The Detection of Security Loopholes in TETRA Can be an Unintended Boost for 5G-Powered Future Railway Mobile Communication System

Subscribe To Download This Insight

By Leo Gergs | 3Q 2023 | IN-7029

As security researchers from the Netherlands have uncovered important security vulnerabilities of TETRA connectivity, enterprises in the rail, transport, and public safety domains may start to look for highly secure and robust communication alternatives. This insight looks at how 5G can be used for Future Railway Mobile Communication System (FRMCS).

Registered users can unlock up to five pieces of premium content each month.

Log in or register to unlock this Insight.


TETRA is Broken—An Adequate Connectivity Technology is Needed to Support a Modernizing Railway


Admittedly, the conceptual discussion around using 5G connectivity for FRMCS is not particularly new. Up until recently, commercial urgency to adopt, however, was low as the entire industry believed that Terrestrial Trunked Radio (TETRA) provided a cost-efficient highly secure communication alternative. As reported in the last week of July 2023, however, the picture changed dramatically: security researchers at Midnight Blue in the Netherlands have discovered a collection of five vulnerabilities collectively called "TETRA:BURST". Most of the five vulnerabilities apply to almost every TETRA network in the world. These two most critical vulnerabilities allow TETRA to be easily decrypted or attacked by consumer hardware.

As TETRA has been used for highly critical use cases in highly sensitive environments (such as rail infrastructure), these security vulnerabilities will likely cause a seismic shake of the enterprise connectivity landscape as we have come to know it. As such, many enterprises will start looking for secure networking alternatives. In the wake of trains and railways becoming a more and more important means of transportation, this will also likely result in a resurrection of the discussion around 5G applicability for improved rail communication.

The Role of 5G for Rail Operators


In the wake of reducing carbon emissions and adopting a more sustainable way of life, the demand for rail traffic will increase further, putting more stress on existing infrastructure. Consequentially, digitalization will become increasingly important for rail operators to increase the efficiency of their operations—for example, by enabling remote operations of trains and infrastructure or employing Artificial Intelligence (AI) for automated quality control. To enable this digitalization, rail operators will need highly reliable, robust, and secure connectivity. Security and networking integrity is particularly important, as the use cases within a rail environment are highly critical, a malfunctioning network could result in the death of several hundred people.

Through its combination of enhanced Mobile Broadband (eMBB), Ultra Reliable Low Latency (URLLC), and massive Machine Type Communication (mMTC) capabilities, 5G can be a perfect fit to support these stringent requirements.

Furthermore, for FRMCS to have a noticable impact on operations, it needs to be deployed across the entire rail network of a given country or region. While FRMCS is usually deployed using assets within the 900 MHz spectrum band, it is likely that with applications becoming more sophisticated, and therefore data-intensive, it is likely that additional spectrum will be required for future applications. As frequency bands are licensed for 5G on a national basis, these assets, along with the already existing network infrastructure, can be utilized to provide future rail communication. To provide the necessary dense deployment of infrastructure along transport infrastructure, national regulators are beginning to set out conditions to mobile operators’ activities. In Germany, for example, the Bundesnetzagentur requires all network operators with C-band spectrum for 5G to improve their coverage of major train tracks to provide 5G connectivity with a bandwidth of at least 100 Megabit per second per antenna sector.

What Does that Mean for the Telecom Industry?


These considerations show that the telecom industry, including infrastructure vendors and communication service providers, need to urgently work on getting a coherent strategy in place to provide 5G connectivity for FRMCS and target the rail infrastructure in the future. Furthermore, this will give the telecom industry another much needed chance to venture outside of the consumer domain and position 5G as an impactful connectivity technology for enterprise verticals. While there certainly individual success stories in the adoption of private 5G in the so-called ‘uncarpeted’ verticals, the market is only slowly moving, and carriers will need to find additional sources for revenues sooner rather than later. In targeting this opportunity, network operators particularly will need to make important adjustments to their business structure and models to accommodate requirements from the rail industry.

  • Particularly for data intensive applications, such as the transmission of video files, or the use of machine vision and/or AI algorithms at scale, bandwidth on the 900 MHz band will not be sufficient to provide the required throughput. Therefore, network operators should be prepared to offer their assets in low- and mid-band spectrum for dedicated rail communication. While cellular networks along rail tracks have been deployed using low-band spectrum thus far, individual network operators look at mid-spectrum deployments as well. Deutsche Telekom, for example, deploys 5G networks using their 3.6 GHz spectrum along rail tracks in Germany. Network operators should follow this approach to increase network capacity and provide the much needed connectivity both for consumer-type of entertainment as well as highly critical FRMCS use cases.
  • To be able to provide dedicated, nationwide coverage to rail operators while continuing to serve the consumer domain with the same infrastructure, network operators should look at whether and how network slicing can be utilized for both application scenarios. In this case, System Integrators (SIs) and infrastructure vendors will need to provide solutions that allow rail companies to retain full ownership of their data; for example, through local breakouts or an on-premises edge deployment. As rail data can be highly critical (think about the condition of locomotives, real time movement data of trains, or the ability to remotely operate rail infrastructure), rail operators will not be willing to compromise on network integrity and security. After all, this is why the recent discoveries of loopholes in TETRA will cause all rail operators to reconsider their strategies.
  • As rail operators will most likely not be willing to source different components from individual vendors/service providers and integrate the networking solution themselves, network operators should be prepared to offer their spectrum assets into channel partners, such as SIs, automation vendors, or even infrastructure vendors.
  • Furthermore, Mobile Network Operators (MNOs) will need to adjust their business models, as monetizing the number of connections (what they are used to from the consumer domain) will not work anymore, as it does not resonate with rail operators’ requirements. Instead, pricing should be determined by Service Level Agreements (SLAs) around availability and reliability.
  • Network operators can also explore providing their licensed nationwide spectrum assets to large railway operators, who can then use the spectrum to operate their own private networks for critical FRMCS use cases.




Companies Mentioned