribute to Task T3.2 on Definition of security zones and vulnerabilities and Task T7.3 on Exploitation and Sustainability Strategy as task leaders. These roles match completely the fundamental capabilities and skills of EVOLEO as these tasks have been what the company is doing since its foundation 9 years ago in the different areas of activity, namely in space and rail, where EVOLEO have been studying, designing and developing critical ICT and Computational Systems.

EUSKOIKER, Jakintza Lanezko Ikerkuntza Investigación Universidad Empresa (Spain)

Euskoiker is a member of the Basque Network for Science, Technology and Innovation – RCTVI (Innobasque), and of the Spanish Network for University-company Foundations (RED FUE) and is listed as the Office for the Transfer of Research Results (OTRI in Spanish) of the Spanish State (OTRI website) Euskoiker, a non-profit organization, is a foundation that has as its objective the development of relations between Academia and society. Its governors (founders) are the three Regional Governments of Bizkaia, Gipuzkoa and Araba, and the three Chambers of Commerce of Bilbao, Gipuzkoa and Araba and the University of the Basque Country / Euskal Herriko Unibertsitatea. Its existence dates back to 1979 and over the course of more than thirty years it has managed numerous research projects, made strategic contacts and participated in several research presentation forums (FOROTECH, PROMA, TECNOVA).

The Euskoiker foundation collaborates with different research groups in the areas of Humanities, social sciences, engineering and technologies, medical and natural sciences, under the agreement signed to this end with the university since 1995.

Throughout this year’s we have collaborated with more than 1500 companies, and the volume of projects that are processed per year is about 250, between research projects, consultancy and technical assistance, expert reports, training, etc…

Role within CYRAIL :

  • EUSKOIKER contributes to WP3 “Security Assessment” as Work Package leader and Task 4.1 on “Threat Identification and Analysis”, WP5 “Mitigation and Countermeasures Specification” and Task 7.3 on “Exploitation of Results” as participant.
  • Euskoiker brings on board its experience in control and command signalling and ERTMS modelling and background experience on security assessment on ERTMS and TCMS technologies. (WP3)
  • Euskoiker also contributes with previous experience on the design of resilient communication architectures in the railway domain SECRET project (WP5 Mitigation and Countermeasures Specification).
  • Euskoiker also plays an important role in dissemination activities.

Fortiss GmbH (Germany)

FORTISS is an independent non-profit ICT research and development organization closely associated with the Technische Universität München (TUM). It has been founded in 2009 with the sponsorship of the Bavarian Ministry for Economics as a co-location center where practitioners work together with academic researchers from the TUM for advancing application-driven research and for facilitating an accelerated transfer of ICT research results into industrial practice. The FORTISS research center currently employs about 100 research staff members.

FORTISS is an active member of several industrial associations such as ARTEMISIA and BITKOM. It is an affiliate partner of the EIT ICT Labs since 2010, and it played a major role in building up the smart energy systems and the cyber-physical systems action lines of the EIT ICT Labs. Since 2013 FORTISS is a satellite colocation center of the EIT ICT Labs (later rebranded EIT Digital), a leading European open innovation organisation.

Regarding Internet of Things and CPS, FORTISS is leading two major projects from the last year ICT-1 call on a design center for CPS and on Trusted Applications for CPS.

Role within CYRail :

FORTISS brings on board its experience in:

  • Cyber-physical systems, with a focus on SW technology for safety-critical and secure systems, including aerospace, automotive and medical domains
  • Software architecture for trusted Internet of Things systems, in particular with MILS architectures.
  • Internet of Things service development and tool chains

Especially, FORTISS contributes to the WP5 on Mitigation and Countermeasures as Work Package leader.

International Union of Railways, UIC (France)

UIC, the international union of railways, is the worldwide international organisation of the railway sector with its headquarters located in Paris, France. UIC hasmore than 200 members across all five continents. Members mainly include integrated railway companies, infrastructure managers, and railway or combined transport operators, rolling stock.

UIC’s mission is to promote rail transport at world level and meet the challenges of mobility and sustainable development.

