Normative Convergence of “Cybersecurity and Multimodal Public Transport Systems”

Cybersecurity standardization applied to urban transport systems: how to bring together the world of urban transport and that of cybersecurity.

Because of their social and environmental vocation, multimodal transport systems, as an essential component of the ‘smart city’, attract many functional and technical specificities. They are the result of societal and regulation changes that should allow as many people as possible to access multimodal urban networks.

Thus, taking into account the accessibility of transport networks for people with specific needs, as well as the modal transfer of the personal car (Combustion and/or electric engine) to this same network at the entrance to agglomerations are established needs today.

These specificities are all keys to designing the multimodal public transport system of tomorrow.

In Europe, this trend is reinforced by changes in European regulations thanks to ITS Directive 2010/40/E (in particular the Priority Action A) and its Delegated Regulation Multimodal Travel Information Services (MMTIS), since it facilitates the definition of the necessary requirements to make EU-wide multimodal travel information services accurate and available across borders to ITS users.

There are many initiatives currently in progress which aim to standardize the concepts and data exchanges necessary for the proper functioning of these systems.

CEN Standards (Transmodel, SIRI, NeTEx), MobilityData standards (GTFS, GTFS/RT, GBFS) and Standardization of Embedded Architectures (ITxPT) to improve their interoperability, are among the most visible and actives examples of these initiatives.

This proliferation of efforts and projects in an increasingly unstable geopolitical context requires taking into account the ever-greater threats coming from outside to attack the image, viability or functioning of organizations implementing this type of system.

CyberSecurity is a response to these threats to anticipate, analyse and react to attacks from cyberspace. The world of Cybersecurity has also many initiatives and standards (ISO 27xxx serie, Common Critérias, ENISA Cloud Services Scheme, …) aimed at protecting and evaluating the resistance of organizations, products or information systems in the face of an increasingly virulent threat.

While other business sectors such as Health or financial sectors have addressed their specific cybersecurity issues, the world of transport has not yet reached this level of maturity. The specificities of the world of public transport has yet to be taken into account by CyberSecurity standards.

In this respect, the European CitySCAPE project, dedicated to the issue of cybersecurity in the world of public transport, includes a study for recommendations for Cyber security standardization and labelling of these information systems.

By allowing the identification of specific requirements to Public Transport systems by cybersecurity standards, CitySCAPE will make possible by 2023 to bring together two worlds that currently coexist: Multimodal Information Systems and Cybersecurity.


CS GROUP has a differentiated position in the digital services market. A European mid-size company with a culture of entrepreneurship, it is agile and innovative and possesses a high level of technical and professional expertise. CS GROUP is the trusted partner of leading French and international groups for the digitalization of operational systems. We design, develop, deploy, maintain and operate smart, safe and interconnected systems. These systems, based on innovative solutions and products, guarantee the efficiency and security of our clients’ operations and critical missions with extremely exacting requirements.