X2R WP02 D SIE 017 01 - Deliverable - 2.3
X2R WP02 D SIE 017 01 - Deliverable - 2.3
X2R WP02 D SIE 017 01 - Deliverable - 2.3
Deliverable D2.3
Terminology for the future Signalling and Automation
System
GA 730640 Page 2 of 6
X2Rail-1 Deliverable D2.3
Terminology for the future Signalling and Automation System
Authors
Author(s) ALSTOM
Jacques PORE
Benoît BIENFAIT
Contributor(s) ALSTOM
Francois HAUSMAN
Ansaldo
Claudio MONTI
AZD
Michal PAVEL
BOMBARDIER
Staffan PETTERSSON
CAF
José Antonio QUINTANO
KAPSCH
Ulrich GEYER
Michael MIKULANDRA
MERMEC
Francesco INZIRILLO
SIEMENS
Craig McLELLAN
Simon CHADWICK
THALES
Bettina DOETSCH
Lisa-Marleen SCHEILE
Belen LOSADA
Deutsche Bahn
Ralph MÜLLER
Bernd EBERTS
Network Rail
Nicola FURNESS
Trafikverket
Ulf BOHLIN
X2Rail-1 Deliverable D2.3
Terminology for the future Signalling and Automation System
Executive Summary
This document contains the first version of a harmonized glossary for the terminology used in
X2Rail-1 and further X2Rail-projects. It is a living document which will be updated regularly.
GA 730640 Page 4 of 6
X2Rail-1 Deliverable D2.3
Terminology for the future Signalling and Automation System
Table of Contents
GLOSSARY .............................................................................................................................................................. 6
GA 730640 Page 5 of 6
X2Rail-1 Deliverable D2.3
Terminology for the future Signalling and Automation System
Glossary
GA 730640 Page 6 of 6
Deliverable D2.3
Terminology for the future Signalling and Automation System
Term Definition May 2018 Source Document
Colour used by WP6
The 3rd Generation Partnership Project (3GPP) is a collaboration of telecommunications associations that drive the
WP3_4.11 3GPP
standardization for mobile telecommunication standards (2G/GSM, 3G/UMTS, 4G/LTE).
[ISO/IEC/IEEE 24765, 2010]
1. the criteria that a system or component must satisfy in order to be accepted by a user, customer, or other
authorized entity.
[ISO/IEC/IEEE 24765, 2010]
WP6_01 acceptance criteria 2. those criteria, including performance requirements and essential conditions, which must be met before project
deliverables are accepted. A Guide to the Project Management Body of Knowledge (PMBOK® Guide) — Fourth
Edition
cf. requirement, test criteria
[ISTQB (http://glossar.german-testing-board.info/)]
Formal testing with respect to user needs, requirements, and business processes conducted to determine whether or [ISTQB (http://glossar.german-testing-board.info/)]
WP6_02 acceptance testing
not a system satisfies the acceptance criteria and to enable the user, customers or other authorized entity to
determine whether or not to accept the system.
1. Ability and means to communicate with or otherwise interact with a system in order to use system resources.
Note to entry: Access may involve physical access (authorization to be allowed physically in an area, possession of a
WP8_001 access [ISA/IEC 62443-1-2, D1E6, 2017]
physical key lock, PIN code, or access card or biometric attributes that allow access) or logical access (authorization
to login to a system and application, through a combination of logical and physical means).
1. Access control function that allows the user access to a particular set of data or functions for certain equipment.
Note to entry: Many times accounts are linked to user identification (IDs) and passwords. These user IDs and
WP8_002 access account [ISA/IEC 62443-1-2, D1E6, 2017]
passwords may be linked to an individual or group of individuals such as control room work team performing the
same set of operating tasks.
1. Protection of system resources against unauthorized access; a process by which use of system resources is
WP8_003 access control regulated according to a security policy and is permitted by only authorized entities (users, programs, processes, or [ISA/IEC 62443-1-2, D1E6, 2017]
other systems) according to that policy.
1. Property of a system (including all of its system resources) that ensures that the actions of a system entity may be
WP8_004 accountability [ISA/IEC 62443-1-2, D1E6, 2017]
traced uniquely to that entity, which can be held responsible for its actions.
[ISO/IEC/IEEE 24765, 2010]
[ISO/IEC/IEEE 24765, 2010]
WP6_03 accuracy 1. a qualitative assessment of correctness, or freedom from error.
2. a quantitative measure of the magnitude of error
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_05 actual result
The behavior produced/observed when a component or system is tested.
In general, adaptability is the ability of a system to adjust its behaviour in an efficient manner to reflect changes in its
environment or in parts of the system itself.
Adaptability of a railway communication solution means, that such a system should be decoupled from the
WP3_2.1 Adaptability application, i.e., it should fit the needs and fulfil the expectations of several different heterogeneous applications.
Future applications will be able to be integrated efficiently. Furthermore, such a communication system should be
adaptable in terms of its multi-bearer capability, supporting a number of different radio access technologies and
related networks.
1. Defined and documented practices or procedures that individuals are personally accountable to follow at all times.
WP8_005 Administrative practices Note to entry: These are usually in the conditions of employment for the organization. In the IACS environment, [ISA/IEC 62443-1-2, D1E6, 2017]
these foten have HS&E implications.
[ISTQB (http://glossar.german-testing-board.info/)]
Any condition that deviates from expectation based on requirements specifications, design documents, user [ISTQB (http://glossar.german-testing-board.info/)]
WP6_09 anomaly
documents, standards, etc., or from someone's perception or experience. Anomalies may be found during, but not
limited to, reviewing, testing, analysis, compilation, or use of software products or applicable documentation.
Deliverable D2.3
Terminology for the future Signalling and Automation System
May
The Automatic Programming Interface (API) is the functions/primitives 2018 to complete the \emph{Runtime
required
WP4_132 API model}. It shall provide the remaining of the features listed hereabove which are not provided by the Runtime
model.All these can be provided with or without safety properties.
[ISO/IEC/IEEE 24765, 2010]
1. fundamental organization of a system embodied in its components, their relationships to each other, and to the
environment, and the principles guiding its design and evolution. ISO/IEC 15288:2008 (IEEE Std 15288-2008), Systems
and software engineering — System life cycle processes.4.5. [ISO/IEC/IEEE 24765, 2010]
WP6_166 Architecture
2. the organizational structure of a system or component.
3. the organizational structure of a system and its implementation guidelines. Syn: architectural structure cf.
component, module, subprogram, routine
NOTE sometimes refers to the design of a system's hardware and software components
individual or company responsible for one or more IACS
Note 1 to entry: Used in place of the generic word end user to provide differentiation
WP8_006 asset owner [ISA/IEC 62443-1-2, D1E6, 2017]
Note 2 to entry: This includes the components that are part of the IACS
Note 3 to entry: In the context of this standard, asset owner also includes the operator of the IACS
1) physical or logical object owned by or under the custodial duties of an organization, having either a perceived or
actual value to the organization
2) physical or logical object owned by or under the custodial duties of an organization, having either a perceived or
actual value to the organization
WP8_007 asset(s) 3) physical or logical object having either a perceived or actual value to the IACS [ISA/IEC 62443-1-2, D1E6, 2017]
Note 1 to entry: In the case of industrial automation and control systems the physical assets that have the largest
directly measurable value may be the equipment under control.
