Railway network platform

The RazorSecure Approach


Designed to handle the key challenges of securing systems in dynamic, challenging railway environments like onboard train and signalling networks. 

"Nomad has always been at the forefront of providing innovation in our solutions and in the way we think about the Intelligent journey. Ensuring the customers of our systems are protected while they use our services has always been paramount. Working with RazorSecure allows us to bring additional tools to ensure we have better visibility into potential malicious activities and to ensure they are alerted and acted upon promptly."

Stephen Lathan, Head of Product at Nomad Digital

Underground train operations

A flexible, hybrid approach to rail cyber security

The strongest protection for device and network monitoring

The strongest protection for device and network monitoring

RazorSecure Delta is our gold standard in protection for devices in rail networks. It learns “what is normal” in terms of device and network behaviour. It can then be used to detect operational and security anomalies within the device or network traffic passing through that device.

A platform for cyber security and network visibility

RazorSecure Network product can work with RazorSecure Delta agents, or act as a standalone security monitoring solution for onboard and wayside critical networks, allowing you to cover network areas that are otherwise unseen

By combining RazorSecure Delta and RazorSecure Network, we offer a flexible, hybrid approach to deployment. Typically following a three step process:

This approach ensures that the network and devices have been considered holistically, and that the whole environment has been considered when deploying a security solution. The data captured during the data study can be used to ensure that network coverage has been maximised and contributes to homologation and security cases for systems that are covered.


We start by looking at the network traffic flow, and often recommend undertaking a data study to review network traffic and identify key devices within the network.


We then look at key devices within the network, these are typically devices that act as a conduit between different network zones or perform a single (or multiple) critical functions. We evaluate these devices as potential candidates for the RazorSecure Delta software.


Finally we look to cover any gaps that are left in the network visibility. Often there are cases where in safety critical networks, we identify key devices but it is not possible to add the RazorSecure Delta software due to hardware or software constraints. RazorSecure Network can provide coverage and visibility of areas that are not otherwise visible.

Protected train passengers



We focus our deployment around devices that are key points of aggregation within the network for RazorSecure Delta. Delta provides the strongest protection for these devices, while also discovering network assets and traffic routes across the network

We work with you to design, integrate, homologate and deploy the RazorSecure software across the key systems and network points identified

RazorSecure Network gives you visibility of network traffic, and acts as a centralised location to aggregate system logs, collect RazorSecure agent trafficand detects new, network connected assets

Protection for the

life of the asset

A key challenge for industrial assets is that many security solutions are not able to function for the life of the asset once deployed. The RazorSecure Approach is unique, we use device behaviour to learn “what is normal” for key devices in the onboard/wayside network.


This approach has been tested and consistently demonstrated to be effective in a rail environment, even in cases of limited connectivity.  Most importantly, this approach is effective for the entire life of the asset, detecting both known and unknown attacks. Behaviour-based machine learning remains effective as it does not rely on attack signatures.


RazorSecure software is compliant with NIST, NIS Directive and IEC 62443 SL2. cyber security compliance regulations


Deploy on software, virtual machine or hardware

The platform itself is built on Docker container technology hosted in a Kubernetes environment. We typically deploy in our Google Cloud environment for customers and can offer on-premise solutions for larger deployments.

Ready to see more?