Ensuring connectivity across railroads with scalable secure OTA updates
|
THE CUSTOMER
|
Transportation & Infrastructure | Europe https://www.siemens.com/ |
Delivering secure, reliable, and compliant over-the-air updates to thousands of trains throughout Europe
The Mobile Communications division of Siemens Mobility designs and delivers advanced rail communication systems for operators globally. Its digital cab radios provide critical, secure voice and data links between trains and control centers, enabling safe, efficient, and reliable railway operations.
In collaboration with Network Rail in the United Kingdom (UK) and other international partners, Siemens is modernizing fleet communication infrastructure with secure, large-scale over-the-air (OTA) software updates. Siemens cab radios exist in more than 11,000 trains in the UK, with deployments expanding to additional markets, including national rail projects in Norway.
Key Benefits
 |
Maximizes operational uptime with fail-safe OTA updates and rollback protection |
|
Reduces time delays by delivering updates over LTE-R to trains running at full speed |
|
Maintains IEC 62443 compliance with a zero-trust security strategy |
|
Mitigates operational risks with fleet-wide visibility and targeted rollouts |
|
The Challenge
Managing complex, large-scale OTA updates across a global train fleet
Siemens initially relied on its internal Remote Software Update (RSU) tool to update its cab radios. However, the homegrown solution lacked the flexibility and user experience required to support the growing fleet. The tool wasn’t built for large-scale deployments. With the expansion of its train communication devices, Siemens now required the ability to deliver targeted updates to subsets of its fleet, whether individual trains, entire depots, or specific operator groups. To meet these demands, Siemens needed a more intuitive and robust OTA solution, one capable of securely managing a diverse, geographically dispersed fleet of devices.
In parallel, Siemens required a secure, scalable way to update thousands of trains in service. Updates had to be delivered over LTE-R to trains traveling at speeds exceeding 500 km/h, without disrupting operations or requiring trains to slow down then stop. The OTA update solution also needed to provide visibility into software versions, enable remote diagnostics, and capture performance and anomaly data from the field. Meeting stringent rail security and regulatory standards was also essential. Siemens sought an update solution that could support compliance with IEC 62443 and align with zero-trust security principles, ensuring updates were both reliable and protected against emerging threats.
Objectives
.png?width=36&height=36&name=Group%208455%20(2).png){kind=icon}
.png?width=36&height=36&name=Group%208456%20(1).png){kind=icon}
.png?width=36&height=36&name=Group%208457%20(1).png){kind=icon}
The Solution
Implementing a secure and scalable OTA update platform
Siemens chose Mender, a leading OTA update platform, to securely manage its custom cab radios and support updates at scale across thousands of trains in service. Mender integrates with Siemens’ NXP i.MX6 Quad processor running a Yocto-based Linux distribution and a QNX board connected via Ethernet. Using LTE-R, updates are delivered reliably to trains traveling at more than 500 km/h, while maintaining stable voice and data communications throughout the process.
To handle fleet complexity, Siemens also takes advantage of dynamic grouping and phased rollouts. The advanced features in Mender allow Siemens engineering teams to target updates to specific trains, depots, or operator groups. Custom inventory reporting provides real-time visibility into software versions and deployment status across the entire fleet, giving Siemens unprecedented granularity and control.
Finally, hosted on AWS infrastructure with Terraform-managed instances and secure S3 artifact storage connected via a site-to-site VPN, Mender ensures updates are protected end-to-end while remaining highly scalable for future growth.
The Mender Difference
The Benefits
Secure, reliable OTA updates at scale for rail train fleets
Enhanced security & compliance
With encrypted communication channels, mutual TLS authentication, public key infrastructure (PKI), and zero-trust architecture, Mender facilitates IEC 62443 Security Level 3 compliance for rail communication systems, a Siemens internal goal.
Strengthened operational reliability in the field
A/B partitioning with automatic rollback minimizes the risk of bricking devices, ensuring train cab radios remain operational even if an update fails.
Unmatched Fleet-wide visibility & control
Enterprise features such as dynamic grouping, phased rollouts, and targeted deployments enable Siemens to update specific trains, depots, or regions without impacting the broader fleet.
Seamless future-proof integration
Incorporating OTA update capabilities into its web-based fleet management portal, Siemens now supports expansion to additional fleets, including national rail projects in Norway.
Technology ecosystem:
Preparing for the U.S Food and Drug Administration (FDA) premarket and 510(k) submissions
Siemens Rail Case Study
