Whether you’re building new rail infrastructures or expanding existing ones: Siemens Mobility offers state-of-the-art building information modeling (BIM) for complete virtual planning using computer-generated 3D modeling that integrates all planning partners and information available. This improves planning reliability, shortens the project execution, and enhances the asset performance during operation and maintenance. We manage our project data including building information modelling compliant to ISO19650. 

All critical processes, data, and collaboration are protected from being compromised by technical standards and control mechanisms. A digital key protects all data by limiting access to it. The consistent security concept and custom level of security are grounded in the leading security standards for railway industries according to ISO 2700X. 

Secure mobility requires secure connectivity – and secure remote diagnosis and monitoring of trains and infrastructure. That’s what the data diode DCU (Data Capture Unit) is made for. This one-way data gateway permits the reaction-free connection of a signaling and safety infrastructure to the IoT. Embedded in MindConnect Rail and MindConnect Road, the DCU helps optimize the connected control, safety, and security systems. Train operation data, for example, can be merged via MindSphere with historical consumption data, weather forecasts, and information on major events, making the traffic flow smoothly and easing travel. The DCU can also be used to support intrusion detection systems by detecting abnormal activities in connected networks – or to record operating data like wayside signaling applications for juridical purposes.

Cybersecurity is an extremely important factor for the rail sector. Unfortunately, cyberattacks on rail systems are on the rise and such systems are increasingly targeted by hackers. Our cybersecurity services help you proactively close cybersecurity gaps. An analysis of elements like control and safety systems, vehicles, depots, and rail electrification makes it possible to identify potential vulnerabilities and implement protective measures. We develop a holistic cybersecurity concept precisely tailored to your requirements, while also taking into account the applicable security standards, national and international legislation, and cybersecurity initiatives.

Rail systems are critical infrastructures that must guarantee safety, reliability, and compliance with legal requirements. Whether it’s a greenfield project or retrofit of an existing rail system, Siemens Mobility’s integrated cybersecurity solutions give operators a customized concept and expert implementation. Our cybersecurity solutions are based on anticipated reliability and how many attacks have already occurred. A security system is built from a comprehensive set of components including endpoint security, network security with firewall zone separation, identity and access management – for example, with an authentication, authorization, and accounting (AAA) server – public key infrastructure (PKI), security information and event management (SIEM), and intrusion detection systems (IDS). Everything can be coordinated from a cybersecurity operation center (C-SOC) and tested virtually in digital twins.

Siemens Mobility is a rail system provider with extensive domain expertise and an industry cybersecurity leader – and is the best choice for secure rail systems. 

The Sitraffic smartGuard traffic control center is ideal for smaller cities and municipalities. For example, it provides an instant overview of traffic lights that are malfunctioning, occupancy of parking garages, and the current traffic situation in the metropolitan area. The main advantage is that Sitraffic smartGuard is Web-based and controlled via the cloud. This means that there’s no need to invest in expensive hardware: You can control your traffic system anywhere and anytime from a tablet, PC, or smartphone.
 

The availability, reliability, and security of Sitraffic smartGuard and all the products, systems, and services in our portfolio are confirmed by an ISO certification, (ISO/IEC 27001) which ensures that all IT security technologies comply with the latest technical standards. The level of security is further enhanced by the two-factor smartGuard security concept and the security standards applied in all field devices, servers, and data transfer systems.

The ITS traffic controllers are installed outside in urban environments and handle safety-critical signalization for urban traffic flows. They’re usually connected to higher-level traffic management centers in different types of networks. To ensure the security of these networks, our traffic controllers have several layers of security mechanisms implemented, including physical access restrictions, user access management, and firewalls. The most security-critical element of a traffic controller is the signal monitoring, which ensures the safety of the signalization for the traffic flow. This is secured within the architecture and kept completely separate from network-accessible segments. Any modifications that require physical access are secured via hardware settings.
 

Other security measures can be implemented upon request. Standard delivery can be easily configured to grant access only to certified users. Additional hardware enables remote access control, where operators in traffic centers are notified when someone gains physical access to the installation.

