The Conference will address the following cyber security structures and associated initiatives in Europe.
Single European Railway Area (SERA)1:
As part of the European single market, the SERA supports harmonisation of technical, administrative and safety rules for interoperability between national rail systems. Technical specifications for interoperability (TSI) support interchange of precious data to ensure efficient operation of services for passengers and freight, but TSI interchange requires secure exchange strategies to avoid cybercrime.
Railway Community Modernisation:
Following the separation of operations and infrastructure in our modern railway systems, IT interconnections are increasingly complex. On-going railway operations, as well as the adoption of TSIs, require a safe and secure network strategy to protect data interchange, and to ensure identification, authentication and trust. Each set of national railway actors must ensure its own integrity against cybercrime. In addition, each railway must ensure that crossborder connections with other networks for interoperability do not compromise safety and security. We are all part of a European Railway Ecosystem whose resistance to cybercrime relies on cooperation.
Is the first piece of EU-wide legislation on cyber security. It was adopted in July 2016, and will be transposed by Member States by June 2018 to include creation of a Computer Security Incident Response Team (CSIRT) / Computer Emergency Response Team (CERT) and cooperation network. Railways, as operators of “essential services”, will have to take appropriate security measures and to notify serious incidents to the relevant national authority, and are encouraged to develop an ISAC (Information Sharing & Analysis Centre). ISACs already operate in industries such as Energy3 and so provide operational examples of how cooperation between Railway IT experts could be implemented as support for our own discussion.
The Conference will also address the lessons learnt from the Police, the Connecting Europe initiative and Hit Rail.
Lessons from Police and Cybercrime Investigation:
Collaboration between Member States security services and agencies such as EUROPOL ensures cooperation at a high level, to combat the current loss of around 270 Billion Euro per annum to the European economy4. IT experts give their technical advice to support these agencies, and have numerous examples of how cybercrime operates, and what avoidance strategies can be considered.
Lessons from Connecting Europe5:
The Connecting Europe programme from DG CONNECT, which also supports implementing the NIS Directive, ensures safe and secure Government Service ecosystems, and facilitates cross-border delivery of Government services for mobile citizens and business, using secured networks to connect Member States nodes so as to limit opportunities for cyber intrusion. CE also provides service-interoperability building blocks (BBs), using common specifications (like TSIs) some of which arise from the eIDAS6 Regulation, and needs cooperation potentially using a secure common network strategy (supported by BBs) - deployed by trusted communities of stakeholders: a model relevant to Rail.
Hit Rail’s experience and strategies for secure networking:
Hit Rail will describe how it has adopted increased security measures in its network offer and how these measures have ensured its 100% record of providing rail with a virus and intrusion free network.
1 SERA: http://www.europarl.europa.eu/atyourservice/en/displayFtu.html?ftuId=FTU_5.6.6.html
2 NIS Directive: https://ec.europa.eu/digital-single-market/en/network-and-information-security-nis-directive
3 European Energy ISAC: http://www.ee-isac.eu/
4 EUROPOL Unit EC3: https://www.europol.europa.eu/about-europol/european-cybercrime-centre-ec3
5 Connecting Europe Digital examples: https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/CEF+Digital+Home
6 eIDAS regulation: https://ec.europa.eu/digital-single-market/en/trust-services-and-eid