The Railway Safety Directorate of ORR is responsible for implementing ORR’s Health and Safety strategy for regulating Great Britain’s railways. We expect the railway industry to deliver continuous improvement in the health and safety of passengers, the public and the workforce. Our aim is for industry excellence in its health and safety management maturity, risk control and asset management. In this way, we will achieve our vision of: “zero industry caused fatalities and major injuries to passengers, the public, and the
workforce.”
ORR as the safety regulator is not the enforcing authority for cyber security, however, we recognise the line between safety risks potentially caused by poorly designed, operated and maintained software-based systems and cyber security is a blurred one, due to the increasing digitalisation of the rail sector. This relationship between safety and software was highlighted following an incident on the Cambrian ERTMS Level 2 line, whereby temporary speed restriction data was not being sent to the trains by the signalling system, however the display screen incorrectly showed the restrictions as being loaded for transmission to trains.
We require operators (transport undertakings, Infrastructure managers, contractors, manufacturers (e.g., of trains, signalling systems, telecoms equipment, control systems etc.)) to manage and control the health and safety risks that result from cyber security and software failures in the same way as other risks identified through their Safety Management System. Operators should address software and security issues in the specification, design and purchasing of equipment and systems to ensure that their operation does not lead to unintended safety consequences.
The Cyber Security and Safety Code of Practice published by the Institution of Engineering and Technology (IET) contains 15 “principles and indicators of good practice”. ORR recognised that these could be used to develop a set of challenge questions for use by ORR inspectors when meeting with railway operators and that there were close synergies with ORR’s Risk Management Maturity Model (RM3). RM3 is a tool that provides criteria for measuring management capability against five maturity levels across 26 criteria,
which are essential areas of a health and safety management system and ORR inspectors use RM3 to judge the capability of operators to manage health and safety. We worked with a supplier to develop a training course and a question set that has been trialled and we would welcome the opportunity to highlight our work in this challenging topic area.