Strengthening cybersecurity for a new train fleet

Background

In an era where digital transformation is revolutionising the transport sector, modern trains are increasingly dependent on complex software systems, network connectivity and automation. These technological advancements offer major improvements in efficiency, performance, and passenger experience, but they also introduce new vulnerabilities to cyber threats. For rail operators and owners, safeguarding these systems is a technical necessity and essential to ensure a safe, uninterrupted service.

Recognising these challenges, a leading rolling stock leasing company (ROSCO) took a proactive step to secure its newly introduced train fleet. As cybersecurity risks become increasingly sophisticated and regulatory scrutiny intensifies, the company engaged Encompass Engineering to conduct a comprehensive cybersecurity risk assessment.

The goal was clear: evaluate the existing security defences, identify any system vulnerabilities, and develop a robust strategy to strengthen cyber resilience across the fleet.

Our approach

We began with a detailed review of the manufacturer’s security measures, examining their effectiveness in safeguarding onboard systems. Working closely with the train manufacturer and operator – we facilitated in-depth workshops to explore potential cyber risks.

By working together, we identified likely attack scenarios and developed mitigation strategies tailored to the unique challenges of the specific fleet.

To test these strategies, cybersecurity experts performed a penetration test on the fleet’s systems by simulating cyberattacks to uncover any weak spots. We supported this process, ensuring any vulnerabilities were identified and a mitigation plan was developed to avoid future occurrences.

The challenges

One of the key challenges was striking the right balance between robust cybersecurity measures and the operational demands of the train service. Security enhancements needed to be effective without compromising performance, reliability, or the passenger experience.

Another significant challenge involved aligning the priorities of all stakeholders. The manufacturer had to implement cybersecurity solutions without introducing delays to production, while the operator required strong protections that would not disrupt daily operations. Encompass Engineering played a crucial role in bridging these perspectives, facilitating constructive dialogue and ensuring a cohesive, unified approach to cybersecurity.

The result

After extensive workshops, penetration testing and stakeholder collaboration, we delivered comprehensive reports detailing our findings and recommendations.

Key documents included:

Penetration testing report – A thorough breakdown of identified vulnerabilities, along with expert recommendations for addressing them.
Requirements matrix – A structured overview mapping security objectives against actual assessment findings to ensure clarity and accountability.
Cyber security action plan – A practical, step-by-step guide outlining immediate and long-term security measures to maintain system integrity.

Through a structured and collaborative approach, Encompass Engineering significantly strengthened the cybersecurity of the new train fleet. Our rigorous testing, expert analysis and coordinated efforts helped fortify the trains against potential cyber threats.

This project provided the ROSCO and the train operator with a clear understanding of cybersecurity risks and a practical roadmap for ongoing protection. It also demonstrated the importance of proactive planning, expert guidance and teamwork in securing modern rail systems. By taking action now, the train operators and manufacturers ensured a safer, more resilient future for their fleet and passengers.

Protect your fleet – Strengthen cyber resilience today

Cybersecurity threats in rail are evolving, and proactive protection is essential to safeguard your operations, assets, and passengers. Whether you are introducing new trains, upgrading your systems, or conducting a risk review, Encompass Engineering can help.

To learn more about how we can help enhance the cyber resilience of your trains, get in touch – together, we can build a more secure future for your fleet.