Risk assessment of critical rail systems

The IT Security Act obliges operators of critical infrastructures to protect the information technology systems they use in accordance with the state of the art. In order to be able to fulfill this obligation to the legislator, the operator must provide evidence of this in a suitable form in accordance with §8a BSIG.

The aim of the project was to support a well-known rail operator in carrying out and producing the proofs in accordance with §8a. In doing so, a special risk management process is run through, which includes the following tasks: Description of technical systems, evaluation of protection needs, analysis of security requirements, assessment of risks based on threat scenarios and deriving security measures to protect the systems.



  • Identification of critical IT assets
  • Delineation of the systems and dependencies to be considered
  • Analyzing the functionality and interaction of the components of the system under consideration
  • Identification of unimplemented security controls
  • Identification of system-specific risks
  • Creation of action plans for the mitigation of the identified risks

The challenge of securing information technology systems in the environment of critical infrastructures consists in particular of the complex interaction of operational technology (OT) and classical information systems (IT), which take over the control and monitoring of the OT systems.

Specialized knowledge about the modes of action of OT systems used in the KRITIS environment as well as profound knowledge about the protection of classical IT systems are necessary to derive an overall picture of potential threats to the critical infrastructure. Our cyber security specialists from the railroad industry assess the specific threats, identify dedicated attack patterns as well as vulnerabilities and develop appropriate security measures.



Bringing together information on the specific functionalities of the information technology IT/OT systems, identifying potential vulnerabilities and unimplemented security measures, as well as considering dedicated attack scenarios on the critical systems under consideration, are successively combined through our integrated risk analysis methodology to provide a realistic picture of the situation.

As a result of our risk analyses, we provide decision-makers with clear instructions for action that ensure information technology systems can be secured according to state of the art measures. These include long-term planning of recommended security measures to reduce intolerable risks.

Furthermore, our customers receive a graphical as well as textual representation of the analyzed information technology systems, a customer-specific protection needs assessment, a detailed evaluation of the identified risks as well as a prioritized list of necessary measures derived from this.



  • Continuous improvement of the risk management process
  • Derivation of action instructions for risk minimization
  • Successive safeguarding of the IT/OT systems used