Challenges and focus areas related to communication networks for ERTMS

Joao Figueiras, rail industry consultant, addresses the challenges that ERTMS presents for communication networks and provides insight on possible focus areas in order to manage the challenges and evolve those networks.


THE EUROPEAN Rail Traffic Management System (ERTMS) is the de facto railway signalling system deployed throughout Europe and beyond1, combining the communication technologies of GSM-R (Global System for Mobile Communications – Railway) and the signalling technology of ETCS (European Train Control System).

ERTMS brings not only a new technology but a whole new paradigm in terms of operations and processes. These affect the underlying communication networks with profound challenges which are complex to address, sometimes underestimated and often misunderstood by higher management.

Impact of ERTMS on communication systems

The introduction of ERTMS imposes various challenges of substantial complexity and magnitude on communication networks:

Openness of the communication domain

ERTMS is a recent system in the railway sector, developed for operating over strongly standardised and widely established communication technology. Although still partly based on legacy ISDN communication (e.g. E1), ERTMS is facing a strong push towards a full ubiquitous Internet Protocol (IP) technology. So, the tendency is to replace the old legacy communication technology – dedicated to old signalling – along with the introduction of ERTMS. This opens the potential to deploy a single and homogeneous IP-based communication domain for the entire railway ecosystem.

Centralisation of functionalities

Most ERTMS solutions centralise regions of control in interlocking and RBC areas and Traffic Control Centres. Party due to the economic advantage of reducing track-side equipment, fewer selected locations become centres of concentration of functionalities. This reflects directly in the importance that those sites have in the communication network. The more functionality is centralised, the more complex it becomes to implement robust solutions, and the more severe the potential impacts of faults become.

Increment on dependability

Resulting from the higher dependency that ERTMS has on communicating via the standard mass-market network technology – in contrast to dedicated technology – those networks are subject to greater requirements for dependability than before. Thus, designing such networks becomes complex, not only because of railway particularities, but because RAM (Reliability, Availability, and Maintainability) performance figures must be addressed by design and throughout the life-cycle of the networks. Moreover, the enlarged domain and the more open communication technology results in dependability in terms of security.

Increased connectivity/interoperability

While the legacy signalling solutions tend to be closed to external interfaces, ERTMS brings a new perspective of connectivity to the railways. Combined with the openness of the communication domain and the need for information for other domains (intermodal transportation, intelligent transport systems, passenger applications, etc.), it becomes unfeasible to consider communications as being as closed as before. This results in security challenges that need to be thoroughly addressed.

More comprehensive certifications

European standards require processes to be applied to ERTMS implementations for the assessment, certification and approval of both safety and interoperability2,3. This results in certification demands being exported to communication systems and a large panorama of internal and external stakeholders playing key roles on the certification and approval processes. The most notorious relates to the CENELEC EN 501594 standard that intends to cover the safety related matters associated with communications and the requirements on RAM and security that signalling suppliers impose on the networks as part of their safety cases.

Complexity of operations

While in mass-market networks, changes tend to happen rapidly, but the same does not happen on railways. Rail systems are more static and abide by safety rules. Thus, changes happen quite seldom and according to rigorous methodologies. This creates a paradoxical challenge and eventual anxiety to network operators that, in one hand, have less occasions to experience the network, but, on the other hand, are requested to be quicker and sharper when doing it. This is magnified by ERTMS with respect to traditional signalling, because the enlargement of the communication domain can cause larger-scale impacts when human errors occur. An example could be to erroneously switch over serving routers on the GSM-R core.

Extension of technological life-cycles

Traditionally, the signalling systems have life-cycles considerably longer than the underlying communication technology, i.e. the latter evolves at a considerably faster pace. This imposes operational challenges because the different life-cycles forces the technology that evolves faster to keep backwards compatibility and ensure sufficient access to maintenance parts and specialised expertise. This is not only obvious during operations, but also during ERTMS project rollouts that can take several years, during which the initial communication technology quickly becomes obsolete.

Focus areas of evolution

The communication networks must address the aforementioned challenges; however, potential solutions are not right nor wrong and certainly not trivial. Therefore, the following focus areas intend to provide insight on directions that infrastructure managers and railway undertakings can work on for evolving their communication networks:

Integration with existing systems

The expansion of the communication networks can be performed in various ways, either by deploying new networks, using existing networks, or a mix of both. The railway managers should carefully investigate these options, considering the nature of ERTMS and the impacts that the remaining railways systems bring on ERTMS – not to forget the impact that ERTMS may have on other systems. Another aspect of relevance is the technology of those networks, likely still on SDH/PDH for large portions (thus, in need of a migration), but also as large IP-technology deployments for the various rail systems. All this should be considered thoroughly because the ERTMS changes will be profound.

