The railway industry has been an essential part, used as a means of transportation for passengers or to carry freight, of every country in the world, some call it the economic backbone of every country. When we talk about digital transformation in the railway sector, we usually think of e-ticket machines, passenger information displays, and onboard connectivity aka passenger Wi-Fi, however technological advancements in the rail industry have increased system interconnections, signaling systems, train control systems, and telemetry.

These technological advancements, including cloud/edge computing, IoT, robotization, and AI, are propelling the rail industry, but there are also associated risks and vulnerabilities – cyberattacks. Let’s delve into the different railway system architecture areas, including Onboard System, Wayside, and Control Center, to address the top threats to cybersecurity in the railway industry.

Onboard System

The onboard rail system uses wireless technology to connect the network between railroad cars for data exchange, providing onboard Wi-Fi, passengers’ information systems, signaling and automatic train protection (ATP) systems, traction and door control and command systems, and driver advisory systems (DAS).


Wayside network-related equipment, including routers, controllers, and serial servers, are often stored in a railway location cabinet and deployed beside the railway tracks. Based on different railway needs, the equipment may include actuators for display signals, ATP ground devices for detecting vehicle positions and speed limit information, and repeaters for wireless transmission, all to provide real-time information to trains and control centers.

Control Center

The control center refers to the back-end control center of railway operations, which includes the communication system, signal control system, and passenger information system. The communication system provides vehicle dispatching, power distribution, signal remote control, safety monitoring, maintenance, and passenger service. Signal control systems integrate signaling equipment, ATP systems, and level-crossing protection equipment to automatically control vehicles to maintain a safe driving speed and handle traffic flow for maximized performance and driving efficiency. The passenger information system provides real-time vehicle information, such as upcoming train numbers, following train numbers, departure times, stop mode, or even the number of remaining seats to improve boarding efficiency. The control center must be able to receive railway-related information in real-time, to provide appropriate operational decisions and management.

Top Vulnerabilities Faced by the Railway Industry

Railway infrastructure and operational systems require high levels of availability, accessibility, and security, as new technology features connectedness and communications, which presents new attack surfaces, and the rail transportation systems need to be strong and resilient to cope with cyberattacks. The growth of IoT has led to a proliferation of connected devices aboard a train, which can become entry points for hackers. Onboard and wayside devices often use WLAN protocol with low security, and attackers can inject malicious commands into the system. As wayside network-related equipment is typically housed in rail location cabinets, which has the vulnerability to be physically broken into.

Mitigation Solutions

The rail industry needs to implement appropriate proactive, not only reactive, cybersecurity practices. An effective cybersecurity solution should provide real-time alerts and constant monitoring, offering operators full visibility to review alerts and actional insights. Protective measures should be placed on the communications system, train control, signaling interfaces, power and traction control signaling, and business (financial) systems to bar unauthorized transmissions and limit the data traveling over specific links.

Featured Product

Lanner ICS-R372 Series is designed as a cost-effective embedded system, powered by Intel® Apollo Lake CPU, providing quality performance with low power consumption for rolling stock cybersecurity applications. ICS-R372 has passed extensive vibration and shock testing, earning compliance for the EN50155 standard, making it exceptionally suitable for cybersecurity applications in railway vehicles. This fan-less system also boasts an abundance of I/O and internal expansion capabilities with IP67-rated M12 connectors, including 6x LAN ports, 1x internal 2.5" drive bays, 2x HDMI ports, USB and console ports, offering power-efficient performance for secure railway computing needs. 


Fanless Rolling Stock Computer with Intel® Atom™ x7-E3950 Processor

CPU Atom™ x7-E3950
Chipset SoC

Read more