FREQUENTLY ASKED QUESTIONS

Everything you need to know about our cyber security services

What are the current typical cyber-attack methods and what measures are taken to protect your system and network. How vulnerable are IoT devices, and what are the current product requirements and standard certifications. Browse through the collection of frequently asked questions below, for more information. If your question does not appear in the list, please contact your nearest duagon sales office, or send us a contact request, and we will contact you.

Why do I need Cyber Security?

The purpose of cyber security is to protect your systems from external attacks. Those can be in the form of physical access to system hardware, as well as via malicious data, network access, and code injection. The field is of growing importance due to increasing reliance on computer systems for the control and operation of systems.

  • Cybercrime continues to be on the rise and cause massive damage.
  • Cyber-attacks compromise safety. This is particularly crucial in mission critical applications.
  • Cyber-attacks cause financial damage, be it through system downtime or ransomware.
  • Cyber-attacks cause reputational damage. Loss of sensitive data is never a good sign

How can duagon support me with my cyber security requirements?

duagon offers a comprehensive set of services along the entire product life cycle.

The evaluation of a project with cyber security features follows similar process steps like a standard customization project for duagon products. The process for an individual project can be accelerated when train builder specific security concepts have been pre-defined.

  • At the beginning of your project, duagon will help to define appropriate security level for your specific use case, offer general cyber security consultancy, as well as initial threat & risk analysis.
  • The design process follows IEC 62443 and makes use of our duagon secure product development platforms which include secure coding, product hardening, penetration tests, user account management, setup & maintenance of Public Key Infrastructure (PKI), security documentation, and the setup of vulnerability watch.
  • Production will take place in duagon’s inhouse cyber-secure factories.
  • The delivery of your products will be secured by tamper detection through SW integrity checks. You will also receive a security manual.
  • Once your product is put into operation, duagon’s vulnerability watch will monitor the security status of all 3rd party components and detected issues in own components. Depending on the features package implemented various services help maintain a secure operation like security audit logging, centralized user management or secure firmware update and firewall functionality. Additionally, duagon offers software security updates to close known security vulnerabilities.
  • At the end of your product’s life-cycle, duagon will take care of secure and verifiable deletion of sensitive data and disposal of hardware according to environmental regulations.

Can duagon offer customized cyber security services?

duagon's standard cyber security offering is tailored to the risk exposure of your device. Train builder specific feature packages are available.

  • Unprotected Product: Standard product with partial features for cyber security and potentially a Security Manual.
  • Basic Package (Cyber Security Essentials): may include duagon key management and standard user profiles, authentication, signed firmware releases, and vulnerability management solution (elements to reach SL1)
  • Extended Package (Standalone Device Cyber Security): may include customer specific key management and user profiles, device hardening, signed firmware, audit logging, generic threat and risk analysis, and penetration tests (elements to reach SL2)

Advanced Package (Integrated Cyber Security Solutions): may include centralized user authentication and system logging, managed firewalls, deep package inspection, specific vulnerability tests, key & certificate management based on an application specific threat, and risk analysis (elements to reach SIL3)

Which security levels can duagon cover?

The IEC 62443 standard defines security levels on a five-point scale (0, 1, 2, 3 and 4), each of which represents an incremental level in terms of cybersecurity measures.

  • SL1 can be covered by the duagon Cyber Security Basic Package elements
  • SL2 can be covered by the duagon Cyber Security Extended Package elements
  • SL3 can be covered by the duagon Cyber Security Advanced Package elements with customizations
  • SL4 may be offered in the scope of a customer specific project

What is vulnerability management and how does it work?

duagon’s vulnerability watch monitors the security status of all components used in the products, including 3rd party components. All weaknesses found will be documented, rated and reported along with proposed measures in a Security Manual for each product. This service requires a service contract with annual fee for the product.

What are intrusion detection systems (IDS) and how do they work?

duagon intrusion detection systems (IDS) are computer systems and software that monitor data traffic going through your network, for malicious or suspicious activity.  With modern trains being controlled by train control networks (TCN), they could become a target for cyber-attacks and hackers could try and gain control of the train or limit normal operation by ransomware or other typical cyber-attack strategies.  Our IDS systems can trace violations of IT security according to industrial security standards like IEC 62443, protecting your system against cyberattacks.

What cyber secure products does duagon offer?

We have a growing number of products which offer security elements that cover your need for protection against cyber security threats. This ranges from computing hardware platforms to complete solutions like gateways or remote IO products.

CYBER SECURITY GLOSSARY

ATC

Automatic train control

ATO

Automatic train operation

CVE

Common Vulnerability & Exposure

CVSS

Common Vulnerability Scoring System

cyber attack

attack by hackers/cyber criminals against a computer or network to steal data, disrupt systems or maliciously damage or deactivate computers.

cyber secure products

click here

cyber security

the protection of on-board computer systems (in general on-board-units (OBU), vehicle control units (VCU), etc.) from theft of or damage to their hardware, software or electronic data, as well as from disruption or misdirection of the services they provide

cyber security protection

controlling physical access to system hardware, as well as protecting against harm that may be done via network access, malicious data and code injection.

cyber security services

click here

DC

Data Confidentiality

DoS

Denial of Service: The hacker attempts to prevent legitimate users from accessing the service by flooding the service with with superfluous requests

ECN

Ethernet Consist Networks

EoP

Elevation of Privilege: User group / profile manipulation

ETB

Ethernet train backbone

ETBN

Ethernet Train Backbone Node

HB-IDS

Host based intrusion detection system

IAC

Identification & Authentication Control

IDD

Intrusion Detection Device

IDS

Intrusion Detection System

IEC 62443

Industry standard: defines security levels on a five-point scale (0, 1, 2, 3 and 4), each of which represents an incremental level in terms of cybersecurity measures.

Information Disclosure

Unauthorized / unintended access to a critical network or device

ISO 27001

International standard: managing information security

Malware

Malware is any software that brings harm to a computer system

MVB

Multifunction Vehicle Bus

NVD

National Vulnerability Database

NW-IDS

Network based intrusion detection system

PEN test

Penetration testing

PIS

Personal Information Systems

PKI

Public Key Infrastructure

RA

Resource Availability

RDF

Restricted Data Flow

Repudiation

Trigger of an action without leaving a trace whether it was actually legitimate or not

SED

Secure end device system controller

SGW

Security Gateway between networks

SI

System Integrity

SL

Security Level

Spoofing

Denial-of-service attacks often use IP spoofing to overload networks and devices with packets that appear to be from legitimate source IP addresses.

SRIOM

Secure Remote I/O Device

Tampering

Malware / ransomware injection, change of hidden fields in web applications, change of parameters in URLs

TBN

Train Backbone Node

TCN

Train Consist Network

TCN

Train Communication Network

TCS

Train Control System

Threat modeling

Is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system

TRA test

Threat and risk analysis

TRE

Timely Response to Events

UC

Use Control

WTB

Wire Train Bus

Contact Support & Sales

Do you need to protect your system from cyberattacks?

Our international team of engineers and sales consultants are here to help - no matter where in the world you are.

At duagon we have a wide range of standard products ready for use, and our products can be customized for use in a specific application environment. Our sales team is here to provide more specific information about our standard hardware range, our software technology, the required standards and certifications, and, together with our team of engineers, developing the optimal solution to your specific application requirements.