iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
CLC

prEN 50159

(Main)

Railway Applications - Communication, signalling and processing systems - Safety-related communication in transmission systems

Railway Applications - Communication, signalling and processing systems - Safety-related communication in transmission systems

This document is applicable to safety-related electronic systems using for digital communication purposes a transmission system which was not necessarily designed for safety-related applications. For transmission systems where the risk of unauthorized access is not tolerable, the document defines the interface to the applicable cybersecurity standards. Both safety-related equipment and non-safety-related equipment can be connected to the transmission system. This document gives the specific requirements needed to achieve safety-related communication between safety-related equipment connected to the transmission system, while the general system requirements including allocation of safety requirements and content of the safety case are defined in EN 50129. This document is not applicable to existing systems, which had already been accepted prior to the release of this document. However, so far as reasonably practicable, it is applicable to modifications and extensions to existing systems, subsystems and equipment. This document does not specify – the transmission system, – equipment connected to the transmission system, – solutions (e.g. for interoperability), – which kind of data are safety-related and which are not. A safety-related equipment connected through an open transmission system can be subjected to many different IT security threats, against which an overall program is defined, encompassing management, technical and operational aspects.

Bahnanwendungen - Telekommunikationstechnik, Signaltechnik und Datenverarbeitungssysteme - Sicherheitsrelevante Kommunikation in Übertragungssystemen

Applications ferroviaires - Systèmes de signalisation, de télécommunication et de traitement - Communication de sécurité sur des systèmes de transmission

Železniške naprave - Komunikacijski, signalni in procesni sistemi - Varnostna komunikacija v prenosnih sistemih

General Information

Status
Not Published
Publication Date
07-Jul-2026
ICS
35.240.60 - IT applications in transport
45.020 - Railway engineering in general
Technical Committee
CLC/TC 9X - Electrical and electronic applications for railways
Drafting Committee
CLC/SC 9XA - Communications, signalling and processing systems
Current Stage
4020 - Enquiry circulated - Enquiry
Start Date
24-Jan-2025
Due Date
24-Jan-2025
Completion Date
24-Jan-2025
Mandate
M/591 - Standardisation request to the European Committee for Standardisation and the European Committee for Electrotechnical Standardisation as regards railway products in support of Directive (EU) 2016/797
Ref Project
oSIST prEN 50159:2025 - Railway Applications - Communication, signalling and processing systems - Safety-related communication in transmission systems

Relations

Revises
EN 50159:2010/A1:2020 - Railway applications - Communication, signalling and processing systems - Safety-related communication in transmission systems
Effective Date
23-Jan-2024
Revises
EN 50159:2010 - Railway applications - Communication, signalling and processing systems - Safety-related communication in transmission systems
Effective Date
23-Jan-2024

Buy Standard

prEN 50159:2025prEN 50159:2025
PreviousNext
Draft
prEN 50159:2025
English language
54 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-marec-2025
Železniške naprave - Komunikacijski, signalni in procesni sistemi - Varnostna
komunikacija v prenosnih sistemih
Railway Applications - Communication, signalling and processing systems - Safety-
related communication in transmission systems
Bahnanwendungen - Telekommunikationstechnik, Signaltechnik und
Datenverarbeitungssysteme - Sicherheitsrelevante Kommunikation in
Übertragungssystemen
Applications ferroviaires - Systèmes de signalisation, de télécommunication et de
traitement - Communication de sécurité sur des systèmes de transmission
Ta slovenski standard je istoveten z: prEN 50159
ICS:
35.240.60 Uporabniške rešitve IT v IT applications in transport
prometu
45.020 Železniška tehnika na Railway engineering in
splošno general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD DRAFT
NORME EUROPÉENNE
EUROPÄISCHE NORM
January 2025
ICS 35.240.60; 45.020 Will supersede EN 50159:2010; EN 50159:2010/A1:2020
English Version
Railway Applications - Communication, signalling and
processing systems - Safety-related communication in
transmission systems
Applications ferroviaires - Systèmes de signalisation, de Bahnanwendungen - Telekommunikationstechnik,
télécommunication et de traitement - Communication de Signaltechnik und Datenverarbeitungssysteme -
sécurité sur des systèmes de transmission Sicherheitsrelevante Kommunikation in
Übertragungssystemen
This draft European Standard is submitted to CENELEC members for enquiry.
Deadline for CENELEC: 2025-04-11.

It has been drawn up by CLC/SC 9XA.

If this draft becomes a European Standard, CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which
stipulate the conditions for giving this European Standard the status of a national standard without any alteration.

This draft European Standard was established by CENELEC in three official versions (English, French, German).
A version in any other language made by translation under the responsibility of a CENELEC member into its own language and notified to
the CEN-CENELEC Management Centre has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Türkiye and the United Kingdom.

Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to
provide supporting documentation.

Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without notice and
shall not be referred to as a European Standard.

European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2025 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Project: 79342 Ref. No. prEN 50159 E

Contents Page
13 European foreword . 3
14 Introduction . 4
15 1 Scope . 5
16 2 Normative references . 5
17 3 Terms, definitions and abbreviations . 5
18 3.1 Terms and definitions . 5
19 3.2 Abbreviations . 15
20 4 Reference architecture . 16
21 5 Hazards arising from the transmission system. 17
22 6 Classification of transmission systems . 19
23 6.1 General . 19
24 6.2 General aspects of classification . 19
25 6.3 Specific aspects for the classification of transmission systems . 19
26 6.4 Relationship between transmission systems and the basic message errors . 21
27 7 Requirements for safety defences . 21
28 7.1 Preface . 21
29 7.2 General requirements . 22
30 7.3 Specific defences . 23
31 7.4 Applicability of defences . 29
32 Annex A (informative) Hazards arising from open transmission systems . 30
33 A.1 System view . 30
34 A.2 Derivation of the basic message errors . 31
35 A.3 Network failure modes . 32
36 A.4 A possible approach for hazard identification . 33
37 A.5 Conclusions . 37
38 Annex B (informative) Categories of transmission systems . 39
39 B.1 Categories of transmission systems . 39
40 B.2 Relationship between the category of transmission systems and basic message errors . 39
41 Annex C (informative) Guideline for defences . 41
42 C.1 Applications of time stamps . 41
43 C.2 Choice and use of safety codes and cryptographic algorithms . 42
44 C.3 Safety code . 47
45 C.4 Length of safety code . 49
46 C.5 Communication between safety-related and non safety-related applications . 52
47 Bibliography . 54
49 European foreword
50 This document [prEN 50159:2025] has been preprared by CLC/SC 9XA “Communication, signalling and
51 processing systems”.
52 This document is currently submitted to the Enquiry.
53 The following dates are proposed:
• latest date by which the existence of this (doa) dav + 6 months
document has to be announced at national
level
• latest date by which this document has to be (dop) dav + 12 months
implemented at national level by publication of
an identical national standard or by
endorsement
• latest date by which the national standards (dow) dav + 36 months
conflicting with this document have to be (to be confirmed or
withdrawn modified when voting)
55 This document will supersede EN 50159:2010. and all of its amendments and corrigenda (if any).
56 prEN 50159:2025 includes the following significant technical changes with respect to EN 50159:2010:
57 Introduction
58 If a safety-related electronic system involves communication of information, the transmission system then
59 forms an integral part of the safety-related system, and it is understood that the end to end communication is
60 safe in accordance with EN 50129.
61 The transmission system considered in this document, which serves the transfer of information between
62 different locations, has in general no particular preconditions to satisfy. It is from the safety point of view not
63 trusted, or not fully trusted.
64 The document is dedicated to the requirements to be taken into account for the communication of safety-
65 related information over such transmission systems.
66 Although the RAM aspects are not considered in this document, it is recommended to keep in mind that they
67 are a major aspect of the operational safety.
68 The safety requirements depend on the characteristics of the transmission system. In order to reduce the
69 complexity of the approach to demonstrate the safety of the system, transmission systems have been
70 classified into three categories:
71 – Category 1: transmission systems are closed,
72 – Category 2 and Category 3: transmission systems are open.
73 Application messages using Category 3 transmission systems need protection against unauthorised access.
74 The specific cybersecurity requirements for Category 3 transmission systems are out of the scope of this
75 document. For such systems, cybersecurity standards are applicable.
76 1 Scope
77 This document is applicable to safety-related electronic systems using for digital communication purposes a
78 transmission system which was not necessarily designed for safety-related applications. For transmission
79 systems where the risk of unauthorized access is not tolerable, the document defines the interface to the
80 applicable cybersecurity standards.
81 Both safety-related equipment and non-safety-related equipment can be connected to the transmission
82 system.
83 This document gives the specific requirements needed to achieve safety-related communication between
84 safety-related equipment connected to the transmission system, while the general system requirements
85 including allocation of safety requirements and content of the safety case are defined in EN 50129.
86 This document is not applicable to existing systems, which had already been accepted prior to the release of
87 this document. However, so far as reasonably practicable, it is applicable to modifications and extensions to
88 existing systems, subsystems and equipment.
89 This document does not specify
90 – the transmission system,
91 – equipment connected to the transmission system,
92 – solutions (e.g. for interoperability),
93 – which kind of data are safety-related and which are not.
94 A safety-related equipment connected through an open transmission system can be subjected to many
95 different IT security threats, against which an overall program is defined, encompassing management,
96 technical and operational aspects.
97 2 Normative references
98 The following documents are referred to in the text in such a way that some or all of their content constitutes
99 requirements of this document. For dated references, only the edition cited applies. For undated references,
100 the latest edition of the referenced document (including any amendments) applies.
101 EN 50129:2018, Railway applications – Communication, signalling and processing systems – Safety related
102 electronic systems for signalling
103 CLC/TS 50701:2023, Railway applications – Cybersecurity
104 IEC 63452, Rail applications - Cybersecurity
105 3 Terms, definitions and abbreviations
106 3.1 Terms and definitions
107 For the purposes of this document, the following terms and definitions apply.
108 ISO and IEC maintain terminology databases for use in standardization at the following addresses:
109 — ISO Online browsing platform: available at https://www.iso.org/obp
110 — IEC Electropedia: available at https://www.electropedia.org

