This Code of Practice (CoP) provides principles and practices to address the cyber threat and vulnerabilities associated with rolling stock and train control systems and supporting infrastructures. It additionally  provides industry (rail transport operators (RTO), rail infrastructure managers (RIM), vendors and third parties) with requirements which will  assist in progressing the maturity of cyber security risk management.

This CoP forms part of the Rail Cyber Security Framework which consists AS 7770 Rail Cyber Security (Ref A) and supporting guidelines (Ref B).

This CoP supports the rail industry in reducing its vulnerability to deliberate and non-deliberate cyber-attacks.  It sets out the principles and general approach to cyber security with specific guidance for rolling stock and train control systems.

This document covers rolling stock and train control systems including:

  1. rolling stock control systems;
  2. rolling stock information systems;
  3. rolling stock borne signalling systems.
  4. data and voice communication systems;
  5. onboard signalling systems;
  6. remote conditioning monitoring systems.
  7. signalling systems;
  8. level crossing monitoring systems; and
  9. traffic management systems.