Some 23,500 trains use the network infrastructure every day and, over a year, cover over a billion kilometers of track. IT plays a crucial role in ensuring seamless operational processes of this magnitude. This is not just for the purposes of correctly setting signals, level crossings, and switches, it also provides support in coordinating the entire train traffic across Germany.
In its role, DB Netz AG is a critical infrastructure company par excellence – it ensures that a unique critical infrastructure in Germany remains in continuous operation. As a critical infrastructure company, the benchmark for IT security is particularly high. Documentation and degree of fulfillment of security requirements are an important issue for the DB Netz AG business.
Using modules from the ESARIS security architecture helps to provide a modern basis for the operational IT security management. The client achieves company-wide efficiency and transparency.
ESARIS (Enterprise Security Architecture for Reliable ICT Services) presented those in charge with a suitable security architecture for fundamentally reprocessing the IT security and placing it on a new footing. They turned to T-Systems/Deutsche Telekom Security for consulting services. ESARIS is a collection of measures, standards, and instructions for securing ICT services. ESARIS standardizes, harmonizes, and improves IT security. ESARIS has been primarily developed for IT service providers where highly distributed value creation is the order of the day. This is also the case for DB Netz AG. Many building blocks of the ESARIS security architecture can be used accordingly. T-Systems and Deutsche Telekom demonstrated this as part of a consulting project over several months in 2021. In cooperation with the experts, amongst other things, they analyzed the existing situation with regard to the tools used, sources of information, and available documentation. They reflected the results of the analysis in the available blueprints of the ESARIS security architecture. This proved that it was not only original IT security themes in the Enterprise IT that needed to be taken into account, but also the increasingly more important area of OT, or IIoT security. In conjunction with the security team, the consultants developed a company-specific security taxonomy based upon this. It gives a detailed representation of which themes and tasks need to be revised and how they are linked with one another. The taxonomy provides a permanent overview and serves as a control tool. This central tool allows those responsible for IT at DB Netz AG to efficiently orchestrate their IT security management. They gain a solid foundation and a plan for the next implementation steps. Central document management plays a further significant role, the cornerstones of which were discussed together. A collaboration model defines the cooperative obligations, helps to organize cooperation, and forms the basis for governance within the company.