As impacted by EN 5019:2018/AC:2019-04.
Under preparation.
111 3.1.1
112 absolute time stamp
113 time stamp referenced to a global time which is common for a group of entities using a transmission system
114 [SOURCE: IEV 821-11-01]
115 3.1.2
116 access control
117 protection of system resources against unauthorized access
118 Note to entry: In this document, this definition applies only to data transmission.
119 [SOURCE: CLC/TS 50701:2023, modified — Note 1 to entry added]
120 3.1.3
121 additional data
122 data which is not of any use to the ultimate user processes, but is used for control, availability, and safety
123 purpose
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CLC
EN 50128:2011/A2:2020(Amendment)
Railway applications - Communication, signalling and processing systems - Software for railway control and protection systems
SIST EN 50128:2011/A2:2020

Unchanged with respect to the current edition EN 50128:2011. Scope of the amendment: - Alignment with EN 50126-1:2017, EN 50126-2:2017 and EN 50129:2018 together with minor corrections

  • Amendment
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN 50128:2011/A1:2020(Amendment)
Railway applications - Communication, signalling and processing systems - Software for railway control and protection systems
SIST EN 50128:2011/A1:2020

2021: CLC legacy converted by DCLab NISOSTS

  • Amendment
    4 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN 50159:2010/A1:2020(Amendment)
Railway applications - Communication, signalling and processing systems - Safety-related communication in transmission systems
SIST EN 50159:2010/A1:2020

2021: CLC legacy converted by DCLab NISOSTS

  • Amendment
    4 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
CLC/TR 50542-1:2018(Main)
Railway applications - Driver's cab train display controller (TDC) - Part 1: General architecture
SIST-TP CLC/TR 50542-1:2019

In accordance with the ERTMS/ETCS specifications, Subset 121, UIC 612 leaflet, ERA_ERTMS_015560 document, EN 50126 and EN 61375 series requirements, this Technical Report describes the Train Display System (TDS) in the driver’s cab, and the link between the TDS/TDC and some of its interfaces (Blue box and blue links only): [figure] Figure 1 - Functional architecture The scope of this document is to define the functional architecture around the TDC. This Technical Report excludes the following items: - Communication protocols (e.g. EN 61375 series); - Ergonomic aspects; - Interface with ETCS (Subset 121); - Train functions; - GSM-R EIRENE functions; - Use of the displays as terminals for maintenance purpose.

  • Technical report
    20 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
CLC/TR 50542-3:2016(Main)
Railway applications - Driver's cab train Display Controller (TDC) - Part 3: Other train systems FIS
SIST-TP CLC/TR 50542-3:2017

The scope of this document is the definition of the functional interface between TDC and other train systems. These other train systems are the train systems (different from ETCS (Subset 121) and DMIs) from the TDC point of view. The functional interface deals with data exchanged between TDC and these train systems. The TDC is defined in document CLC/TR 50542-1.

  • Technical report
    11 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
CLC/TR 50542-2:2016(Main)
Railway applications - Driver's cab Train Display Controller (TDC) - Part 2: Display systems FIS
SIST-TP CLC/TR 50542-2:2017

The scope of this Technical Report is the definition of the functional interface between TDC and DMIs. See Figure 1 - TDC DMI functional interface. The DMIs are those defined and considered in CLC/TR 50542-1. The TDC is defined in CLC/TR 50542-1. NOTE The conversion of physical signals into numerical representation is out of the scope.

  • Technical report
    13 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN 50128:2011/AC:2014(Corrigendum)
Railway applications - Communication, signalling and processing systems - Software for railway control and protection systems
SIST EN 50128:2011/AC:2014

BT agreed to extend the DOW of EN 50128:2011 from DOR + 36 months to DOR + 72 months, to read 2017-04-25

  • Corrigendum
    1 page
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
CLC/TR 50501-2:2012(Main)
Railway applications - Rolling stock - Intercommunication between vehicles and train/wayside - Part 2: Technical contents of standardization work in the field of intercommunication
SIST-TP CLC/TR 50501-2:2012

The scope of this Technical Report is to summarize all available data on standardization work in the field of Intercommunication including 1. the results of work of WG B14 carried out so far, 2. data from other related activities such as the research projects MODTRAIN and INTEGRAIL, 3. data from the sector organisation TMP. NOTE “TMP”, Technical Management Platform, is one of the structures created by the rail representatives associations in order to express common views on TSI open issues or standardization work programs (not active anymore).