Note 2 to entry: In this specific case, an asset is any item that should be protected as part of the cyber security
management system.
Attribute of a system that provide grounds for having confidence that the system operates such that the system
WP8_008 assurance [ISA/IEC 62443-1-2, D1E6, 2017]
policy is enforced.
ATC On-board - Automatic Train The system for automatically controlling train movement, enforcing train safety, and directing train operations. ATC IEEE 1474.1-2004, Communications-Based Train Control (CBTC)
WP3_3.32
Control – on board train must include ATP and may include ATO. performance and functional requirements
The functionality that allows trains to be held at a defined location for regulation purposes. This functionality can be
WP4_001 ATO (Train, Area) Hold applied to either one train only or a defined area with multiple trains or the whole service which may run through
multiple traffic management controlled areas.
The area where, for Grades of Automation (GoA) 2 to 4, Automatic Train Operation is possible, informed by real-time
WP4_002 ATO Area dynamic update of operational data via a telecommunications link between the ATO on-board and ATO trackside
subsystems.
ATO Available is the ATO state when the ATO-OB is ready for operation and is waiting for the Engagement Conditions
WP4_003 ATO Available
to be fulfilled.
(definitions contained originally in “ATO over ETCS SUBSET-125
ATO Configuration is the ATO state when the ATO-OB executes self-tests procedures and receives the required ETCS
WP4_004 ATO Configuration ATO system requirements specification” and developed in that
Train Data.
work stream, which were moved to this document)
WP4_005 ATO Disengaged The status of the ATO on-board sub-system when it is not controlling train functions.
(definitions contained originally in “ATO over ETCS SUBSET-125
ATO state when the ATO-OB losses the ATO Operational conditions while being engaged. The ATO-OB controls the
WP4_006 ATO Disengaging ATO system requirements specification” and developed in that
braking command in order to bring the train to standstill waiting for the driver to disengage the ATO.
work stream, which were moved to this document)
(definitions contained originally in “ATO over ETCS SUBSET-125
WP4_007 ATO Engage Button Input that permits the driver to request to start automatic driving when the engagement conditions are fulfilled. ATO system requirements specification” and developed in that
work stream, which were moved to this document)
ATO state in which the ATO on-board is responsible for driving the train, controlling brake and traction according to
WP4_008 ATO Engaged
the computed ATO Operational Speed Profile.
Deliverable D2.3
Terminology for the future Signalling and Automation System
May 2018
ATO state when the ATO on-board has failed to power up, has failed its self-tests, has an in-service failure, or when it
WP4_009 ATO Failure
has detected a failure that does not allow it to perform its functions. This is applicable to the Failure state (FA).
WP4_010 ATO Fitted Train A train that is fitted with an ATO on-board sub-system.
(definitions contained originally in “ATO over ETCS SUBSET-125
The prevention of the ATO functionality over a defined area of the railway in the direction of travel. It may be in
WP4_011 ATO Inhibition Zone ATO system requirements specification” and developed in that
either or both directions of a bi-directional section of track.
work stream, which were moved to this document)
(definitions contained originally in “ATO over ETCS SUBSET-125
ATO state when the ATO Isolation Switch is set to isolation position. In this state, some functions of ATO are
WP4_012 ATO Isolation Mode ATO system requirements specification” and developed in that
inhibited.
work stream, which were moved to this document)
WP4_013 ATO Not Available ATO state when the ATO-OB is not ready for operation and it is waiting for the Operational Conditions to be fulfilled.
WP4_014 ATO Not Selected ATO Not Selected is the ATO state when the ATO Selector is in NS position.
WP4_015 ATO On-board The sub-system and set of automated non-safety-related driver functions, depending on the grade of automation.
ATO On-board - Automatic Train The subsystem within the ATC system that performs any or all of the functions of speed regulation, programmed IEEE 1474.1-2004, Communications-Based Train Control (CBTC)
WP3_3.34
Operation – on board train stopping, door control, performance level regulation, or other functions otherwise assigned to the train operator. performance and functional requirements
WP4_021 ATO Operated Train A train that is fitted with ATO on-board sub-system and this sub-system is operational.
The most energy efficient speed profile calculated by the ATO on-board sub-system that fulfils the Journey Profile
WP4_016 ATO Operational Speed Profile
and respects the ETCS safe braking envelope.
WP4_017 ATO over ETCS System (AoE) The set of interrelated or interacting components that provides ATO and ATP functionalities.
(definitions contained originally in “ATO over ETCS SUBSET-125
WP4_018 ATO Ready ATO state when the ATO-OB is ready for operation and it is waiting for the engagement order. ATO system requirements specification” and developed in that
work stream, which were moved to this document)
(definitions contained originally in “ATO over ETCS SUBSET-125
WP4_019 ATO Selected It is the ATO mode when the ATO-OB is in CO, NA, AV, RE, EM or DE state. ATO system requirements specification” and developed in that
work stream, which were moved to this document)
(definitions contained originally in “ATO over ETCS SUBSET-125
WP4_020 ATO Selector Input from the driver to select “ATO Selected Mode” (SM) or “ATO Not Selected Mode” (NS). ATO system requirements specification” and developed in that
work stream, which were moved to this document)
A set of functions that interfaces with the necessary trackside systems which contain the operational data and
WP4_022 ATO Trackside
infrastructure data that is required by the ATO on-board.
WP4_023 ATO Trackside Handover It is the process of passing the responsibility for an ATO train between two ATO trackside subsystems.
(definitions contained originally in “ATO over ETCS SUBSET-125
WP4_024 ATO Unpowered ATO state when the ATO on-board is powered off. ATO system requirements specification” and developed in that
work stream, which were moved to this document)
ATP On-board - Automatic Train The subsystem within the ATC system that maintains fail-safe protection against collisions, excessive speed, and IEEE 1474.1-2004, Communications-Based Train Control (CBTC)
WP3_3.33
Protection – on board train other hazardous conditions through a combination of train detection, train separation, and interlocking. performance and functional requirements
Deliverable D2.3
Terminology for the future Signalling and Automation System
May 2018
Assault on a system that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt
(especially in the sense of method or techniques) to evade security services and violate the security policy of a
system.
Note to entry: There are different commonly recognized classes of attack:
* An "active attack" attempts to alter system resources or affect their operation.
* A "passive attack" attempts to learn or make use of information from system but does not affect system resources.
WP8_009 attack [ISA/IEC 62443-1-2, D1E6, 2017]
* An "inside attack" is an attack initiated by an entity inside the security perimeter (an "insider") , i.e., an entity that
is authorized to access system resources but uses them in a way not approved by those who granted the
authorization..
* An "outside attack" is initiated from outside the perimeter, by an unauthorized or illegitimate user of the system
(including insider attacking from outside the security perimeter). Potential outside attackers range from amateur
pranksters to organized criminals, international terrorists, and hostile governments.
measure of the effort to be expended in attacking a TOE, expressed in terms of an attacker's expertise, resources and
WP8_010 attack potential motivation CC-1, CCMB-2012-09-001
Authors note: TOE Target of Evaluation
WP8_011 attack tree Formal, methodical way of finding ways to attack the security of a system. [ISA/IEC 62443-1-2, D1E6, 2017]
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_10 attack-based testing An experience-based testing technique that uses software attacks to induce failures, particularly security related
failures.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_11 attacker A person or process that attempts to access data, functions or other restricted areas of the system without
authorization, potentially with malicious intent.
