Pride Solutions Derby recently conducted a fleet cyber security review for a major train operating company to provide a detailed narrative on their current fleet security posture, as well as their organisational capacity to respond to a cyber security attack on the operating fleet.
Using a combination of OEM cyber security concept reports, vehicle design documentation and industry standards, we were able to define the threat landscape on the operating fleet. OEMs can develop concept reports that explore different potential threats and vulnerabilities within their vehicles’ systems and then build vehicle designs that minimize these risks.
Vehicle design documents provide information regarding the systems and and technologies that are implemented into each type to allow us to assess physical and topological threats. Additionally, national standards for rolling stock cyber security can be used to ensure that all vehicles are up-to-date with current regulations and best practices when it comes to protecting against external threats.
By combining these three elements, we created a comprehensive analysis of the threats facing the operating fleets and implement appropriate solutions to mitigate them.