Security architecture, protection profiles and security for legacy systems

This approach includes the definition of generic cybersecurity architecture dedicated to railway and the related generic railway protection profiles. This deliverable comprises also the results of the application of the cybersecurity railway processes to other systems of the railway sector. The number of technical demonstrators in scope of this deliverable is subject to agreements with other work packages as noted in Task 8.3. This deliverable studies also the unique security challenges to the railway environment and defines requirements for mitigating them: • Importance of the legacy system in railway: how to ensure the security level of a sub-system once integrated in a system composed mainly of legacy sub-systems. • Industrial IoT: what are the recommendations and guidelines for integration of industrial IoT within a highly distributed system composed mainly of legacy sub-systems. • How the existing resilient architecture implemented for safety and/or availability purpose could impact the security level of the system?