University of Birmingham and Rock Rail sign agreement to accelerate and promote rail cyber security

Rock Rail

The University of Birmingham’s Centre for Railway Research and Education (BCRRE) today signed a Memorandum of Understanding (MOU) with leading rolling stock and transport company, Rock Rail, establishing a strategic partnership on addressing railway rolling stock cyber security

Rock Rail has invested £3billion of funding from institutional investors into 1576 new, state of the art train vehicles. Along with software integrity and decarbonisation it considers cyber-security to be a key strategic area of focus for its business, both in delivering new rolling stock and in its asset management role.

The MOU establishes a strategic research and teaching partnership between BCRRE and Rock Rail to address specific cyber security challenges including application of technologies; processes and controls to protect systems; effective guidance for the railway sector and supply chain; and establishing key principles of best practice. In the past 10 years, the railway sector has been the target of adversaries, with incidents such as ransomware, data breaches, intrusions and malware being attempted against the railway systems within the EU.

The UK Rail Research and Innovation Network’s Centre of Excellence in Digital Systems, led and housed at BCRRE, offers world-leading expertise in Cybersecurity & Internet of Things (IoT). BCRRE’s dedicated rail cyber security laboratories offer practical and flexible workspaces to develop and test solutions for ‘real world’ operational systems and develop new solutions from theoretical backgrounds into implementable solutions.

Rock, is seeking to use its role to strengthen partnerships with leading manufacturers to lead in cyber security research, working with BCRRE to develop approaches to mitigate risks to Rock’s assets as well as promote learning and best practice for the industry. Rock Rail manages fleets built by Hitachi, Alstom, Stadler and Siemens and is developing strong relationships with other manufacturers, such as CAF. It is also exporting its leasing model to Germany, France and Australia.

Professor George Bearfield, Rock Rail’s Health, Safety and Cyber Security Director said “Rock is delighted to be working with BU in this important, emerging area. We take a long-term view of the risks to our assets and have identified cyber security as an area where we wish to be at the leading edge of risk management.”

Mark Swindell, CEO and Founder of Rock Rail said “the passenger, institutional investors and our partners look to Rock Rail to understand and mitigate any risks to our trains. Cyber security risk is of particular focus. I’m very pleased with our continued cooperation with UoB and their excellent Railway research centre.”

Dr Richard James Thomas, Industrial Fellow in Data Integration and Cyber Security and Rail Cyber Security Technical Lead at BCRRE says; “We are proud to establish this research partnership with Rock Rail. Cyber security is a growing topic of concern for the rail sector, especially as we continue our digitalisation journey, and this partnership strengthens the connections of a leading, digital ROSCO with a leading research centre in railway cyber security. Together we will answer fundamental questions faced by the sector to manage the cyber security risk of today and into the future that is unique to rolling stock, and the sector as a whole.”

Professor Clive Roberts, Head of School of Engineering at the University of Birmingham says: “Establishing this R&D partnership allows us to continue to share and develop our expert knowledge in cyber security. Our expertise in this area, built up over many years of industrial partnership, will enable us to assess and develop solutions for cyber security issues that affect the whole of the railway including signalling, rolling stock, and supply chain.”