Main UIC objectives are:

  • Facilitating the sharing of best practices among members (benchmarking);
  • Supporting members in their efforts to develop new business and new areas of activities;
  • Proposing new ways to improve technical and environmental performance;
  • Promoting interoperability, create new world standards for railways (including common standards with other transport modes);
  • Developing fundamental values of railway transport (Safety, Security, Sustainable development, International training, Research…).
  • As far as security is concerned, the UIC security platform is bringing together security experts from our members. The security platform is organised around an annual congress to take stock of the work carried out and to propose future priorities, a steering Committee and three permanent working groups (Human factors, New technologies, Strategy, procedures and regulations) and two ad hoc working groups at the request of UIC members (Border crossings, Metal theft).

Role within CYRail :

UIC , representing the rail end-users contributes to WP7 on "Dissemination and exploitation of the results” as Work Package leader and to Task T2.1 on "Rail systems within the public transport environment" as task leader apart from being involved in
several other tasks as member.

AIRBUS Defence & Space (France)

AIRBUS Defence & Space, department on cyberSecurity SAS is providing high grade cyber-security services and solutions for private and public actors, including various entities from Airbus Group, governments & public services, companies and critical infrastructures.

Besides its mission to protect Airbus Group, it has acquired a strong experience on military and national security projects. CassidianCyberSecurity is one of the trusted security actors selected by the French national authority for information security (ANSSI) to provide labelled security services to the French national-critical infrastructures (Opérateurs d’Importance Vitale).

With 2 other main facilities in United Kingdom and Germany, Airbus Defence and Space Cybersecurity is by design a European player, capable to enforce standardization of cybersecurity solutions at multi-domestic level. The French entity benefits from a strong expertise in cyberdefense, including risk assessment, threat analysis, anomaly and attack detection. That’s why the main focus in this project will be on WP4 regarding Threat Identification and Detection Techniques.

Role within CYRail :

  • AIRBUS brings on board its experience in cyber risk assessment in particular with respect to infrastructures involving SCADA/ICS (WP3 security assessment).
  • AIRBUS provides threat intelligence expertise, using knowledge base tools like Orion Threats ® and the experience from threat analysts (Task 4.1 Threat identification and analysis).

AIRBUS provides :

  • expertise in anomaly and attack detection, using Keelback Suite ® and the experience from our Security Operation Center (SOC) operators (Task 4.2 Early attack and anomaly detection).
  • expertise from its Security Operation Center (SOC) to support enhanced alerting and collaborative incident management (T4.3)
  • expertise from the incident response team to support activities on mitigation and emediation (WP5 Mitigation and Countermeasures Specification).
  • expertise from the security architecture team to support activities on security profile definition and security testing capabilities to support compliance assessment in WP6.

ATSEC Information Security AB (Sweden)

ATSEC information security is a vendor independent company specialized in information security consultancy and evaluations. The company operates accredited Common Criteria evaluation facilities in Germany, Sweden and the US. In the US the company is also accredited to perform the validation of cryptographic modules under the Cryptographic Module Validation Program (CMVP) operated by the US National Institute of Standards and Technologies (NIST). atsec information security AB is the Swedish subsidiary of atsec and is like the rest of atsec dedicated to all aspects of IT security, ranging from management consultancy to technical investigations and implementation of security solutions for our customers world-wide. atsec is an
active contributor to the development of international, normative IT security standards. Consequently, atsec has a high level of expertise in consulting clients on how to apply and implement such standards, as well as in evaluating IT operations, products, and systems against standardized criteria.

ATSEC information security is an accredited IT Security Evaluation Facility (ITSEF) under the Swedish, German and U.S. Common Criteria schemes under the Common Criteria Recognition Arrangement. In Sweden, ATSEC is accredited under the Sveriges Certifieringsorgan for IT-Sakerhet (CSEC); in Germany, ATSEC is accredited under the Bundesamt fur Sicherheit in der Informationstechnik (BSI); in the U.S., ATSEC is accredited to perform evaluations under the Common Criteria Evaluation and Validation Scheme (CCEVS) operated by the National Information Assurance partnership (NIAP).

