
Understanding TS-50701, the new cybersecurity standard for rail networks
Live broadcast sponsored by Waterfall Security Solutions
Countries are increasingly committed to boosting a sustainable, resource-efficient, low-carbon economy. To reduce carbon emissions, Governments have realized that they need to increase public transport usage by making railways more productive and attractive to passengers. One way that railways and metros are achieving this is through the digitalization process.
However, all the efficiency gains resulting from increased network interconnectivity provides cyber-criminals with a bigger, more complex, and more vulnerable attack surface. Recognizing this increased threat landscape and complexity, the EU commission mandated CENELEC to integrate the essential requirements of EU Directives into a Technical Specification. Railway and cyber experts came up with the recently published TS 50701, which shows how to implement a state-of-the-art cybersecurity protection in a railway environment.
This talk discusses the new TS-50701 cybersecurity standard, the most important takeaways for both wayside and onboard systems, and important network segmentation considerations. The presentation will explore reference architectures and concrete examples based on rail cybersecurity projects.

Waterfall Security Solutions Ltd
Waterfall Security Solutions is the global leader in industrial cybersecurity, protecting critical industrial networks since 2007. Our mission is to revolutionize how entire industries protect physical assets and industrial processes from cyber attacks. Waterfall’s patented, unidirectional products enable safe IT/OT integration, remote monitoring and diagnostics, cloud connectivity and tamper-proof forensics, without the vulnerabilities that always accompany firewalled connectivity.
The company’s growing list of customers includes national critical infrastructures and utilities, power plants, nuclear plants, offshore platforms, refineries, pipelines, pharmaceutical, chemical and manufacturing plants, and many more. Deployed throughout North America, Europe, the Middle East and Asia, Waterfall products support the widest range of industrial and remote monitoring platforms, applications, databases and protocols in the market.
As a global leader in industrial control system security, Waterfall contributes routinely to national and international standards, best practice guidance and control system security educational programs. As a result, our products are widely recognized as simplifying compliance with security regulations, standards and best practices.
An error occurred trying to play the stream. Please reload the page and try again.
CloseJesus Molina is Waterfall’s Director of Industrial IoT. He is a security expert with years of experience in both OT and IT security, with a focus in rail networks and critical infrastructure. A former hacker, his early research on offensive security for building automation has been echoed by many publications, including Wired and The Register. He co-authored the Industrial Internet Security Framework, which is regarded as one of the most comprehensive studies on securing connected operational systems.
Mr. Molina holds several security-related patents and has published many research articles (1732 citations and counting) on diverse topics including intrusion detection, building security infrastructure, cloud security and IIoT security. He also co-organized the IoT Sandbox at the RSA conference, demonstrating real time hacks of everyday IoT items. Jesus holds a M.S. and a Ph.D from the University of Maryland.

Richard Thomas is a UKRRIN Industrial Fellow in Data Integration and Cybersecurity.
His Ph.D. Thesis reviewed the cybersecurity for some of the UK and European railway standards, identifying the challenges and proposing solutions to ensure future security. His research interests include the security of the ‘industrial internet-of-things’ and how we can leverage the wealth of data available from the rail sector. He also takes an interest in general cybersecurity topics including cybersecurity education and consumer issues, featuring on the BBC’s Rip Off Britain programme in mid-2018.
Richard was part of the Research Institute in Threats to Industrial Control Systems and is now a member of the Research Institute in Trustworthy Interconnected Cyberphysical Systems, receiving a grant to address the challenges the rail sector faces when moving towards compliance with the EU Network and Information Systems Directive.