[EN 50126:1999]
A systematic and independent examination to determine whether the procedures specific to the requirements of a [EN 50126:1999]
WP6_12 audit
product comply with the planned arrangements, are implemented effectively and are suitable to achieve the
specified objectives.
1) Security measure designed to establish the validity of a transmission, message, or originator, or a means of
verifying an individual's authorization to receive specific categories of information.
2) Action of verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources
WP8_012 Authentication [ISA/IEC 62443-1-2, D1E6, 2017]
in an information system.
3) Provision of assurance that a claimed characteristic of an identity is correct.
Note to entry: Authentication is usually a prerequisite to allowing access to resources in a control system.
1) Property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a
message, or message originator (see “authentication”).
WP8_013 Authenticity 2) Property that an entity is what it claims to be. [ISA/IEC 62443-1-2, D1E6, 2017]
Note to entry: Authenticity is typically used in the context of confidence in the identity of an entity, or the validation
or a transmission, a message, or message originator.
WP4_025 Automatic Joining An automatic process to couple two or more train consists.
WP4_026 Automatic Splitting An automatic process to separate a train into two or more individual consists.
Automatic Train Control System System which effects an emergency brake application if the driver does not react to certain signal aspects or speed IEC 60050-821:1998: International Electrotechnical Vocabulary -
WP4_027
(ATC) restrictions. Part 821: Signalling and security apparatus for railways
A method of operation in which different train operation tasks are automated, according to the Grade of Automation
WP4_028 Automatic Train Operation (ATO) (GoA) level present, up to GoA 4 level, where the train is automatically controlled without the presence of staff on
board.
ERA Glossary of Railway Terms, 8th November 2010, available at
A system that enforces obedience to signals and speed restrictions by speed supervision, including automatic stop at
WP4_029 Automatic Train Protection (ATP) http://www.era.europa.eu/Document-Register/Pages/Glossary-of-
signals.
railway-terms.aspx.
The functionality that allows trains to change direction for another journey which may include automatic unattended
WP4_030 Automatic Turnback
movement.
Deliverable D2.3
Terminology for the future Signalling and Automation System
[EN 50126:1999] May 2018
[EN 50126:1999]
WP6_14 availability The ability of a product to be in a state to perform a required function under given conditions at a given instant of
time or over a given time interval assuming that the required external resources are provided.
1) probability that an asset, under the combined influence of its reliability, maintainability, and security, will be able
to fulfill its required function over a stated period of time, or at a given point of time
WP8_015 Availability [ISA/IEC 62443-1-2, D1E6, 2017]
2) property of ensuring timely and reliable access to and use of information
3) property of ensuring timely and reliable access to and use of control system information and functionality
WP4_031 Awake Train This function is intended to prepare a train for operation.
A device for clear detection, based on the counting of axles entering and leaving a defined portion of track and
WP7_001 Axle counter -
comparing these values.
Backward compatibility is a property of a system, product, equipment, service or technology that allows for
WP3_2.6 Backward Compatibility
interoperability with an older or legacy system, or with input designed for such a system.
WP3_1.9 Bandwidth Anticipated data rate when using a specific application.
[ISO/IEC/IEEE 24765, 2010]
1. specification or product that has been formally reviewed and agreed upon, that thereafter serves as the basis for
further development, and that can be changed only through formal change control procedures. ISO/IEC 12207:2008
(IEEE Std 12207-2008), Systems and software engineering — Software life cycle processes.4.6, ISO/IEC 15288:2008
(IEEE Std 15288-2008), Systems and software engineering — System life cycle processes.4.7.
2. formally approved version of a configuration item, regardless of media, formally designated and fixed at a specific
time during the configuration item's life cycle. ISO/IEC 19770-1:2006, Information technology — Software asset
management — Part 1: Processes.3.1.
[ISO/IEC/IEEE 24765, 2010]
WP6_15 baseline 3. agreement or result designated and fixed at a given time, from which changes require justification and approval.
4. document or a set of such documents formally designated and fixed at a specific time during the life cycle of a
configuration item
5. work product that has been placed under formal configuration management.
6. snapshot of the state of a service or individual configuration items at a point in time. ISO/IEC 20000-1:2005,
Information technology — Service management — Part 1: Specification.2.2.
7. description of a system and its components (configuration items) at a particular period including any approved
updates.
8. an approved plan (for a project), plus or minus approved changes. It is compared to actual performance to
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_16 behavior
The response of a component or system to a set of input values and preconditions.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_17 black-box test design technique Procedure to derive and/or select test cases based on an analysis of the specification, either functional or non-
functional, of a component or system without reference to its internal structure.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_18 black-box testing
Testing, either functional or non-functional, without reference to the internal structure of the component or system.
A method of controlling the separation between trains by dividing the line into sections with, normally, no more than one
WP5_001 Block Subset-023
train in each section. The block can either be a fixed block or a moving block.
ERA Glossary of Railway Terms, 8th November 2010, available at
WP4_032 Block section A section of track in a fixed block system which a train may only enter when it is not occupied by other vehicles. http://www.era.europa.eu/Document-Register/Pages/Glossary-of-
railway-terms.aspx.
[ISO/IEC/IEEE 24765, 2010]
[ISO/IEC/IEEE 24765, 2010]
WP6_19 boundary value 1. a data value that corresponds to a minimum or maximum input, internal, or output value specified for a system or
component
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_23 bug
See defect
WP4_033 Built In Test The functionality that enables the AoE system to carry out its in-service health check.
WP8_017 business continuity plan Document with identified procedures for recovering from a disaster and restoring business operations. [ISA/IEC 62443-1-2, D1E6, 2017]
Deliverable D2.3
Terminology for the future Signalling and Automation System
May
Capital expenditure, or CapEx, are funds used by a company to acquire or 2018
upgrade physical assets such as property,
WP7_003 CAPEX -
industrial buildings or equipment
(also called Overhead line) Power distribution system formed by hanging electric power cables and used to transmit
WP7_002 Catenary -
electrical energy to trains
WP3_3.16 Catering Schedulers Staff tasked with scheduling on-train catering.
WP3_3.6 Catering Staff Catering staff on board trains
WP6 definition from Ed Morton:
the action or process of providing someone or something with an official document attesting to a status or level of
achievement.
It may refer to Sub-systems (e.g. Factory Acceptance certification) or complete Signalling Infrastructure Systems (e.g WP6 definition from Ed Morton:
WP6_171 Certification
a final Test Certificate [TC1] prior to Entry into Service in the UK).
Certification may also refer to the process of gaining regulatory approval for the use of a System under European
CSM-RA and Interoperability
Legislation.
Data that has been transformed by encryption so that its semantic information content (i.e., its meaning) is no longer
WP8_019 ciphertext [ISA/IEC 62443-1-2, D1E6, 2017]
intelligible or directly available.