  • Technical report
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN 50128:2011(Main)
Railway applications - Communication, signalling and processing systems - Software for railway control and protection systems
SIST EN 50128:2011

1.1 This European Standard specifies the process and technical requirements for the development of software for programmable electronic systems for use in railway control and protection applications. It is aimed at use in any area where there are safety implications. These systems can be implemented using dedicated microprocessors, programmable logic controllers, multiprocessor distributed systems, larger scale central processor systems or other architectures. 1.2 This European Standard is applicable exclusively to software and the interaction between software and the system of which it is part. 1.3 This European Standard is not relevant for software that has been identified as having no impact on safety, i.e. software of which failures cannot affect any identified safety functions. 1.4 This European Standard applies to all safety related software used in railway control and protection systems, including – application programming, – operating systems, – support tools, – firmware. Application programming comprises high level programming, low level programming and special purpose programming (for example: Programmable logic controller ladder logic). 1.5 This European Standard also addresses the use of pre-existing software and tools. Such software may be used, if the specific requirements in 7.3.4.7 and 6.5.4.16 on pre-existing software and for tools in 6.7 are fulfilled. 1.6 Software developed according to any version of this European Standard will be considered as compliant and not subject to the requirements on pre-existing software. 1.7 This European Standard considers that modern application design often makes use of generic software that is suitable as a basis for various applications. Such generic software is then configured by data, algorithms, or both, for producing the executable software for the application. The general Clauses 1 to 6 and 9 of this European Standard apply to generic software as well as for application data or algorithms. The specific Clause 7 applies only for generic software while Clause 8 provides the specific requirements for application data or algorithms. 1.8 This European Standard is not intended to address commercial issues. These should be addressed as an essential part of any contractual agreement. All the clauses of this European Standard will need careful consideration in any commercial situation. 1.9 This European Standard is not intended to be retrospective. It therefore applies primarily to new developments and only applies in its entirety to existing systems if these are subjected to major modifications. For minor changes, only 9.2 applies. The assessor has to analyse the evidences provided in the software documentation to confirm whether the determination of the nature and scope of software changes is adequate. However, application of this European Standard during upgrades and maintenance of existing software is highly recommended.

  • Standard
    127 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    132 pages
    French language
    sale 10% off
    e-Library read for
    1 day
CLC
EN 50159:2010(Main)
Railway applications - Communication, signalling and processing systems - Safety-related communication in transmission systems
SIST EN 50159:2010

This European Standard is applicable to safety-related electronic systems using for digital communication purposes a transmission system which was not necessarily designed for safety-related applications and which is – under the control of the designer and fixed during the lifetime, or – partly unknown or not fixed, however unauthorised access can be excluded, or – not under the control of the designer, and also unauthorised access has to be considered. Both safety-related equipment and non safety-related equipment can be connected to the transmission system. This standard gives the basic requirements needed to achieve safety-related communication between safety-related equipment connected to the transmission system. This European Standard is applicable to the safety requirement specification of the safety-related equipment connected to the transmission system, in order to obtain the allocated safety integrity requirements. Safety requirements are generally implemented in the safety-related equipment, designed according to EN 50129. In certain cases these requirements may be implemented in other equipment of the transmission system, as long as there is control by safety measures to meet the allocated safety integrity requirements. The safety requirement specification is a precondition of the safety case of a safety-related electronic system for which the required evidence is defined in EN 50129. Evidence of safety management and quality management has to be taken from EN 50129. The communication-related requirements for evidence of functional and technical safety are the subject of this standard. This European Standard is not applicable to existing systems, which had already been accepted prior to the release of this standard. This European Standard does not specify – the transmission system, – equipment connected to the transmission system, – solutions (e.g. for interoperability), – which kind of data are safety-related and which are not. A safety-related equipment connected through an open transmission system can be subjected to many different IT security threats, against which an overall program has to be defined, encompassing management, technical and operational aspects. In this European Standard however, as far as IT security is concerned, only intentional attacks by means of messages to safety-related applications are considered. This European Standard does not cover general IT security issues and in particular it does not cover IT security issues concerning – ensuring confidentiality of safety-related information, – preventing overloading of the transmission system.

  • Standard
    64 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    64 pages
    French language
    sale 10% off
    e-Library read for
    1 day