Cybersecurity is crucial in today’s world, as our society increasingly relies on connected infrastructure and devices. In the field of railways, connected trains and infrastructure are seen as a major source of improvement for the management of traffic and capacity, energy efficiency, and network communication. But this trend also means more potential threats of cyber-attacks. To protect the rolling stock and fixed installations, the support of adequate tools and requirements is needed.

CENELEC contributes to providing this protection with the brand new CLC/TS 50701 ‘Railway applications – Cybersecurity’ developed by ‘CLC/TC 9X - Electrical and electronic applications for railways’.

This Technical Specification is a major landmark for the European railway sector, as it aims to provide requirements and recommendations to handle cybersecurity in a unified way for the railway sector.

EN ISO/IEC 27701 “Security techniques. Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management. Requirements and guidelines” sets out generic requirements for a Privacy Information Management System whose guidance can be adapted by organisations according to their context and applicable obligations. It can be considered as an international framework, in which it is possible to define more particular, regional refinements.

CEN and CENELEC’s Joint Committee 13 ‘Cybersecurity and Data Protection’ (CEN-CLC/JTC 13) has now started a new project, which aims at developing a standard that offers such refinements for a European context: the aim is to develop guidelines that organisations will be able to use for the purpose of demonstrating compliance with their obligations relating to GDPR.

The Commission is laying out a vision to build a new Joint Cyber Unit to tackle the rising number of serious cyber incidents impacting public services, as well as the life of businesses and citizens across the European Union. Advanced and coordinated responses in the field of cybersecurity have become increasingly necessary, as cyberattacks grow in number, scale and consequences, impacting heavily our security. All relevant actors in the EU need to be prepared to respond collectively and exchange relevant information on a ‘need to share', rather than only ‘need to know', basis.

The Recommendation on the creation of the Joint Cyber Unit is an important step towards completing the European cybersecurity crisis management framework. It is a concrete deliverable of the EU Cybersecurity Strategy and the EU Security Union Strategy, contributing to a safe digital economy and society.

2021 is the European Year of Rail. On this occasion, CEN and CENELEC are proud to highlight the important role European standards play to ensure the well-functioning of a key sector for the future of Europe. Standardization on railways application is part of CEN and CENELEC’s wider work on transportation, a complex and large portfolio: it includes 1234 standards from CEN and CENELEC. These standards are mainly developed by two Technical Committees (TCs), CEN/TC 256 'Railway Applications' and CLC/TC 9X 'Electrical and electronic applications for railways'. In particular, standards on rail cover a wide range of topics specifically related to railways applications (products, processes and services), such as, among others, safety, rolling stock capacity, system efficiency, as well as cybersecurity, digitalisation, and automatic couplings. This work on rail contributes massively to the development of safe, innovative and efficient railway systems infrastructure, rolling stock and systems, and supports the EU in its strategic ambitions.