WP5_002 Clear (a Signal) To change a signal aspect from its most restrictive aspect to a less restrictive aspect. Subset-023
WP8_021 client Device or application receiving or requesting services or information from a server application. [ISA/IEC 62443-1-2, D1E6, 2017]
IEV 811: International Electrotechnical Commission – Electric
WP4_034 Coasting The free running of a train with no traction and no brakes applied.
traction
[ISO/IEC/IEEE 24765, 2010]
1. in software engineering, computer instructions and data definitions expressed in a programming language or in a
form output by an assembler, compiler, or other translator
[ISO/IEC/IEEE 24765, 2010]
WP6_24 code 2. to express a computer program in a programming language.
3. a character or bit pattern that is assigned a particular meaning
cf. source code, object code, machine code, micro code
EXAMPLE a status code
WP4_035 Collision Detection Functionality which detects an unexpected contact between the train and an obstacle.
Order used to perform a function in a system.
Adapted by replacing UGTMS with AoE
Note 1 to entry: This order can originate from
- a system operator,
- an external system, IEC 62290-1:2014: Railway applications - Urban guided transport
WP4_036 Command - inside AOE; management and command/control systems, Part 1: System
principles and fundamental concepts.
this order can be sent:
- to an external system
- inside AOE.
1) Logical or physical point-to-point or multi-point data flow between components in one zone to one or more
components in another zone.
WP8_023 communication channel 2) Specific logical or physical communication link between assets. [ISO/IEC 62443-1-2, D1E6, 2017]
Note 1 to entry: Zone as defined for ISA/IEC 62443.
Note 2 to entry: A channel facilitates the establishment of a connection.
A set of rules and conventions governing a transferred message. The defined elements are syntax, semantics and
WP7_006 Communication protocol -
timing. A communication protocol consists of two parts: a data protocol and a transmission protocol.
Deliverable D2.3
Terminology for the future Signalling and Automation System
May 2018system, particularly those that provide
1) measures that implement and assure security services in a communication
data confidentiality and data integrity and that authenticate communicating entities
2) state that is reached by applying security services, in particular, state of data confidentiality, integrity, and
successfully authenticated communication entities
WP8_025 Communication Security [ISA/IEC 62443-1-2, D1E6, 2017]
Note to entry: This phrase is usually understood to include cryptographic algorithms and key management methods
and processes, devices that implement them, and the life-cycle management of keying material and devices.
However cryptographic algorithms and key management methods and processes may not be applicable to some
control system applications.
The ability of a product (here: communication link) to be in a state to perform a required function under given
EN 5126 - Railway applications- The specification and
conditions (here: allows communication with the given QoS parameters) at a given instant of time or over a given
WP3_1.12 Communications Availability demonstration of Reliability, Availability, Maintainability and
time interval assuming that the required external resources are provided. In this case, it includes the communications
Safety (RAMS)
link being useable, i.e., free from interference.
1) The ability of two or more systems or components to perform their required functions while sharing the same
hardware or software environment
WP6_25 Compatibility 2) The ability of two or more systems or components to exchange information. [ISO/IEC/IEEE 24765, 2010]
3) The capability of a functional unit to meet the requirements of a specified interface without appreciable
modification.
WP6_26 Compatibility tests Tests regarding Compatibility. (used in the glossary of deliverable D6.1) WP6 definition used in the glossary of deliverable D6.1
countermeasure employed in lieu of or in addition to inherent security capabilities to satisfy one or more security
requirements
Note to entry: Examples include:
1. (component-level): locked cabinet around a controller that doesn't have sufficient cyber access control
countermeasures
WP8_027 Compensating Countermeasures [ISA/IEC 62443-1-2, D1E6, 2017]
2. (system/zone-level): physical access control (guards, gates and guns) to protect a control room to restrict access to
a group of known personnel to compensate for the technical requirement for personnel to be unique identified by
the IACS
3. (component-level): a vendor's PLC can't meet the access control capabilities from an end-user, so the vendor puts
a firewall in front of the PLC and sells it as a system
[EN 50126:1999] [EN 50126:1999]
WP6_28 compliance
A demonstration that a characteristic or property of a product satisfies the stated requirements.
[ISO/IEC/IEEE 24765, 2010]
1. an entity with discrete structure, such as an assembly or software module, within a system considered at a
particular level of analysis. ISO/IEC 15026:1998, Information technology — System and software integrity levels.3.1.
2. one of the parts that make up a system. IEEE Std 829-2008 IEEE Standard for Software and System Test
Documentation.3.1.6.
3. set of functional services in the software, which, when implemented, represents a well-defined set of functions [ISO/IEC/IEEE 24765, 2010]
WP6_29 component
and is distinguishable by a unique name. ISO/IEC 29881:2008, Information technology — Software and systems
engineering — FiSMA 1.1 functional size measurement method.A.4
NOTE A component may be hardware or software and may be subdivided into other components. The terms
"module," "component," and "unit" are often used interchangeably or defined to be subelements of one another in
different ways depending upon the context. The relationship of these terms is not yet standardized. A component
may or may not be independently managed from the end-user or administrator's point of view.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_30 component testing
The testing of individual components/units/Subsystems.
1) Unauthorized disclosure, modification, substitution, or use of information (including plaintext cryptographic keys
and other critical security parameters).
WP8_029 compromise [ISA/IEC 62443-1-2, D1E6, 2017]
2) Violation of the security of a system such that an unauthorized disclosure or modification of sensitive information
may have ocurred.
Deliverable D2.3
Terminology for the future Signalling and Automation System
Computerized Maintenance Computerized Maintenance Management System (CMMS) is a meanMay 2018 maintenance tasks and to analyze
to perform
WP7_008 -
Management System collected data. It can also contain information to support fault handling and repairing
WP6_170 Concordance Tests see Correspondance Tests
Condition Based Maintenance is maintenance when need arises. This maintenance is performed after one or more
WP7_004 Condition Base Maintenance -
indicators show that equipment is going to fail or performance is degraded.
Conductors on-board trains are responsible for operational and safety duties that do not involve actual operation of
WP3_3.5 Conductors the train (e.g., ticket collection, customer service, observing door closure, performing safety tasks in case of
emergency/accident…)
1) logical grouping of communication assets that protects the security of the channels it contains.
2) logical grouping of communication channels, between connecting two or more zones, that share common security
requirements.
WP8_031 Conduit [ISO/IEC 62443-1-2, D1E6, 2017]
Note to entry: This is analogous to the way that a physical conduit protects cables from physical damage.
Note to entry: A conduit is allowed to traverse a zone as long as the security of the channels contained within the
conduit is not impacted by the zone
Confidence testing is a term used to define the repeat (duplicate) of any other test more than the absolute minimum
to achieve it's given success criteria. The number of repeat or duplicate tests is an arbitrary number based on the
WP6_32 Confidence testing [mail from NR]
user's experience and trust in the system.
[mail from NR]
1) assurance that information is not disclosed to unauthorized individuals, processes, or devices
2) preserving authorized restrictions on information access and disclosure, including means for protecting personal
privacy and proprietary information (FIPS 199)
WP8_033 Confidentiality 3) preserving authorized restrictions on information access and disclosure, including means for protecting personal [ISA/IEC 62443-1-2, D1E6, 2017]
privacy and proprietary information
Note to entry: When used in the context of an IACS, refers to protecting IACS data and information form
unauthorized access.
