THINK SAFE. THINK ICS.
Your certification for cyber security in the rail sector
Security for Safety, a must in the rail industry. Your CENELEC TS 50701 / IEC 62443 certification for cyber security in the rail sector - ICS and SCONRAIL as strong partners.
Are you facing these challenges?
With increasing digitalization in the rail industry, the importance of cyber security is also growing exponentially. Railroad systems are part of the critical infrastructure and are transforming from closed to more open, networked systems - which entails new risks.
Complex regulatory requirements in the context of CRA and NIS2
Uncertainty regarding compliance with international safety standards
Time-consuming and costly individual tests
Lack of trust from customers and authorities in your security systems
The solution: Certified cyber security according to IEC 62443 and CENELEC TS 50701 with ICS and SCONRAIL
ICS Informatik Consulting Systems GmbH has joined forces with SCONRAIL to offer you a smooth path to IT/OT security certification.
Our evaluation approach in the V-model
As part of the certification process, we assess the implementation of safety-relevant requirements along the V-model - from system definition to validation. Based on the IEC 62443 standard parts relevant for certification, we check whether the required measures have been implemented in compliance with the standard - e.g. whether safety requirements have been derived, documented and tested based on requirements in a comprehensible manner.
As an independent testing body, we evaluate the existing development process and document any deviations from the standard in the form of findings. Whether and how these are rectified by the manufacturer is entirely the responsibility of the manufacturer.
Compliance certification according to IEC 62443 - Our structured process
-
1. Offer preparation & Application:
-
2. Verification Planning
-
3. Evaluation & Audits
-
4. Evaluation & Certification
- Joint definition of the test project
- Individual offer tailored to your requirements (e.g. focus on the development process according to IEC 62443-4-1)
- Development of the verification procedure by the client, checked and corrected by ICS
- Coordination with experienced inspectors
- "Clause by clause" testing by ICS in accordance with IEC 62443 and/or CENELEC TS 50701
- Comprehensive security audits on site - if required
- Documentation of all results in expert reports
Our evaluation approach fully covers the V-model by integrating specific parts of the IEC 62443 standard, which we are authorized to assess, into the entire development process. This approach ensures that safety requirements are considered at every stage of the system lifecycle. We ensure comprehensive verification and validation by applying industry best safety practices and modern tools to support compliance. We follow the requirements-based testing approaches of the IEC 62443 standards and ensure that security is an integral part of your systems - right from the start.
- Independent assessment of all evaluation results by SCONRAIL
- Final decision by a qualified team of experts from SCONRAIL
- Issue of the certificate if the result is positive
- Regular monitoring to maintain the certificates
What types of certification do we offer?
As part of our partnership with SCONRAIL, we offer various certifications that are specifically geared towards IT and OT security in the rail sector. We support you in obtaining certificates in accordance with the most important security standards and norms in the industry.
CENELEC TS 50701
Certification according to the specific IT security requirements for railroad applications in accordance with CENELEC TS 50701, which defines security standards for cyber security in the railroad sector.
IEC 62443
Certification according to the international standards for cyber security in industrial automation and control systems (IACS), including the parts:
- IEC 62443-4-1: Life cycle requirements for secure product development
- IEC 62443-4-2: Technical security requirements for components of industrial automation systems
- IEC 62443-3-2: Safety risk assessment and system design for industrial automation systems
- IEC 62443-3-3: System requirements for IT security and security levels for industrial automation systems
Our partnership - your security
With the combination of certification expertise and technical audit excellence, ICS and SCONRAIL offer a strong overall package. As an accredited certification body, SCONRAIL provides the formal framework. ICS complements this with an experienced team of inspectors who audit in a practical, efficient and standard-compliant manner. This means you benefit from seamless cooperation.
Save time and costs
The partnership between ICS and SCONRAIL provides you with an efficient certification process from a single source.
Benefit from expertise
As an experienced auditor, ICS contributes in-depth expertise in the IT/OT security sector, while SCONRAIL, as an accredited body, provides the entire certification framework.
Recognized throughout Europe
The certificates issued by SCONRAIL are recognized throughout the EU - a decisive advantage for companies operating internationally in the rail sector.
FAQ - Frequently asked questions
What is IEC 62443 and why is it relevant for railroad systems?
IEC 62443 is an internationally recognized series of standards for the cyber security of industrial automation and control systems (IACS). It defines requirements for secure development processes, components and systems - and is therefore essential for modern, networked railroad infrastructures.
What does CENELEC TS 50701 mean in the railroad environment?
CENELEC TS 50701 is a European technical standard that deals specifically with the IT security of railroad applications. It supplements existing standards such as IEC 62443 with railway-specific requirements, particularly with regard to safety & security in the V-model of EN 50126.
Who issues the certificate - ICS or SCONRAIL?
The final certification is carried out by SCONRAIL as an independent, accredited body. ICS carries out the technical auditing and evaluation in advance - based on many years of experience in rail and safety certification.
What are the advantages of the ICS & SCONRAIL partnership?
You benefit from a smooth, streamlined certification process with a clear distribution of tasks: ICS as technical support in the development process and SCONRAIL as a recognized certifier. This saves time and costs - and creates trust with authorities and customers.
How long does the certification process take?
The duration depends on the scope of the project and the type of certification. A typical project process - from the preparation of the offer to the audits and issuance - can take several weeks to months, depending on the complexity. We will advise you individually.
Which parts of the certification are relevant for my project?
This depends on whether you want to certify a product, a system or a development process. ICS supports you in selecting the relevant standard chapters - e.g. IEC 62443-4-1 for development processes or IEC 62443-3-3 for system requirements.
Can existing systems be recertified?
Yes, existing systems can also be assessed and tested for compliance with IEC 62443 or TS 50701. We help you to identify safety gaps and implement targeted measures to achieve certification readiness.
Is certification mandatory?
Not everywhere yet - but regulatory pressure is steadily increasing due to NIS2, CRA and other European requirements. Certified cyber security not only creates legal certainty, but also a competitive advantage.
Recent Posts
Contact us now!
Secure your competitive advantage and start your certification process. We accompany you on the way to proven IT/OT security in the rail sector.