More news on this day
Follow us on Google
The European Union is stepping up investment in rail cybersecurity research, directing new funding streams toward projects that aim to protect signalling, communication and ticketing systems as digital attacks on transport infrastructure become more frequent and sophisticated.
Get the latest news straight to your inbox!

New calls put cybersecure rail operations in focus
Recent calls for proposals under the Horizon Europe framework and the Europe’s Rail Joint Undertaking are highlighting cybersecurity as a core priority for the continent’s rail sector. Publicly available programme documents describe funding aimed at advancing secure, resilient and digitally integrated rail operations, with a focus on critical systems such as traffic management, communications and wayside control.
In its most recent 2025 call, Europe’s Rail opened funding worth hundreds of millions of euros for research and innovation projects that move technologies from laboratory stage toward deployment on the network. According to published information, the call targets solutions that make rail operations safer, smarter and more interoperable across borders, explicitly linking digital innovation with risk management and security-by-design approaches.
Separate Horizon Europe work programmes under the “Civil Security for Society” cluster outline additional support for cybersecurity research that can be applied to transport. Programme descriptions emphasise goals such as strengthening European cybersecurity capacities, reinforcing cyber risk management culture and developing tools to detect and respond to advanced threats affecting essential services.
Together, these instruments form a growing funding pipeline for rail-focused cybersecurity research, blending transport policy, digital resilience objectives and industrial competitiveness concerns into a single agenda.
Projects target signalling, communications and on-board systems
Project fact sheets and technical summaries show that EU-backed initiatives are now drilling into specific weak points in the railway digital ecosystem. One line of work concentrates on the European Rail Traffic Management System, a signalling and control standard that underpins much of the continent’s mainline rail network. Recent academic and industry analyses highlight that the system’s reliance on legacy components and communication technologies can expose it to evolving cyber threats if not adequately protected.
Other projects are experimenting with new architectures that combine terrestrial 5G, satellite links and existing railway radio systems. The aim is to create seamless, secure communications for trains and infrastructure, while embedding cyber risk assessment and mitigation at every layer. Public project descriptions indicate a focus on secure handover between networks, robust encryption and resilient edge-computing platforms that can continue to function during partial outages or targeted attacks.
On-board systems and wayside devices are another area of interest. As rolling stock becomes more connected, with remote diagnostics, condition monitoring and passenger Wi-Fi increasingly standard, EU-funded research is exploring methods to segment networks, authenticate devices and limit the impact of intrusions. This reflects wider EU cybersecurity policy objectives that call for stronger protection of operational technology in sectors considered essential to the economy and public safety.
The ticketing and passenger information environment is also under scrutiny following high-profile breaches in the wider travel industry. Research initiatives are assessing how to harden customer data platforms, reservation systems and mobile applications, with an eye to meeting both cybersecurity and data protection requirements.
Policy pressure grows as incidents rise on European rail
The new funding push is unfolding against a backdrop of rising cyber incidents affecting transport and critical infrastructure. Reports drawing on data from European cybersecurity agencies describe a multi-year increase in attacks targeting railways and other mobility providers, ranging from ransomware campaigns against back-office systems to attempts to disrupt operational technology.
At the regulatory level, the revised Network and Information Security Directive, widely known as NIS2, has expanded obligations for operators of essential services, including rail infrastructure managers and railway undertakings. Public guidance linked to NIS2 underlines that vendors and supply-chain partners providing signalling and communications equipment also fall within the scope of stricter risk management and incident reporting rules, creating additional incentives to invest in secure-by-design technologies.
Complementary initiatives such as the EU Cybersecurity Strategy, the Cyber Resilience Act and the Digital Europe Programme add further pressure to modernise defences. Calls under the Digital Europe Programme are making more than two hundred million euros available for cybersecurity capacities and technology, and programme analyses indicate that transport infrastructure is among the sectors expected to benefit from improved detection capabilities and coordinated response mechanisms.
For the rail sector, this is contributing to a shift from viewing cybersecurity as a purely IT concern toward treating it as a core element of operational safety and service continuity planning, especially on cross-border corridors that are central to the Single European Railway Area.
Academic and industry partnerships shape research agenda
Available project documentation points to a research landscape built around close collaboration between universities, rail operators, infrastructure managers, technology suppliers and specialist cybersecurity firms. Many EU-funded rail cybersecurity projects are coordinated by major rail companies or research consortia, with academic partners providing threat modelling, risk analysis and verification expertise.
One recent study on rail traffic management security, made public through an open research repository, systematically maps the components of European signalling architecture and evaluates them against contemporary threat scenarios. Its findings underline that, without targeted mitigation, vulnerabilities in legacy communication standards can persist even as networks migrate to next-generation platforms.
In parallel, projects supported by the European Cybersecurity Competence Centre under Horizon Europe’s “Increased Cybersecurity” calls are working on tools and frameworks that can be adapted to rail. These include approaches to secure software and hardware development, post-quantum cryptography transition planning and AI-assisted detection of cyber threats. Programme information indicates that many of these initiatives are explicitly designed for use in regulated critical sectors.
By combining sector-specific expertise from Europe’s Rail with cross-cutting cybersecurity research, the EU is aiming to align technical innovation with emerging regulatory expectations, including the need for verifiable security assurances and common evaluation methods for components used in essential services.
Implications for passengers and cross-border travel
For travelers, the expanded research funding is unlikely to be immediately visible, but it could gradually reshape how secure and reliable rail journeys feel across Europe. More resilient signalling and communication systems are intended to reduce the risk of service disruptions caused by cyber incidents, while stronger protection of ticketing platforms and customer data systems aims to build trust in digital services that underpin modern mobility.
Cross-border rail projects that rely on unified signalling and operational concepts stand to benefit in particular. Publicly available EU planning documents identify interoperable, high-capacity corridors as a backbone for shifting more passengers and freight from road and air to rail. Integrating cybersecurity requirements into the design and deployment of these corridors is viewed as essential to maintaining both safety and competitiveness.
In the medium term, rail passengers may encounter more visible security measures in digital touchpoints, such as stronger authentication for account access, wider use of privacy-preserving payment technologies and clearer information on how incident reporting and data protection are handled. Behind the scenes, however, the main impact of today’s EU-funded cybersecurity research will be in control rooms, signalling cabinets and data centres that keep trains running.
As calls for proposals move through evaluation and selected projects begin work, attention is likely to focus on how quickly research outputs can be translated into standards, procurement rules and operational practices that raise the cybersecurity baseline across Europe’s railways.