Table of contents
Ensuring connectivity across railroads with scalable secure OTA updates
THE CUSTOMER
|
Transportation & Infrastructure | Europe https://www.siemens.com/ |
Delivering secure, reliable, and compliant over-the-air updates to thousands of trains throughout Europe
The Mobile Communications division of Siemens Mobility designs and delivers advanced rail communication systems for operators globally. Its digital cab radios provide critical, secure voice and data links between trains and control centers, enabling safe, efficient, and reliable railway operations.
In collaboration with Network Rail in the United Kingdom (UK) and other international partners, Siemens is modernizing fleet communication infrastructure with secure, large-scale over-the-air (OTA) software updates. Siemens cab radios exist in more than 11,000 trains in the UK, with deployments expanding to additional markets, including national rail projects in Norway.
11,000+ |
700+ |
Existing UK train fleet |
Radios deployed in Norway |
Key Benefits
Maximizes operational uptime with fail-safe OTA updates and rollback protection | |
Reduces time delays by delivering updates over LTE-R to trains running at full speed | |
Maintains IEC 62443 compliance with a zero-trust security strategy | |
Mitigates operational risks with fleet-wide visibility and targeted rollouts | |
Scales seamlessly with existing Linux and AWS environments |
The Challenge
Managing complex, large-scale OTA updates across a global train fleet
Siemens initially relied on its internal Remote Software Update (RSU) tool to update its cab radios. However, the homegrown solution lacked the flexibility and user experience required to support the growing fleet. The tool wasn’t built for large-scale deployments. With the expansion of its train communication devices, Siemens now required the ability to deliver targeted updates to subsets of its fleet, whether individual trains, entire depots, or specific operator groups. To meet these demands, Siemens needed a more intuitive and robust OTA solution, one capable of securely managing a diverse, geographically dispersed fleet of devices.
In parallel, Siemens required a secure, scalable way to update thousands of trains in service. Updates had to be delivered over LTE-R to trains traveling at speeds exceeding 500 km/h, without disrupting operations or requiring trains to slow down then stop. The OTA update solution also needed to provide visibility into software versions, enable remote diagnostics, and capture performance and anomaly data from the field. Meeting stringent rail security and regulatory standards was also essential. Siemens sought an update solution that could support compliance with IEC 62443 and align with zero-trust security principles, ensuring updates were both reliable and protected against emerging threats.
Objectives
![]() |
Ensure secure and compliant OTA updates across a growing fleet |
![]() |
Deliver updates over LTE-R without service disruption |
![]() |
Gain visibility into software versions and device health |
![]() |
Improve control with targeted updates by train, depot, or operator |
![]() |
Scale operations to manage thousands of trains globally |
The Solution
Implementing a secure and scalable OTA update platform
Siemens chose Mender, a leading OTA update platform, to securely manage its custom cab radios and support updates at scale across thousands of trains in service. Mender integrates with Siemens’ NXP i.MX6 Quad processor running a Yocto-based Linux distribution and a QNX board connected via Ethernet. Using LTE-R, updates are delivered reliably to trains traveling at more than 500 km/h, while maintaining stable voice and data communications throughout the process.
To handle fleet complexity, Siemens also takes advantage of dynamic grouping and phased rollouts. The advanced features in Mender allow Siemens engineering teams to target updates to specific trains, depots, or operator groups. Custom inventory reporting provides real-time visibility into software versions and deployment status across the entire fleet, giving Siemens unprecedented granularity and control.
Finally, hosted on AWS infrastructure with Terraform-managed instances and secure S3 artifact storage connected via a site-to-site VPN, Mender ensures updates are protected end-to-end while remaining highly scalable for future growth.
The Mender Difference
![]() |
Purpose-built to meet IEC 62443 rail security standards | ![]() |
Scales securely to thousands of trains worldwide of trains |
![]() |
Integrates seamlessly with Yocto, QNX, and AWS environments | ![]() |
Delivers updates reliably at train speeds over 500 km/h |
The Benefits
Secure, reliable OTA updates at scale for rail train fleets
Enhanced security & compliance
With encrypted communication channels, mutual TLS authentication, public key infrastructure (PKI), and zero-trust architecture, Mender facilitates IEC 62443 Security Level 3 compliance for rail communication systems, a Siemens internal goal.
Strengthened operational reliability in the field
A/B partitioning with automatic rollback minimizes the risk of bricking devices, ensuring train cab radios remain operational even if an update fails.
Unmatched Fleet-wide visibility & control
Enterprise features such as dynamic grouping, phased roll outs, and targeted deployments enable Siemens to update specific trains, depots, or regions without impacting the broader fleet.
Seamless future-proof integration
Incorporating OTA update capabilities into its web-based fleet management portal, Siemens now supports expansion to additional fleets, including national rail projects in Norway.
Technology ecosystem:
Yocto-based Linux distribution | |
NXP i.MX6 Quad processor | |
QNX board connected via Ethernet | |
Long-term Evolution–Railway (LTE-R) communication standard | |
AWS-hosted infrastructure with Terraform-managed instances and S3 artifact storage |
Download the case study
Related resources
Some similar resources you may also be interested in