Rail Cybersecurity: Cylus & duagon’s Joint Solution

Global Rail Sector – May 22, 2025

The digital transformation sweeping through the railway industry brings unprecedented efficiency and connectivity, but it also exposes critical infrastructure to a rapidly evolving landscape of cyber threats. Modern rolling stock, increasingly reliant on complex networked systems for control, monitoring, and passenger services, presents a significant attack surface. Addressing these vulnerabilities is no longer a secondary concern but a primary operational imperative. This article delves into a pivotal development aimed at fortifying the cybersecurity posture of rail operations: the strategic collaboration between Cylus, a specialist in rail cybersecurity, and duagon, a prominent provider of communication and control technology. Their joint initiative seeks to embed robust cybersecurity measures directly into the foundational network architecture of trains, offering a proactive and integrated defense mechanism against sophisticated cyber attacks. This partnership signifies a crucial step towards ensuring the safety, reliability, and resilience of rail transport in an increasingly interconnected world.

The Escalating Need for Robust Onboard Cybersecurity

As railway systems become more digitized and interconnected, the potential attack vectors for malicious actors expand. Modern trains are intricate networks of Operational Technology (OT) and Information Technology (IT) systems, including Train Control and Management Systems (TCMS), Passenger Information Systems (PIS), signalling interfaces, and remote diagnostic tools. A successful cyberattack on these systems could have catastrophic consequences, ranging from operational disruptions and service outages to severe safety incidents and breaches of sensitive data. The threat is no longer theoretical; incidents globally have highlighted the urgent need for specialized cybersecurity solutions tailored to the unique operational environment and stringent safety requirements of the rail sector. Generic IT security measures are often inadequate for OT environments, which demand real-time performance, high availability, and a deep understanding of proprietary rail protocols and system longevity.

A Strategic Partnership for Integrated Protection

Recognizing this critical need, rail cybersecurity expert Cylus has partnered with duagon, a company renowned for its advanced communication, control, and computing solutions for railway vehicles. This collaboration is designed to deliver a comprehensive, integrated cybersecurity solution specifically for rolling stock. The core of this initiative involves the seamless integration of Cylus’s flagship cybersecurity platform, CylusOne, with duagon’s robust D527 Multi-Ethernet Secure Gateway. This synergy combines Cylus’s deep expertise in rail-specific threat detection and network monitoring with duagon’s proven hardware designed for the demanding railway environment. The goal is to provide rail operators with a solution that is not only secure-by-design but also easily deployable and manageable across diverse fleets, effectively embedding security into the very fabric of the train’s network.

Technical Deep Dive: CylusOne Meets the D527 Secure Gateway

The duagon D527 Multi-Ethernet Secure Gateway serves as the secure hardware foundation for this integrated solution. It is engineered specifically for rolling stock applications, featuring multiple Ethernet ports and a security-hardened Linux kernel. The D527 meets the stringent IEC 62443 industrial cybersecurity standard up to Security Level 2 (SL 2) and incorporates features like a configurable packet filter, which can be locked during production to ensure long-term security integrity. Furthermore, it supports secure remote updates and utilizes container technology, allowing for custom application adaptations without compromising the core system’s security.

CylusOne significantly enhances the capabilities of the D527 by providing a sophisticated software layer that delivers continuous network monitoring, real-time threat detection, and automated asset inventory management. Crucially, CylusOne is designed to understand the nuances of railway protocols and operational behaviours, enabling it to identify anomalies and potential threats that generic security tools might miss. Alexander von Allmen, Head of duagon’s Embedded Products Business Line, stated, “With the D527, we at duagon show our commitment to making railway more secure and to address the challenges our customers face in deploying solutions at scale across a large number of platforms. By integrating CylusOne, we can complement our product, offering a tailored solution to meet the customer’s needs.” This integration ensures that cybersecurity is not an afterthought but a fundamental component of the onboard network architecture.

Meeting Regulatory Demands and Ensuring Future Resilience

The combined Cylus-duagon solution is engineered to help rail operators meet a growing array of stringent industry standards and regulations. These include critical frameworks such as the Transportation Security Administration (TSA) cybersecurity directives in the United States, the European Union’s NIS2 Directive (Network and Information Systems Directive), the global IEC 62443 series of standards for industrial automation and control systems security, and the rail-specific CLC/TS 50701 standard. By providing continuous monitoring, comprehensive visibility, and robust threat detection, the integrated system simplifies compliance efforts and offers auditable data. The solution is designed for scalability, allowing operators to protect diverse rolling stock fleets and adapt to evolving threats and technologies. Secure remote update capabilities ensure that the system can be maintained and enhanced throughout its operational lifecycle, safeguarding against emerging vulnerabilities. Miki Shifman, Cylus Chief Technology Officer (CTO), emphasized this, saying, “As cybersecurity threats continue to grow in complexity and frequency, rail operators need a solution that is not only secure-by-design but tailored to the operational realities of modern rolling stock. Our partnership with duagon delivers exactly that, a comprehensive, easy-to-deploy solution that protects critical onboard systems without compromising performance or operational continuity.”

Conclusions

The strategic alliance between Cylus and duagon marks a significant advancement in addressing the complex cybersecurity challenges facing the modern railway industry. By integrating CylusOne’s specialized rail cybersecurity intelligence with duagon’s D527 Multi-Ethernet Secure Gateway, this collaboration offers a powerful, secure-by-design solution for rolling stock. This initiative directly confronts the escalating cyber threats by embedding robust security measures into the core network architecture of trains, rather than treating cybersecurity as a peripheral add-on. Key benefits for rail operators include real-time threat detection, comprehensive fleet-wide visibility of network assets and communications, and streamlined compliance with critical international and national cybersecurity regulations such as IEC 62443, CLC/TS 50701, TSA directives, and NIS2.

The integration of a security-hardened gateway with advanced threat detection software provides a multi-layered defense mechanism tailored to the unique operational technology environment of railways. This approach not only enhances the protection of critical onboard systems like TCMS and PIS but also supports the long-term resilience and adaptability of rail networks through features like secure remote updates and scalable deployment. Ultimately, this partnership underscores a vital trend in the industry: the proactive embedding of cybersecurity from the ground up. It moves beyond mere compliance to foster a culture of security that is integral to the safety, reliability, and operational continuity of rail services. As railways continue their digital transformation journey, collaborations like this will be paramount in building a more secure and trustworthy future for global transportation, ensuring that innovation and security advance hand in hand.

About the Companies:

• Cylus: Cylus is an Israeli company specializing in cybersecurity solutions specifically designed for the railway industry. Its flagship platform, CylusOne, provides continuous monitoring, threat detection, and asset management tailored to the unique protocols and operational requirements of both mainline and urban rail systems. Cylus is known for its proactive approach to partnerships, as also demonstrated by its August 2024 alliance with Digi to integrate CylusOne with Digi’s TX64 5G Rail cellular router.
• duagon: A Swiss-based company, part of the DFR (Duagon-MEN-Renesas) Group, duagon is a leading global supplier of communication, control, and computing technology for railway and embedded electronics applications. It provides highly reliable solutions, including network gateways, controllers, and I/O (Input/Output) modules, designed to operate in the demanding environmental conditions of rolling stock and railway infrastructure.