News

NIS Poses Threat to Rail Software Compliance

November 17, 2021

Critical Software and Digital Transit Limited have joined forces to offer expert advice to rail manufacturers grappling with NIS regulations.

Critical Software Image

The railway sector is facing a new challenge: the Network Information Security (NIS) regulations.

According to a 2020 survey by the European Union Agency for Cybersecurity (ENISA), only 33% of rail operators of essential services (OES) have fully implemented defensive measures against cyber-attacks as recommended by NIS. This places their software under serious threat – not to mention their compliance with regulations. 


Critical Software has joined forces with longstanding partner Digital Transit Limited, a rail technology company with experience in assessing safety critical software, to offer the latest guidance on NIS regulations governing cyber security.


Howard Parkinson, Director of Digital Transit, commented: “We’re pleased to be working with Critical Software to ensure the new cyber security standards are applied optimally to keep railway software secure and safe. While existing standards like ISO 27001 and IEC62443 go so far, new standards like CENELEC TS50701 and NIS are very helpful but may prove difficult to follow for many companies in the sector.”


“We’re looking forward to continuing our partnership with Critical and help railway companies navigate this challenge in the coming months.”


Philipp Rößler, Business Development Manager for High-Integrity Systems at Critical Software, added: “Working closely with our trusted partner Digital Transit on NIS regulations and TS50701 was the next obvious step towards empowering customers new and old in overcoming the difficulties of the new standards, uniting our expertise in process consulting with field-proven technical experience”. 


“Our joint offering is more comprehensive, allowing us to deliver faster and offer better value to our customers.”


Through their joint work, Critical and Digital Transit will ensure developers are compliant with the new regulations by aligning their work with CENELEC TS50701, consolidating existing requirements regarding the cyber security of rail-based software.


Want to stay on the right side of NIS? Book a 30-minute conversation with one of our experts now and ensure you aren’t part of the 67%.