  • ATSEC information security has successfully evaluated and is evaluating multiple products against NIAP PPs, e.g. Protection Profile for Mobile Device Fundamentals Version 2.0 as well as Protection Profile for Network Devices Version 1.1
  • ATSEC employees actively contribute to the development of the international standards under ANSI’s INCITS, the ISO/IEC Joint Technical Committee 1, Sub Committee 27 Security Techniques, The Open Group’s Trusted Technology Forum, NASPO, and in other focused trade associations and standards groups.
  • ATSEC employees contribute actively to the development of the international information security management system standards under the ISO/IEC Joint Technical Committee 1, atsec is heavily involved with the development of ISO/IEC 27001 and ISO/IEC 27002 (previously BS 7799 and ISO/IEC 17799). atsec provided the co-editor for ISO/IEC 17799:2005 and ISO/IEC 15446 and the editor for ISO/IEC 15408-1.
  • ATSEC information security companies are certified as compliant with ISO/IEC 9001, ISO/IEC 17025, and ISO/IEC 27001, assuring our standards for quality, laboratory management, and information security.

Role within CYRail :

ATSEC brings on board its experience in:

  • definition of the threats in the operational environment (Task 4.1 Threat identification and analysis)
  • identification of mitigation strategies as well as applicable countermeasures (task 5.1 Identification of Mitigation Strategies and 5.2 Specification of Countermeasures)
  • identification of security assessments and relevant standards (Task 3.1 Analysis and selection of the security assessment methodology and Task 3.3 Iterative risk assessment)
  • specification of Protection Profiles (WP 6)

ATSEC mainly contributes to WP6 “Protection Profile specification” :

  • Task 6.1 “Selection of standards and relevant frameworks”,
  • Task 6.2 “Specification of protection profiles and assurance levels and
  • task 6.3 “Compliance to Protection Profiles”.
D1.1 Project Quality Assurance Plan
D2.1 Safety and security requirements of rail transport system in multi-stakeholder environments
D6.1 Protection Profiles Specifications
Deliverable 6.1 on Protection Profiles
D7.1 Communication and Exploitation Plan first version
D7.3 4-page Brochure (Project Presentation) link
D7.4 Communication and Exploitation Plan Final version
D7.5 Recommendations Brochure
CYRAIL recommendations on cybersecurity of rail signalling and communication system

September 2018

On 2018-09-18 CYRAIL Final conference Paris, UIC HQ

October 2017

On 17-18 October 2017 ITS automotive nord Braunschweig, Germany
On 2017-10-04 CYBERSECURITY4RAIL Conference Brussels

May 2017

On 18 May 2017 Third UIC World Conference on Rail Telecoms UIC Paris

April 2017

On 2017-04-07 CYRAIL workshop with the Advisory Board Munich, FORTISS
On 2017-04-06 CYRAIL Second progress meeting Munich, FORTISS

December 2016

On 2016-12-20 CYRAIL/ARGUS Workshop Paris, UIC HQ
On 2016-12-19 CYRAIL First progress meeting Paris, UIC HQ

October 2016

On 2016-10-14 CYRAIL Kick-off meeting Porto, Evoleo HQ

The CYRail project is structured around 7 work packages (WPs) with a total duration of 24 months according to the structure shown below:

WP1 - Project Management


It will carry out the necessary management activities aiming at an adequate coordination of the overall project work plan. This WP includes the Project management concerned with the administrative coordination of the work including costs, timing and completeness of the deliverables.

Main Tasks of WP1

  • T1.1 - Financial management
  • T1.2 - Scientific and Technical Coordination
  • T1.3 - Data protection and gender issues
  • T1.4 - Management of contributions from the Project Advisory Board

WP2 - Operational Context and Scenarios


It will provide a comprehensive analysis of the existing rail system and future requirements from a customer point of view who is asking for a door to door safe and secure transport. This work package will first identify the most critical components of the rail system and their interactions with the other transport modes. Then the existing means of protection will be described. Finally an operational transport scenario involving different types of environment will be proposed for further security assessment in WP3.

