Claroty > Case Studies > Digital Transformation of Rail Rapid Transit System with Claroty

Digital Transformation of Rail Rapid Transit System with Claroty

Claroty Logo
 Digital Transformation of Rail Rapid Transit System with Claroty - IoT ONE Case Study
Technology Category
  • Application Infrastructure & Middleware - Middleware, SDKs & Libraries
  • Platform as a Service (PaaS) - Application Development Platforms
Applicable Industries
  • Railway & Metro
  • Transportation
Applicable Functions
  • Maintenance
  • Quality Assurance
Use Cases
  • Cybersecurity
  • Tamper Detection
Services
  • Cybersecurity Services
  • System Integration
The Customer
About The Customer
The customer is a mass rapid transit system operator with more than 20 lines that span nearly 1,500 kilometers, transporting billions of passengers a year across urban and suburban districts. The system relies on a series of specialized industrial networks for railway electrification, signaling, and communications, and an extensive building management system to support station and tunnel ventilation, lighting, and physical security. The operator is responsible for maintaining operational efficiency and security across these networks while complying with rigorous international safety integrity level (SIL) standards. The operator also faces the challenge of modernizing legacy OT systems that were designed for a lifespan of 25 to 50 years.
The Challenge
The mass rapid transit system, with over 20 lines spanning nearly 1,500 kilometers, transports billions of passengers annually across urban and suburban districts. The system relies on specialized industrial networks for railway electrification, signaling, communications, and an extensive building management system (BMS) for station and tunnel ventilation, lighting, and physical security. The rail operator faced challenges in maintaining visibility and control across these networks while adhering to stringent international safety integrity level (SIL) standards. The digitization and connectivity demands of passengers and vendors, who require timely updates and access to OT, IoT, and IIoT assets, posed a significant challenge. The legacy OT systems, designed with isolation in mind, were not equipped to connect and communicate with IT systems and the internet. The rail operator had no visibility into their industrial networks, making response and remediation of system failures difficult. Compliance with SIL standards was mandatory, and any third-party equipment introduced into the network had to work independently from safety-critical systems or integrate without affecting these systems and triggering recertification. The multiple layers of legacy OT systems, designed for a lifespan of 25 to 50 years, added further complexity to modernization efforts.
The Solution
To secure their expansive, heterogeneous OT environment and safely connect with IT systems, the rail operator partnered with Claroty. They utilized components of The Claroty Platform, including Continuous Threat Detection (CTD) for full spectrum OT, IT, and IoT visibility, continuous security monitoring, and real-time risk insights. The Secure Remote Access (SRA) was used to safeguard industrial networks from threats introduced via unmanaged and unmonitored access by remote users. The Enterprise Management Console (EMC) simplified management at scale, consolidating data from Claroty products and providing a unified view of assets, activities, and alerts across multiple networks, tracks, and stations. The Claroty Platform also integrated seamlessly via the EMC with IT security infrastructure. Claroty's solution allowed the rail operator to digitize without compromising security, providing connectivity for remote parties, and enabling equipment manufacturers to seamlessly access systems remotely to service equipment.
Operational Impact
  • The implementation of Claroty's solution resulted in full visibility and asset profiling, enabling the rail operator to understand exposure to cyber risk. The operator gained telemetry and visibility to quickly determine if suspicious activity was happening on any of their industrial networks or devices, even in aging systems that utilize proprietary protocols. They could monitor for threats and identify risks due to unpatched vulnerabilities in high-priority assets or misconfigurations, allowing them to act faster to mitigate risk and assure continued operations of critical processes. The solution also enabled digitization without breaking security. The rail operator could confidently connect to systems to communicate travel updates to riders, collect data from IoT and OT assets for storage and analysis in the cloud, and open new connectivity vectors. The solution also provided connectivity for remote parties, enabling equipment manufacturers to seamlessly access systems remotely to service equipment, while security teams had granular control over remote sessions.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.