Fibre infrastructure

As the supporting transport layer of communications, fibre optics – or Wavelength-Division Multiplexing (WDM) technologies – may be scarce, often installed under inadequate conditions and, in some locations, used to its full extent. Thus, the network designers need to address this topic so that the solutions can cope with the limitations, can address RAM figures by design (especially if WDM is in use), and alternatives can be properly considered with respect to its particulars (e.g. cyber-security conditions if using back-loops by public service providers).

All-IP communications

The evolution of ERTMS to IP technology is extensive, meaning that more and more critical devices start to connect over IP. For instance, bringing IP to the radio interface inside rolling stock or permitting higher interoperability with customer services – some Internet-based. Although ETCS implements several security layers over IP, the networks still play a huge role in complying to security targets. So, network zoning, monitoring, and control becomes mandatory.

Train-to-track going IP

Introducing ETCS over GPRS (EoG) – or, in the future, the Future Railway Mobile Communication System (FRMCS)5 – the rolling stock suddenly becomes connected over IP. This introduces a new perception of proximity to the EVC, where it could potentially be accessed from the infrastructure or other remote location. EuroRadio and the Key Management System (KMS)6,7 provide security solutions, but aspects such as Denial-of-Service (DoS) could put the communication at risk, with large impacts when targeting – for instance, the GPRS core components.

External interfaces

The increased connectivity and customer-centric transportation requires more and more information to flow between the railway and external services. Furthermore, more complex maintenance can be carried out remotely as a means to speed it up and lower the associated costs. Thus, this accessibility should be designed to guarantee adequate gateways and perimeters (e.g. Enterprise Service Bus, Virtual Desktop Interfaces, Interface Exchange Points, Deep Package Inspection, etc.) for controlling and scanning data and limiting the range of actions and impact of such data.


The attack vectors to the system must become more extensive than ever before. A vast range of aspects of introducing ERTMS become potential security concerns. For this reason, it is best practice to handle security according to processes like those that safety implements by the Common Safety Method (CSM)3, which can be achieved via the CENELEC EN 50159 framework4. Although it bridges the gap from security of communications networks to railway safety, it does not suffice, because this standard addresses only the parts of the network that carry safety related messages. So, industry standards (e.g. ISO 27000, NIS) should be followed as well8.

Monitoring of communications

ERTMS brings a complex protocol stack and combines several systems in an integrated way. This creates high complexity on troubleshooting when it is not obvious where the fault is. Thus, it becomes mandatory to deploy ERTMS Monitoring Systems that can find the messages from all the involved systems and networks (RBCs, Interlockings, GSM-R, FTN, EVC, etc) and correlate all of the data. This will facilitate and accelerate troubleshooting, but, on the other hand, will require higher cross-discipline knowledge from the several railway departments.


1. Arcadis, Feasibility Study Reference System ERTMS: www. ccs_migration_study_arcadis_ report_en.pdf

2. ERA, Technical Specifications for Interoperability: www.era.europa. eu/activities/technical-specifications-interoperability_en

3. ERA, Common Safety Methods: common-safety-methods_en

4. CENELEC, EN 50159:2010, Railway applications – Communication, signalling and processing systems – Safety-related communication in transmission systems, 01/09/2010

5. UIC, Future Railway Mobile Communication System – User Requirements, V4.0.0, 15/01/2019: specification_version_4.0.0.pdf

6. UNISIG, ERTMS/ETCS, EuroRadio FIS, SUBSET-037, issue 3.2.0, 17/12/2015:

7. UNISIG, ERTMS/ETCS, On-line Key Management FFFIS, SUBSET-137, issue 1.0.0, 17-12-2015: www.

8. ISO/IEC 27000 family – Information security management systems:

figueirasJoao Figueiras is a Telecommunications Engineer with over 10 years of experience in communication networks for railways. He has been both employed and a consultant for Banedanmark, REFER (now Infraestruturas de Portugal), and the UIC, among other smaller participations in other companies. Joao has worked for projects of Fixed Networks, GSM-R, ERTMS, legacy signalling, and other rail supporting systems, always with a focus on communication networks and fibre infrastructure.