An initiative for safety on public transport

Increasing cyberattacks on public transport are targeting sensitive data and attacking the integrity and security of the entire transport infrastructure. Vulnerabilities in networked vehicles and digital interfaces to external services are particularly vulnerable. Missing software updates also pose a risk. Data theft, ransomware attacks and the manipulation of IT systems in vehicles are lurking dangers.

Stricter legal requirements

Another challenge is the increasing tightening of legal regulations. Tenders for the procurement of vehicles for public transport increasingly require compliance with security standards. Both processes – i.e. software updates – and technologies such as firewalls must comply with international standards (ISO27001, EN62443, TS50174, etc.).

Focusing on transport companies

Why are transport companies in particular vulnerable to cyber attacks? Like the military or nuclear power plants, for example, public transport is part of the so-called critical or system-relevant infrastructure and is therefore a particularly attractive target for hackers. The increasing integration of IoT and digital technologies makes the transport sector vulnerable to digital crime and growing automatization increases dependency on digital control systems.

Our solution

Our software products work according to the principle of “security by design”. This means that security is already integrated into the design and architecture of the system and no subsequent measures are necessary to guarantee it. By default, for example, all incoming network connections are blocked by firewalls unless they are explicitly permitted. We also help you to implement international standards.

We’ll train you!

In cooperation with its partner Compass Security, onway offers workshops that focus on the practical implementation of security guidelines through an “Information Security Management System (ISMS)”. We enable you to implement security guidelines through an information security management system (ISMS) and to understand their impact on operations and processes. We also impart the domain knowledge required to implement cybersecurity measures in the areas of systems, networks and applications. In this way, passengers can be transported safely to their destination even in the age of digital networking.

Link to the workshop and the flyer

Further information


Here you will find our whitepaper on cyber security in public transport.