Seven partners set to deliver new Shift2Rail ‘4SECURail’ project for railway cybersecurity and safety

Two 4SECURail teams aim to design a Computer Security Incident Response Team (CSIRT) for joint EU-Rail cyber security, and a Formal Methods Demonstrator for improved Railway Signalling Systems.

A consortium of seven European specialist partners from Spain, Italy, The Netherlands and France has been selected to deliver a new EU Shift2Rail Programme funded through Horizon 2020.

Started in December 2019 and officially launched in Barcelona in January 2020, 4SECURail is co-ordinated by engineering consulting firm Ardanuy Ingeniería, S.A., in collaboration with CNR, FIT, Hit Rail, SIRTI, Tree Technology and UIC.

The 4SECURail consortium will deliver a co-designed collaborative process and tools for the coordination of cybersecurity response across European railways, as well as a Formal Methods Demonstrator to support better interoperability of signalling systems for railway security, safety and efficiency.

Hit Rail B.V., the European rail industry’s IT specialist, will work alongside partners UIC (International Union of Railways) and Tree Technology an R&D company to deliver the co-design and testing of a model and collaboration platform for a European Railway Computer Security Incident Response Team (CSIRT), designed to coordinate the Cyber Security response actions of the separate railway security teams. The CSIRT will extend that collaboration and will be demonstrated and tested in 2020/2021 to support future consideration of the feasibility of deployment by the Shift2Rail Joint Undertaking and its work in X2RAIL3 supporting the EU Rail ISAC and Rail Community.

Consiglio Nazionale delle Ricerche (CNR) will work, alongside Ardanuy, FIT Consulting and SIRTI, to provide a demonstrator for the evaluation, in terms of cost, benefits and required learning curve, of the impact of the use of Formal Methods for the rigorous specification of the components of a railway signalling infrastructure. This is of particular interest to railway Infrastructure Managers, since only cost-effective and precise specification methodologies allow improvement in the dependability of the subsystems developed by different suppliers.

Shift2Rail is a European rail initiative that seeks to encourage focused Research and Innovation (R&I) aimed at integrating new and advanced technologies through its Horizon 2020 funding and aimed at completing the Single European Railway Area (SERA). The 4SECURail project, started in December 2019 and officially launched in January 2020, will contribute to ensuring correct behaviour, interoperability and safety for signalling systems, along with measures to deploy collaborative Cyber Security support across Europe.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the attackers, the board a decade behind security discussions and regulation needing more industry input.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that the UK’s Mid-Market IT Leadership expects to see a shortfall in IT spend in 2022. While 52% of IT decision-makers believe their 2021 budget met the ambitions of their team, there seems to be less certainty and confidence about future finances — 61% think their budget will need to increase in 2022, but only 13% expect it to.
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and operational cloud services that is unique on the market, enabling clients across the world to meet the challenges of managing their data in the edge to cloud continuum, in line with the highest jurisdictional data governance requirements. Part of the Atos' OneCloud initiative, Atos OneCloud Sovereign Shield is a comprehensive edge to cloud platform ecosystem and highly secure service that improves the level of control clients have over the data they produce and exchange, helping them regain control and effectively deal with legal dependencies.
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets across Europe with further expansion into APAC planned.
Research from Avast has found that employees in almost a third (31%) of Small and Medium Businesses (SMBs) in the UK are connecting to the corporate network using personal devices that do not have any security controls in place, according to IT Decision Makers (ITDMs) within SMBs.
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53% offer backup services.
Trend Micro has published new research revealing that 90% of IT decision makers claim their business would be willing to compromise on cybersecurity in favor of digital transformation, productivity, or other goals. Additionally, 82% have felt pressured to downplay the severity of cyber risks to their board.
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real terms’ during 2022 – leading to increased cyber vulnerability.