ISO 3511-4:1985: Industrial process measurement control
Capability of the system to allow users to select, from pre-programmed functions (modular software units), those
functions and instrumentation -- Symbolic representation -- Part
WP4_038 Configurable System which are necessary to accomplish a control strategy or other complex functions, without the use of computer
4: Basic symbols for process computer, interface, and shared
language.
display/control functions
WP5_003 Confirmed Safe Rear End Safe rear end of the train with integrity confirmed --
[ISO/IEC/IEEE 24765, 2010]
1. the fulfillment by a product, process or service of specified requirements. IEEE/EIA 12207.1-1997 IEEE/EIA
WP6_35 Conformity [ISA/IEC 62443-1-2, D1E6, 2017]
Standard: Industry Implementation of International Standard ISO/IEC 12207:1995, Standard for Information
Technology — Software Life Cycle Processes — Life cycle data.1.4.1
1) result that occurs from a particular incident
WP8_014 Consequence [ISA/IEC 62443-1-2, D1E6, 2017]
2) condition or state that logically or naturally follows from an event
IEC 61375-2-3:2017-02: Electronic railway equipment - Train
WP4_039 Consist Single vehicle or a group of vehicles which are not separated during normal operation. communication network (TCN) - Part 2-3: TCN communication
profile
IEC 62290-1:2014: Railway applications - Urban guided transport
Any elementary component, group of components, sub-assembly or complete assembly of equipment incorporated
WP4_040 Constituent management and command/control systems, Part 1: System
or intended to be incorporated into the AoE.
principles and fundamental concepts.
Electrically controlled switch used for switching an electrical power circuit, similar to a relay except with higher
WP7_005 Contactor -
current ratings.
WP3_1.4 Content Type The content type of applications is defined by four different categories (see table). UIC FRMCS User Requirements Specification, V2.
WP8_016 Control See security control. [ISA/IEC 62443-1-2, D1E6, 2017]
WP6 definition from Ed Morton:
The process of confirming an action from the Control Layer or Equipment element (e.g. button press, track circuit de- WP6 definition from Ed Morton:
WP6_169 Correspondence Tests
energisation, point movement) corresponds to the correct output at the required interface. (e.g. Signal 'off', track
circuit indication illuminated. points indication 'out of correspondence').
Deliverable D2.3
Terminology for the future Signalling and Automation System
May 2018
action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or
preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be
Countermeasure |
WP8_018 taken. [ISA/IEC 62443-1-2, D1E6, 2017]
Countermeasures
Note to entry: The term "Control" is also used to describe this concept in some contexts. The term countermeasure
has been chosen for this standard to avoid confusion with the world control in the context of "process control".
WP3_3.30 Fixed System Fixed communication system not on board a train (which may or may not be track-side).
A signalling system where trains are separated by virtual blocks configured when a scheme is engineered, and where
WP5_010 Fixed Virtual Block --
virtual block occupancy is derived from Train Position Reports.
WP3_5.4 Freight A dedicated freight line (no passengers) that spans between cities and possibly across nations.
Frequency of use reflects how often and/or the duration the application is used by an active user at a certain location
WP3_1.16 Frequency of Use UIC FRMCS User Requirements Specification, V2.
in a certain operational situation.
Electrochemical device that converts the chemical energy from a fuel into electricity; in this context it is considered
WP7_016 Fuel Cell -
as a power supply source
WP5_011 Full Moving Block A signalling system where trains are separated based only on Train Position Reports, without the use of virtual blocks. --
Deliverable D2.3
Terminology for the future Signalling and Automation System
WP4_053 Full Service Brake Service Brake set at maximum allowed effort. May 2018
This corresponds to the functional boundaries between the ATO System and the other functional components
WP4_133 Functional Architecture (Obstacle Detection, Antenna, ...). These boundaries are described in the FIS or FFFIS. It also includes the parting of
the KERNEL into different functions.
Testing conducted to evaluate the compliance of a system or component with specified functional requirements.
WP6_59 functional testing [ISO/IEC/IEEE 24765, 2010]
[ISO/IEC/IEEE 24765, 2010]
IEC 62290-1:2014: Railway applications - Urban guided transport
Application which contains all mandatory and all or a subset of optional functions, with predefined configurability
WP4_054 Generic Application management and command/control systems, Part 1: System
and customisable for different specific applications.
principles and fundamental concepts.
A worldwide position, time and velocity radio determination system comprising space, ground and user segments.
WP4_055 Global Navigation Satellite System
(EN 61209:1999-08)
National or regional body mandating a governance and regulatory framework placing specific legal, financial,
WP3_4.3 Government
operational, strategic, social and contractual obligations on Infrastructure Managers and Railway Undertakings.
IEC 62290-1:2014: Railway applications - Urban guided transport
Automation level of train operation, in which a train can be operated, resulting from sharing responsibility for given
WP4_056 Grade of Automation management and command/control systems, Part 1: System
basic functions of train operation between operations staff and system.
principles and fundamental concepts.
IEC 62290-1:2014: Railway applications - Urban guided transport
Grade of Automation 0 (GoA0) On- In this grade of automation, the driver has full responsibility and no system is required to supervise his activities.
WP4_057 management and command/control systems, Part 1: System
sight train operation However, points and single tracks can be partially supervised by the system.
principles and fundamental concepts.
In this grade of automation, the driver is in the front cabin of the train observing the guideway and stops the train in
the case of a hazardous situation. Acceleration[1] and braking are commanded by the driver in compliance with
IEC 62290-1:2014: Railway applications - Urban guided transport
Grade of Automation 1 (GoA1) wayside signals or cab-signal. The system supervises the activities of the driver. This supervision may be done at
WP4_058 management and command/control systems, Part 1: System
Non-automated train operation specific locations, be semi-continuous or continuous, notably in respect of the signals and the speed. Safe departure
principles and fundamental concepts.
of the train from the station, including door closing, is the responsibility of the operations staff.
Note: Acceleration is used in this context as a common term for traction.
In this grade of automation, the driver is in the front cabin of the train observing the guideway and stops the train in
IEC 62290-1:2014: Railway applications - Urban guided transport
Grade of Automation 2 (GoA2) the case of a hazardous situation. Acceleration and braking is automated and the speed is supervised continuously by
WP4_059 management and command/control systems, Part 1: System
Semi-automated train operation the system. Safe departure of the train from the station is the responsibility of the operations staff (door opening
principles and fundamental concepts.
and closing may be done automatically).
In this grade of automation, additional measures are needed compared to GOA2 because there is no driver in the
IEC 62290-1:2014: Railway applications - Urban guided transport
Grade of Automation 3 (GoA3) front cabin of the train to observe the guideway and stop the train in case of a hazardous situation. In this grade of
WP4_060 management and command/control systems, Part 1: System
Driverless train operation automation, a member of the operations staff is necessary on-board. Safe departure of the train from the station,
principles and fundamental concepts.
including door closing, can be the responsibility of the operations staff or may be done automatically.