Main Tasks of WP2

  • T2.1 – Rail systems within the public transport environment
  • T2.2 – Safety and security of the Railways systems
  • T2.3 – Operational scenario

WP3 - Security Assessment


It will provide an overview of current national and international security risk analysis frameworks, as well as their evaluation in order to identify the most suitable for the railway context. Special mapping and attention will also to be paid to the automotive and aeronautic industry to identify synergies. Currently, different security risk methodologies have been published by different organizations (APTA, DIN-VDE, International Electrotechnical Commission (IEC), ANSSI, etc.) all around the world. A complete overview of these proposals and their analysis will allow the definition of a common security framework that should be able to fulfil all these recommendations following a single risk analysis procedure. After defining a common security framework, this WP will perform the previously identified security assessment for most critical railway safety services (ERTMS, CBTC, TCMS…) in order to detect the most critical security zones, as well as the communication (also known as conduits) between them. The implementation of this security assessment closely interacts with WP4 and WP5. The identified threats of its system will be the input for risks and the countermeasures will be the reactive solution for reducing, when not eliminating, a detected risk.

Main Tasks of WP3

  • T3.1 - Analysis and selection of the security assessment methodology
  • T3.2 - Definition of security zones and vulnerabilities
  • T3.3 - Iterative risk assessment

WP4 - Threat analysis, attack detection and early warning


It will deliver a taxonomy of threats targeting rail management and control systems; provide threat classification, description and analysis. In a second step, a set of innovative techniques to detect attacks targeting rail management systems will be assessed, taking into account the potential combination of cyber and physical threats. Last but not least, a number of innovations supporting early warning, context-enriched alerting and collaborative incident management will be proposed.

Main Tasks of WP4

  • T4.1 – Threat identification and analysis
  • T4.2 – Early attack and anomaly detection
  • T4.3 – Enhanced alerting and collaborative incident management

WP5 - Mitigation and Countermeasures Specification


It will provide the specifications for countermeasures, identify the different mitigation strategies and resilience mechanisms that allow the operation to continue with guaranteed quality levels, without having impact on operational safety. The mitigation strategies are aimed at proactively inhibiting attacks on the system by employing systematic protection techniques in advance. The countermeasures react to anomalies detected with respect to the normal operation of the system and proactively counteract identified attacks. The resilience mechanisms ensure the safe operation in the presence of attacks.

Main Tasks of WP5

  • T5.1 – Identification of Mitigation Strategies
  • T5.2 – Specification of Countermeasures
  • T5.3 – Definition of resilience mechanisms

WP6 - Protection Profiles

Led by ATSEC

It will integrate the essential concepts considered in WPs 4 and 5 into profiles which capture the scenario and security requirements of WPs 2 and 3, respectively. The Protection Profiles Specification shall include: Security by Design; Specification of Protection profiles; Selection of Standard Framework; and Evaluation Assurance Level.

Main Tasks

  • T6.1 – Selection of standards and relevant frameworks
  • T6.2 – Specification of protection profiles and assurance levels
  • T6.3 – Compliance to Protection ProfilesWP

WP7 - Dissemination and Outreach

Led by UIC

It aims to communicate and disseminate the result toward the public transport operators, manufacturers of public transport systems, security providers, scientific community and public bodies.

Main Tasks

  • T7.1 – Communication and Dissemination Strategy
  • T7.2 – Involvement of the stakeholders
  • T7.3 – Exploitation and Sustainability StrategyDurationWorkpackage

The main technical objectives of CYRAIL are:

  • To select security analysis frameworks capable of assessing the most critical railway services, zones and communications to perform an exhaustive cyber security assessment of the Railway systems;
  • To deliver a taxonomy of threats targeting rail management and control systems capable of classifying, describing and analyse cyber-attack threats;
  • To assess and select innovative rail management systems attack detection techniques;
  • To specify Countermeasures and Mitigation strategies for improved quality levels;
  • To describe Resilience Mechanisms for Operational Safety;
  • To specify Protection Profiles with Evaluation of Assurance Levels.

Added Value

CYRail aims to have a significant impact on enhancing the operational security level of the different rail segments and the robustness of the railway information, control and signalling sub-systems.

With the challenge of boosting innovative and cost-efficient technologies and system for railway signalling, traffic control and automation with an ever increasing reliance on communications technologies, CYRail will contribute to the prevention of cyber-attacks, improving the operational security level of the different rail segments.

Facts and Figures

  • Total budget – 1.5 m€
  • Duration – 24 months
  • Project start date – 1st October 2016
  • Project end date – 30 September 2018
  • Partners – 6 partners from 5 different countries
  • Grant agreement no - 730843

Final recommendations

CYRAIL recommendations on cybersecurity of rail signalling and communication system

eNews articles