Blog Médiane Système
A sustained commitment: our CYBERSECURITY project in the transport sector
Our client, which specialises in the development of real-time on-board equipment, has undertaken an ambitious programme to strengthen the cyber security of its products. Our mission was to put in place robust cybersecurity policies, optimise the development processes and guarantee the complete security of the products.
What are IEC 62443 and TS 50701?
The IEC 62443 and TS 50701 standards are fundamental pillars for establishing robust cybersecurity measures in industry and rail transport respectively.
Key points of convergence :
- Risk management: Both standards emphasise a proactive approach to risk management by identifying, assessing and mitigating potential threats.
- Access control: These define access control mechanisms to restrict unauthorised access to critical systems, thereby guaranteeing data confidentiality and integrity.
- Continuous monitoring: Continuous monitoring of network activities is encouraged, enabling anomalies and suspicious activities to be detected quickly (e.g. appropriate authorisation of systems and people to equipment and/or data).
- Network segmentation: Both standards advocate network segmentation (see zones and conduits), thereby reducing the propagation of threats and isolating sensitive areas.
In addition to the general cyber security principles of IEC 62443, TS 50701 focuses specifically on the requirements of the railway sector, including :
- Railway application: Directives tailored to railway systems, covering on-board equipment, traffic control and management systems.
- Communications security: Specific recommendations to guarantee the security of communications in the railway context (management of cryptographic keys, redundancy to ensure the continuous availability of critical systems and cope with breakdowns).
- Compliance with industry standards: Alignment with the standards and requirements specific to the rail industry helps to ensure the safety and reliability of operations.
We have adopted a holistic approach, tackling the policy side of cyber security, restructuring development processes and implementing advanced security measures. This global approach aims to ensure optimum protection throughout the lifecycle of embedded equipment.
The transport sector demands particular attention when it comes to cyber security, and the challenge has lived up to our expectations. Real-time on-board equipment requires maximum protection to ensure that systems function properly and that data is secure and intact.
Results and outlook
We're proud of the significant progress we've made to date (new safety policies, optimised development processes and gradual product safety improvements).
As we continue to move forward with this major project, our commitment to IT security remains unwavering. We are determined to provide our customers with solutions that meet the highest industry standards.
Contact us: email@example.com