In this grade of automation, additional measures are needed compared to GOA3 because there is no on-board
operations staff. Safe departure of the train from the station, including door closing, has to be done automatically. IEC 62290-1:2014: Railway applications - Urban guided transport
Grade of Automation 4 (GoA4)
WP4_061 More specifically, the system supports detection and management of hazardous conditions and emergency management and command/control systems, Part 1: System
Unattended train operation
situations such as the evacuation of passengers. Some hazardous conditions or emergency situations, such as principles and fundamental concepts.
derailment or the detection of smoke or fire, may require staff interventions.
WP6 definition from Giuseppe Savino:
Grey Box testing is a combination of White Box and Glass Box Testing. In this type of testing, the tester has little
knowledge about the internal working of the software, so he tests the output as well as process carried out to
WP6 definition from Giuseppe Savino:
WP6_172 grey-box testing generate the output. Grey-box testing refers to a testing system by knowing limited information about the internals
of the system. The knowledge is always limited for detailed design documents and architecture diagrams. In concise,
it is a good blend of black and white box testing, which leverage the strengths of each. A little knowledge of the
system is expected in Gray box testing.
1) Physical equipment used to process, store, or transmit computer programs or data.
WP6_60 Hardware 2) All or part of the physical components of an information system. [ISO/IEC/IEEE 24765, 2010]
[ISO/IEC/IEEE 24765, 2010]
WP6_61 Hardware tests Tests regarding hardware.
WP4_062 Hazard Potential source of harm ISO Guide 73:2009: Risk management – Vocabulary
Deliverable D2.3
Terminology for the future Signalling and Automation System
The time interval between the passing of the front ends of successiveMay 2018or trains moving along the same lane
vehicles
WP4_063 Headway
or track in the same direction.
EN 61924-2:2013: Maritime navigation and radiocommunication
Part of a system an operator interacts with. The interface is the aggregate of means by which the users interact with
equipment and systems - Integrated navigation systems - Part 2:
WP4_064 Human Machine Interface (HMI) a machine, device, and system (the system). The interface provides means for input, allowing the users to control the
Modular structure for INS - Operational and performance
system and output, allowing the system to inform the users.
requirements, methods of testing and required test results
aggregate of means by which people (the users) interact with a particular machine, device, computer program or
other complex tool (the system)
Note to entry: In many cases, these involve video screens or computer terminals, push buttons, auditory feedback,
WP8_045 Human-Machine Interface [ISA/IEC 62443-1-2, D1E6, 2017]
flashing lights, etc. The human-machine interface provides means of:
* Input, allowing the users to control the machine
* output, allowing the machine to inform the users
The Institute of Electrical and Electronic Engineers (IEEE) is, amongst others, responsible for the standardization of
WP3_4.12 IEEE
the IEEE 802.11 Wi-Fi standard family.
WP8_046 Impact evaluated consequence of a particular event ISA TR62443-1-2, D1E5
WP5_012 In advance of A term indicating a point beyond a specific location on the track, with respect to a given direction. Subset-023
WP5_013 In rear of A term indicating a point on the approach to a specific location on the track, with respect to a given direction. Subset-023
event that is not part of the expected operation of a system or service that causes, or may cause, an interruption to,
WP8_047 Incident ISA TR62443-1-2, D1E5
or a reduction in, the quality of the service provided by the control system
1) collection of personnel, hardware, and software that can affect or influence the safe, secure and reliable operation
of an industrial process
2) collection of personnel, hardware, software and policies involved in the operation of the industrial process ant
that can affect or influence its safe, secure, and reliable operation Note to entry: These systems include, but are not
limited to:
* industrial control systems, including distributed control systems (DCSs)
* programmable logic controllers (PLCs)
* remote terminal units (RTUs)
Industrial Automation and Control
WP8_048 * intelligent electronic devices [ISA/IEC 62443-1-2, D1E6, 2017]
Systems (IACS)
* supervisory control and data acquisition (SCADA)
* networked electronic sensing and control, and monitoring and diagnostic systems (In this context, process control
systems include basic process control system and safety-instrumented system [SIS] functions, whether they are
physically separate or integrated.)
* associated information systems such as advanced or multivariable control, online optimizers, dedicated equipment
monitors, graphical interfaces, process historians, manufacturing execution systems, and plant information
management systems
* associated internal, human, network, or machine interfaces used to provide control, safety, and manufacturing
WP8_049 Industrial Control System (ICS) see Industrial Automation and Control Systems (IACS) WP8
Any communication or representation of knowledge such as facts, data, or opinions in any medium or form, including
WP8_050 Information textual, numerical, graphic, cartographic, narrative, or audiovisual. [CNSSI 4009] NIST SP 800-53 r4
An instance of an information type. [FIPS 199]
The protection of information and information systems from unauthorized access, use, disclosure, disruption,
WP8_051 Information Security NIST SP 800-53 r4
modification, or destruction in order to provide confidentiality, integrity, and availability.
A discrete set of information resources organized for the collection, processing, maintenance, use, sharing,
dissemination, or disposition of information.
WP8_052 Information System (IS) NIST SP 800-53 r4
Note to entry: Information systems also include specialized systems such as industrial/process controls systems,
telephone switching and private branch exchange (PBX) systems, and environmental control systems.
Deliverable D2.3
Terminology for the future Signalling and Automation System
The ability of an information system to continue to: May 2018
(i) operate under adverse conditions or stress, even if in a degraded or debilitated state, while maintaining essential
WP8_053 Information System Resilience NIST SP 800-53 r4
operational capabilities; and
(ii) recover to an effective operational posture in a time frame consistent with mission needs.
computer-related assets of an organization that represent nonphysical assets, such as software applications, process
programs, and personnel files
Note to entry 1: Throughout this document, this use of the term of information technology is not abbreviated.
WP8_054 Information Technology (IT) Note to entry 2: Another use of information technology (IT) refers to the company's internal organization (e.g., the IT [ISA/IEC 62443-1-2, D1E6, 2017]
department) or the items traditionally maintained by this department (i.e., the administrative computers, servers,
and network infrastructure). Throughout this document, this use of the term information technology is abbreviated
as IT.
LC/TS 50591:2013: Specification and verification of energy
WP4_065 Infrastructure Equipment Fixed installations of the railway system (e.g. tracks, power supply, signalling, communication).
consumption for railway rolling stock
Any body or undertaking that is responsible in particular for establishing and maintaining railway infrastructure. This ERA Glossary / Directive 21/14/EC On the allocation of railway
WP3_3.18 Infrastructure Manager may also include the management of infrastructure control and safety systems. The functions of the infrastructure infrastructure capacity and the levying of charges for the use of
manager on a network or part of a network may be allocated to different bodies or undertakings. railway infrastructure and safety certification
WP8_055 Initial Risk risk before controls or countermeasures have been applied (See “risk”) ISA TR62443-1-2, D1E5
"trusted" person, employee, contractor, or supplier who has information that is not generally known to the public
WP8_131 insider [ISA/IEC 62443-1-2, D1E6, 2017]
(See "outsider").
Installability is the ease with which a system, a service or an application can be successfully installed in its
WP3_2.7 Installability
environments in a timely and cost-efficient manner.
The progressive linking and testing of programs or modules in order to ensure their proper functioning in the
WP6_63 integration test complete system. [ISO/IEC/IEEE 24765, 2010]
[ISO/IEC/IEEE 24765, 2010]
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_62 integration testing Testing performed to expose defects in the interfaces and in the interactions between integrated components or
systems.