Connected mobility involves communication between road infrastructure, vehicles, and vulnerable road users like bicyclists and pedestrians. This communication can be established locally via roadside units and via 4G/5G communication through cloud services and smartphone applications. Due to the high level of connectivity, cybersecurity is crucial. Our connected mobility solutions are therefore developed with a strong focus on their security. Direct V2X communication between vehicles and infrastructure is secured via PKI-based authentication mechanisms according to the latest standards. State-of-the-art technologies like TLS and VPN are used to secure access to the roadside and central systems. Security-sensitive materials like encryption keys are stored in tamper-proof hardware security modules, and there are measures in place that detect any physical tampering with devices in the field.

Autonomous shuttles promise a better quality of life and more mobility by decreasing traffic by about 90 percent and reducing traffic accidents through the shared use of autonomous public transportation. Our Sitraffic mooV autonomous shuttle is completely driverless and combines the vehicle’s autonomous driving feature with road infrastructure information. It relies on the autonomous driving demand responsive transport (AD-DRT) system. The software center allows operators to control and manage their autonomous transportation system. As soon as it detects unauthorized access to the door contacts, it sends an alert to the operator. It also detects the unauthorized addition of objects and monitors traffic so that any manipulation can be promptly identified. The system achieves a high level of functional security integrity (up to SIL 3).

Mobility as a Services (MaaS) platforms combine seamless trip planning, smart booking and payment as well as big data analytics in one single account including all available means of transport from public transport to car-sharing and many more. Cybersecurity is essential when running a MaaS app, as these systems contain personal, sensitive data, not only master data but also transaction data from customers. Data misuse is prevented by using the latest encryption techniques, conducting regular penetration tests and monitoring current threat scenarios. The collection of personal data has to be reduced to a minimum and data pools are separated at all times.

Smartphone-based ticketing options make traveling more convenient and prevent ticket chaos and loss. Cashless payment ensures passenger security, which has become even more important since the outbreak of COVID-19. Smart ticketing solutions like our XiXo portfolio offers make ticketing easier than ever with no knowledge about the fare system. The best price is always guaranteed. Encrypting technologies ensure that tickets can’t be copied easily, and so transportation companies’ revenue losses can be prevented. Data protection is guaranteed by separating transaction data from customer data: Customer profiles can’t be created based on geo data (UU-ID = unique user ID). Encrypted tickets and regularly changing barcodes support this.

Traditional public transportation models are developing in order to meet the growing demand for seamless, flexible, and sustainable mobility. Demand-based transportation is the key to reducing dependency on private vehicles. Fixed lines with high frequency are fed by flexible lines like first and last mile services, paratransit, off-peak hour services, and B2B shuttles to better and more efficiently reach new and existing areas. Cybersecurity is essential to protect customer and payment data, and so we’ve oriented ourselves to GDPR compliance.

With intermodal data analytics, you can derive traveler insights and understand their travel patterns in public and intermodal transit. Data analytics offer data-driven solutions for many tasks in traffic planning, strategy, and operations: for example, scenario analysis, capacity planning for rail replacement traffic, optimization of interconnections, and incident detection in real time. High-resolution occupancy analysis and prognosis can be performed down to a single vehicle. We treat customer data responsibly and anonymously and protect it from unauthorized access during transmission to storage. We scan our systems regularly for possible weak points and follow the Siemens PSS guidelines.

Transport planning systems (TPS) products are flexible software solutions for train planning, capacity management, and more. From strategic long-term planning and annual timetables to short-term planning based on real-time data during operation – TPS enables users to create reliable timetables and attract passengers with a reliable performance. Because our customers entrust us with sensitive and security-relevant data, cybersecurity has a high priority. Therefore, TPS is fully integrated into the customer's IT landscape and connected to all security-relevant systems. Access to the system is only permitted for authorized people, and development processes are monitored under strict cybersecurity regulations. Third-party software is tested using vulnerability management processes, and employees are trained by security experts and receive regular security trainings.