Siemens Mobility gains IEC 62443 standard cybersecurity certifications for critical infrastructures

• TÜV SÜD issues 3 new certificates for proven cybersecurity
• Protection against cyberattacks and response to legal requirements
• Tailored cybersecurity for every project
• Major extension to ISO 27001 certification

Siemens Mobility has received three new certifications by Germany’s TÜV SÜD for meeting the international cybersecurity standard IEC 62443. These new certifications cover products and solutions associated with the Rolling Stock and Rail Infrastructure Business Units, including high-speed trains, regional trains, metros, trams, and locomotives, as well as rolling stock components. They also apply to first products installed in the critical infrastructure solutions. Together, all these aspects represent the largest scope worldwide ever certified in accordance with IEC 62443.

“With cybersecurity representing an important building block of the digital transformation, a holistic and integrated security framework in conformity with IEC62443 becomes part of any truly secure solution,” said Frank Hoffmann, Head of Engineering for Siemens Mobility Rolling Stock. “With a comprehensive security approach and these new certifications, Siemens Mobility further demonstrates that our products and solutions are based on the very latest cybersecurity international standards and continues to be a leader in the field,” added Andre Rodenbeck, CEO of Siemens Mobility Rail Infrastructure. “All operational processes profit from digitalization and need to be protected to international standards and assured by third parties. Our extended ISO 27001 certification completes the holistic security approach. We make transportation for passengers and freight safe,” stated Johannes Emmelheinz, CEO of Siemens Mobility Customer Services.

The three certificates issued by TÜV SÜD to Siemens Mobility include the Security program for blueprint “rolling stock”, complying to the standards IEC 62443-2-4 and IEC 62443-3-3; the Train IT Security Gateway, complying to the standards IEC 62443-4-1 and IEC 62443-4-2; and the Core Shield Data Capturing Unit (DCU Version 2.6 and above), complying to the standards IEC 62443-4-1 and IEC 62443-4-2.

Siemens Mobility and TÜV SÜD have a long history working in partnership on issues related to cybersecurity. TÜV SÜD is also part of the Charter of Trust, a non-profit alliance of leading global companies and organizations from various sectors working together based on 10 principles to make the digital world more secure.

Siemens Mobility also recently extended ISO 27001 certification, another building block to protecting the entire development, production and operation lifecycle for mobility systems. The ISO 27001 certification encompasses 20 Siemens Mobility locations with more than 9000 employees and involves Siemens Mobility Business Units, such as Rolling Stock, Rail Infrastructure, Turnkey Systems and Customer Service. ISO 27001 is an internationally acknowledged standard specifying cybersecurity requirements for how organizations manage information security.