1) quality of a system reflecting the logical correctness and reliability of the operating system, the logical
completeness of the hardware and software implementing the protection mechanisms, and the consistency of the
data structures and occurrence of the stored data 2) property of protecting the accuracy and completeness of assets
WP8_056 Integrity 3) guarding against improper modifications or destruction, and includes ensuring information non-repudiation and [ISA/IEC 62443-1-2, D1E6, 2017]
authenticity (FIPS 199)
Note to entry: in a formal security mode, integrity is often interpreted more narrowly to mean protection against
unauthorized modification or destruction of information.
Capture and disclosure of message contents or use of traffic analysis to compromise the confidentiality of a
WP8_132 interception communication system based on message destination or origin, frequency or length of transmission, and other [ISA/IEC 62443-1-2, D1E6, 2017]
communication attributes.
IEC 62290-1:2014: Railway applications - Urban guided transport
Is the capability of system components identified in this document to be procured from any number of suppliers and
WP4_067 Interchangeability management and command/control systems, Part 1: System
replaced without any substantial change in functionality or performance.
principles and fundamental concepts.
Testing conducted to evaluate whether systems or components pass data and control correctly to one another.
WP6_64 interface testing [ISO/IEC/IEEE 24765, 2010]
[ISO/IEC/IEEE 24765, 2010]
ERA Glossary of Railway Terms, 8th November 2010, available at
An arrangement of switches and signals interconnected in a way that each movement follows the other in a proper
WP4_068 Interlocking http://www.era.europa.eu/Document-Register/Pages/Glossary-of-
and safe sequence.
railway-terms.aspx.
A general term applied to the controlling of the setting and releasing of “signals” (if any) and “points” to prevent
unsafe conditions arising, and equipment which performs this function.
WP5_014 Interlocking Derived from Subset-023
Note - Definition as from Subset-023: A general term applied to the controlling of the setting and releasing of “signals”
and “points” to prevent unsafe conditions arising, and equipment which performs this function.
Deliverable D2.3
Terminology for the future Signalling and Automation System
May 2018
A system that, in accordance with commands from a signaling or signaling control system, manages track side
WP7_017 Interlocking -
equipment and the safe movement of rail traffic.
1) The ability of two or more systems or components to exchange information and to use the information that has
been exchanged
1) ISO/IEC/IEEE 24765, 2010
2) The capability to communicate, execute programs, and transfer data among various functional units in a manner
2) Interoperability Directive 2008/57/EC
WP6_65 interoperability that requires the user to have little or no knowledge of the unique characteristics of those units.
3) ERA Glossary / Directive 2008/57/EC on the interoperability of
3) The ability of a rail system to allow the safe and uninterrupted movement of trains which accomplish the required
the rail system within the Community
levels of performance. This ability depends on all the regulatory, technical and operational conditions which must be
met in order to satisfy the essential requirements.
1) Testing conducted to ensure that a modified system retains the capability of exchanging information with systems
WP6_68 interoperability testing of different types, and of using that information. [ISO/IEC/IEEE 24765, 2010]
[ISO/IEC/IEEE 24765, 2010]
Security service that monitors and analyzes system events for the purpose of finding, and providing real-time or near
WP8_133 intrusion detection [ISA/IEC 62443-1-2, D1E6, 2017]
real-time warning of, attempts to access system resources in an unauthorized manner.
Protection of systems from the theft or damage to their software or information, as well as
WP7_018 IT Security -
from disruption or misdirection of the services
System or component testing whose primary objective is to discover vulnerabilities.
WP6_164 IT security tests Vulnerabilities include those that cause denial of service ISA-62443-2-4
[ISA-62443-2-4]
WP4_070 Jerk First derivative of the acceleration with respect to time.
The functionality that provides low speed control in both forward and reverse directions to enable correction of a
WP4_071 Jog
train’s alignment with a defined stopping location.
Join Mission Critical Network
WP3_6.8 Dedicated mobile network adapted to the needs of multiple mission critical sectors (rail, PPDR…)
(shared with, e.g., PPDR)
EN 13816:2002: Transportation - Logistics and services - Public
WP4_072 Journey Scheduled movement of a vehicle along a single route. passenger transport; Service quality definition, targeting and
measurement
The Journey Profile contains the set of dynamic infrastructure data and operational data required by the ATO-OB in
order to drive the train. The operational data contains the list of Timing Points to be traversed by the train along its
WP4_073 Journey Profile
journey. This list is defined in real time on the basis of the scheduled timetable and on-line traffic regulation. The
Journey Profile may be updated during the journey.
Process of handling and controlling cryptographic keys and related material (such as initialization values) during their
WP8_134 key management life cycle in a cryptographic system, including ordering, generating, distributing, storing, loading, escrowing, archiving, [ISA/IEC 62443-1-2, D1E6, 2017]
auditing, and destroying the keys and related material.
[RD18] EN 50119:2009: Railway applications - Fixed installations -
WP4_074 Kinematic Envelope Kinematic load gauge further enlarged to allow for possible tolerances in the position of the track.
Electric traction overhead contact lines
WP5_015 L3 On-board An EVC which is capable of operating at ETCS Level 3. It will also operate at other ETCS Levels. --
WP6 definition from Oliver Röwer: WP6 definition from Oliver Röwer:
WP6_162 laboratory
A laboratory is a facility that provides a test environment and controlled environmental conditions for testing.
WP3_1.8 Latency The end-to-end user transport delay between the involved communication entities.
existing industrial automation and control system in a facility that may not be available as a commercial off the shelf
WP8_057 Legacy System (COTS) item ISA TR62443-1-2, D1E5
Note to entry: A legacy system may have been COTS at one time, but it may be no longer available and/or supported.
WP3_2.17 Legal obligations Ability to fulfil legal obligations (e.g. ownership of mission critical infrastructure)
Deliverable D2.3
Terminology for the future Signalling and Automation System
A level of ERTMS/ETCS that uses radio to pass movement authoritiesMay 2018
to the train. Level 3 uses train reported position
WP5_016 Level 3 Subset-023
and integrity to determine if it is safe to issue the movement authority.
An intersection at grade between roads and railway tracks that may or may not be protected by lights, barriers or
WP7_019 Level crossing -
other equipment.
WP7_020 Level crossing system The driving and detection system of the protection devices of a level crossing -
Evolution of a system, product, service, project or other human-made entity from conception through retirement.
WP8_058 Life Cycle | Life-Cycle [ISA/IEC 62443-1-2, D1E6, 2017]
Note to entry: Sources include ISO/IEC 15288 and ISO/IEC 12207
Sum of all recurring and one-time (non-recurring) costs over the full life span or a specified period of a good, service,
WP7_021 Life Cycle Cost -
structure or system
WP8_059 Likelihood quantitative chance that an incident may occur ISA TR62443-1-2, D1E5
Operation along a line setting between stations and yards, where line is defined as: One or more adjacent running
WP3_1.19 Line tracks forming a route between two points. Where a section of network comprises two or more lines running ERA Glossary / Glossary for Transport Statistics
alongside one another, there are as many lines as routes to which tracks are allotted exclusively.
