Organisation of the project

The CYRail project is structured around 7 work packages (WPs) with a total duration of 24 months according to the structure shown below:

WP1 - Project Management


It will carry out the necessary management activities aiming at an adequate coordination of the overall project work plan. This WP includes the Project management concerned with the administrative coordination of the work including costs, timing and completeness of the deliverables.

Main Tasks of WP1

  • T1.1 - Financial management
  • T1.2 - Scientific and Technical Coordination
  • T1.3 - Data protection and gender issues
  • T1.4 - Management of contributions from the Project Advisory Board

WP2 - Operational Context and Scenarios


It will provide a comprehensive analysis of the existing rail system and future requirements from a customer point of view who is asking for a door to door safe and secure transport. This work package will first identify the most critical components of the rail system and their interactions with the other transport modes. Then the existing means of protection will be described. Finally an operational transport scenario involving different types of environment will be proposed for further security assessment in WP3.

Main Tasks of WP2

  • T2.1 – Rail systems within the public transport environment
  • T2.2 – Safety and security of the Railways systems
  • T2.3 – Operational scenario

WP3 - Security Assessment


It will provide an overview of current national and international security risk analysis frameworks, as well as their evaluation in order to identify the most suitable for the railway context. Special mapping and attention will also to be paid to the automotive and aeronautic industry to identify synergies. Currently, different security risk methodologies have been published by different organizations (APTA, DIN-VDE, International Electrotechnical Commission (IEC), ANSSI, etc.) all around the world. A complete overview of these proposals and their analysis will allow the definition of a common security framework that should be able to fulfil all these recommendations following a single risk analysis procedure. After defining a common security framework, this WP will perform the previously identified security assessment for most critical railway safety services (ERTMS, CBTC, TCMS…) in order to detect the most critical security zones, as well as the communication (also known as conduits) between them. The implementation of this security assessment closely interacts with WP4 and WP5. The identified threats of its system will be the input for risks and the countermeasures will be the reactive solution for reducing, when not eliminating, a detected risk.

Main Tasks of WP3

  • T3.1 - Analysis and selection of the security assessment methodology
  • T3.2 - Definition of security zones and vulnerabilities
  • T3.3 - Iterative risk assessment

WP4 - Threat analysis, attack detection and early warning


It will deliver a taxonomy of threats targeting rail management and control systems; provide threat classification, description and analysis. In a second step, a set of innovative techniques to detect attacks targeting rail management systems will be assessed, taking into account the potential combination of cyber and physical threats. Last but not least, a number of innovations supporting early warning, context-enriched alerting and collaborative incident management will be proposed.

Main Tasks of WP4

  • T4.1 – Threat identification and analysis
  • T4.2 – Early attack and anomaly detection
  • T4.3 – Enhanced alerting and collaborative incident management

WP5 - Mitigation and Countermeasures Specification


It will provide the specifications for countermeasures, identify the different mitigation strategies and resilience mechanisms that allow the operation to continue with guaranteed quality levels, without having impact on operational safety. The mitigation strategies are aimed at proactively inhibiting attacks on the system by employing systematic protection techniques in advance. The countermeasures react to anomalies detected with respect to the normal operation of the system and proactively counteract identified attacks. The resilience mechanisms ensure the safe operation in the presence of attacks.

Main Tasks of WP5

  • T5.1 – Identification of Mitigation Strategies
  • T5.2 – Specification of Countermeasures
  • T5.3 – Definition of resilience mechanisms

WP6 - Protection Profiles

Led by ATSEC

It will integrate the essential concepts considered in WPs 4 and 5 into profiles which capture the scenario and security requirements of WPs 2 and 3, respectively. The Protection Profiles Specification shall include: Security by Design; Specification of Protection profiles; Selection of Standard Framework; and Evaluation Assurance Level.

Main Tasks

  • T6.1 – Selection of standards and relevant frameworks
  • T6.2 – Specification of protection profiles and assurance levels
  • T6.3 – Compliance to Protection ProfilesWP

WP7 - Dissemination and Outreach

Led by UIC

It aims to communicate and disseminate the result toward the public transport operators, manufacturers of public transport systems, security providers, scientific community and public bodies.

Main Tasks

  • T7.1 – Communication and Dissemination Strategy
  • T7.2 – Involvement of the stakeholders
  • T7.3 – Exploitation and Sustainability StrategyDurationWorkpackage