…Concepts and Levels of Security
IT security in public transport must be understood as a holistic and overarching task. For example, the industry standard IEC 62443 describes the consideration of cyber security concepts from different points of view: General, Policies and Procedures, System, Components. In addition, different areas require different levels of protection. Protection concepts and measures are then geared to the respective security level: An IP camera in a vehicle must be protected differently than the data of a payment system.
Cyber Security Challenges in Public Transport
Like many companies, most fleet operators and transport operators need to focus their resources on their core business. They have little expertise regarding cyber security and often no knowledge of IT standards. However, they need to ensure a network that has an adequate level of protection. In practice, implementing and ensuring protection measures is a challenge for many public transport operators.
The selection and implementation of methods and measures to protect a system depends on the application and its protection needs. The steps below provide an overview of practical measures to improve cyber security in public transit vehicles:
- Perform risk assessment: Identify and assess risks in terms of vulnerabilities, threats, attack scenarios and potential impact.
- Implement basic security measures: Access control, network segmentation, disabling unused interfaces, deploying firewalls, changing passwords.
- Secure communication and data: Use VPN and appropriate protocols to encrypt communication and data.
- Implement physical security measures: Block physical access to all components for unauthorized persons; monitor/control physical access.
- Define an action plan in advance: Define immediate actions, countermeasures, roles and responsibilities, ensure competency.
- Keep the system up to date at all times: Install software updates to address known vulnerabilities and security gaps.
- Train employees: on potential threats, protective measures, and preventive measures.
- Monitor: Monitor IT system regularly to identify deviations or security incidents; implement methods and tools to accomplish monitoring.
>> Read also: The Ethernet Switch & Cybersecurity
Subscribe to our monthly newsletter and stay tuned
Thanks for subscribing! We will be happy to keep you up to date, but first you need to confirm your email!
More Stories Like This:
With increasing data volume and requirements for real-time data in public transport vehicles, IP-based communication has become a basic requirement for modern IT system architecture in vehicles. We use two examples to show how transport operators...
ROQSTAR OpenAPI can be used to automate tasks. In this article, we look at a real-world example of how the work of transport operators is made easier with the help of OpenAPI supported by ROQSTAR Ethernet Switches. ContentA Typical...
TRONTEQ, the world's only manufacturer that produces Ethernet switches only for bus and rail, has expanded its ROQSTAR Ethernet switch product family with new 10-port Gigabit M12 switches. The devices are available in four variants, each with and...
Our products are fundamental for the digitalization in public transport. ROQSTAR M12 Ethernet Switches provide the network infrastructure for e-ticketing, passenger counting systems (PCS), dynamic passenger information (DPI) and closed-circuit television (CCTV).