Every day, billions of people rely on railways and metros to move around countries and cities with Public Transport systems playing a vital role in the organization of our societies.
In order to make our trains or metro go faster, be safer and more comfortable, Public Transport are increasing relying on connectivity and automation with an ever-growing surface of attacks. There are becoming a target for cybercriminal organizations willing to exploit vulnerabilities to launch cyberattacks and create serious economic damage.
In effect, there are attractive business models for hackers for exploiting vulnerabilities of trains or metro infrastructures, in particular when attacks can be performed remotely on infrastructure devices that are connected and thus exposed to attacks.
How we can help
At ProvenRun we help answering to those threats by providing:
- Security consulting services such as performing security risk analysis, defining security architectures and certification requirements,
- Security engineering services for the development of ad-hoc solutions,
- Solutions to secure-by-design connected devices that are exposed to attacks.
Secure-by-design solutions
When securing-by-design a connected device, security engineers can in effect rely on three pillars to be integrated as part of the device’s Trusted Computing Base (TCB):
- Secure elements or hardware coprocessors for the Root of Trust, cryptographic operations and transactions,
- Secure Operating Systems (OSs) or Trusted Execution Environments (TEEs),
- Hardware- or software-based hypervisors.
A secure OS for security critical services
The TCB always includes critical security functions that need to remain small and simple to remain verifiable, especially on complex hardware such as modern microprocessors or microcontrollers. Implementing these security functions require high-level abstractions of the hardware, typically provided by an Operating System (OS). Because the correctness of the security functions depends on the correctness of these high-level abstractions, the OS that implements them is also part of the TCB and should be free from exploitable vulnerabilities.
Our TCB secure software components
At ProvenRun, we provide unique critical off-the-shelf TCB software components that can be used to secure-by-design connected devices:
- ProvenCore: an ultra-secure OS, that can be used also as a TEE, available for ARM Cortex-A, Cortex-M and RISC-V processors.
- ProvenCore-M: an ultra-secure RTOS available for ARM Cortex-M and RISC-V processors.
- ProvenVisor: A secure hypervisor for virtualization solutions, available for ARM Cortex-A processors.

With ProvenCore, ProvenCore-M and ProvenVisor, ProvenRun brings to the market secure-by-design solutions that provide a distinctively higher security level and a lower cost of security than any existing solutions, and the ability to withstand to remote cyberattacks and avoid the compromise public transport infrastructure that would lead to high losses and major disruption of our economic life.
Contact us for more details on how we can help.