IEC 60050-821:1998: International Electrotechnical Vocabulary -
WP4_075 Line Clear Detection Automatic proving or detection that a line is clear or occupied.
Part 821: Signalling and security apparatus for railways
EN 5126 - Railway applications- The specification and
The probability that an item (here: communication link) can perform a required function under given conditions
WP3_1.10 Link Reliability demonstration of Reliability, Availability, Maintainability and
(here: allows communication with the given QoS parameters) for a given time interval.
Safety (RAMS)
A method for reducing the large fluctuations that occur in electricity demand, for example by storing excess
WP7_022 Load Levelling -
electricity during periods of low demand for use during periods of high demand
[ISTQB (http://glossar.german-testing-board.info/)]
A type of performance testing conducted to evaluate the behavior of a component or system with increasing load, [ISTQB (http://glossar.german-testing-board.info/)]
WP6_69 load testing
e.g., numbers of parallel users and/or numbers of transactions, to determine what load can be handled by the
component or system.
The process of accumulating energy in an energy storage system (e.g. Supercap or rechargeable battery) and
WP7_023 Load/charge Cycles -
discharging it providing supply to a load.
Force a functional unit to maintain a defined value of the output variable independent of all other input variables or EC 60050-351:2013:International electrotechnical vocabulary -
WP4_076 Lock
state variables. Part 351: Control technology
The useful life of a system, unless otherwise agreed at the time of tendering between the equipment manufacturer
WP3_2.3 Longevity EN5155:27
and the user, shall be taken as 20 years.
WP3_5.1 Mainline A dedicated (high-speed) passenger line / train that spans between cities and possibly across the nations.
The probability that a given active maintenance action, for an item under given conditions of use can be carried out EN 5126 - Railway applications- The specification and
WP3_2.4 Maintainability within a stated time interval when the maintenance is performed under stated conditions and using stated demonstration of Reliability, Availability, Maintainability and
procedures and resources. Safety (RAMS)
The combination of all technical and administrative actions, including supervisory actions, intended to retain a
WP7_025 Maintenance -
product in, or restore it to, a state in which it can perform a required function.
IEC 62290-1:2014: Railway applications - Urban guided transport
WP4_077 Maintenance Staff Maintenance staff are persons who are involved in maintenance of infrastructure and rolling stock. management and command/control systems, Part 1: System
principles and fundamental concepts.
composite of all maintenance resources that must be acquired for maintaining the system throughout its life cycle,
including: Spare parts data/documentation/storage; Maintenance procedures; Maintenance manuals; Maintenance
WP7_026 Maintenance System -
facilities (power supplies, offices, building of testing centres); External testing equipment; Special tools; Training of
maintenance personnel.
Programs or code written for the purpose of gathering information about systems or users, destroying system data,
providing a foothold for further intrusion into a system, falsifying system data and reports, or providing time-
consuming irritation to system operations and maintenance personnel.
WP8_135 malicious code [ISA/IEC 62443-1-2, D1E6, 2017]
Note to entry: Malicious code attacks can take the form of viruses, worms, Trojan Horses, or other automated
exploits.
Note to entry: Malicious code is also often referred to as "malware".
Deliverable D2.3
Terminology for the future Signalling and Automation System
CSMS (cybersecurity management system) program designed by an May 2018 to maintain the security of the
organization
WP8_060 Management System entire organization's assets to an established level of confidentiality, integrity, and availability, whether they are on [ISA/IEC 62443-1-2, D1E6, 2017]
the business side or the industrial automation and control systems side of the organization.
The maximum safe front end position differs from the estimated position by the Under-reading Amount in the distance
WP5_018 Max safe front end Subset-023
measured from the LRBG plus the Location Accuracy of the LRBG.
WP5_017 May Is permissible. Subset-023
A dedicated urban (mass transit) passenger line / train that spans part or all of a city and possibly as far as the
WP3_5.2 Metro/Urban
neighboring towns (with sections both above and below ground).
A management information base (MIB) is a formal description of variables that can be managed using the Simple
MIB: Management Information
WP7_024 Network Management Protocol (SNMP). Characteristics of variables such as type of data and access criteria can be -
Base
defined.
Necessity of a system to migrate from an existing one to a new one. This includes the possibility of co-existing with a
WP3_2.10 Migration
legacy system and its applications.
The minimum safe front end position differs from the estimated position by the Over-reading Amount in the distance
WP5_019 Min safe front end Subset-023
measured from the LRBG plus the Location Accuracy of the LRBG.
The min safe rear end position shall be calculated by subtracting the train length (acquired as Train Data) from the min
WP5_020 Min safe rear end CR940
safe front end position
Minimum allowed value of dwell time, defined for each stopping point included in the journey profile, to be
WP4_078 Minimum Dwell Time considered by the ATO-OB before departure. The minimum dwell time is applied during normal or degraded
operation to aid service recovery
Any train movement started under the supervision of an ERTMS/ETCS on-board equipment in one the following modes:
WP5_021 Mission, ETCS FS, LS, SR, OS, NL, UN, or SN. Subset-023
The ETCS mission is ended when any of the following modes is entered: SB, SH.
Mistake
1. a human action that produces an incorrect result [ISO/IEC/IEEE 24765, 2010], ISTQB (http://glossar.german-testing-
WP6_70 mistake NOTE: The fault tolerance discipline distinguishes between a human action (a mistake), its manifestation (a hardware board.info/)
or software fault), the result of the fault (a failure), and the amount by which the result is incorrect (the error).
See Error
Is a design approach that subdivides a system into smaller parts called modules or skids, that can be independently
created and then used in different systems. A modular system can be characterized by functional partitioning into
WP4_079 Modular Design Wikipedia
discrete scalable, reusable modules; rigorous use of well-defined modular interfaces; and making use of industry
standards for interfaces.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_72 monkey testing Testing by means of a random selection from a large range of inputs and by randomly pushing buttons, ignorant of
how the product is being used.
A pivoting or flexible frog (common crossing) that is operated by a point machine to close the rail gap at the frog in
WP7_027 Moveable frog -
accordance to the route that is set up.
Permission for a train to move to a specific location with supervision of speed.
WP5_023 Movement Authority Note - Definition as from Subset-023: Permission for a train to run to a specific location within the constraints of the Derived form Subset-023
infrastructure.
A block whose length is defined by the position of the train occupying the section of track ahead.
WP5_024 Moving Block The minimum block length would be from the rear most part of the occupying train to a point on the track where, if the Subset-023
train braked from its current speed, the front of the occupying train would be when the train came to a stand.
[ISTQB (http://glossar.german-testing-board.info/)]
Tests aimed at showing that a component or system does not work. Negative testing is related to the tester's [ISTQB (http://glossar.german-testing-board.info/)]
WP6_73 negative testing
attitude rather than a specific test approach or test design technique, e.g., testing with invalid input values or
exceptions.
In Switzerland the proof of operability of a system was done by so called " NetAcces" tests. Now they are called
WP6_74 Net Access [mail from Bombardier]
"Operational Interoperability Tests" (IOP tests).
Deliverable D2.3
Terminology for the future Signalling and Automation System
May 2018
WP3_2.14 Network CAPEX Network investment costs
WP3_2.11 Network Security Risk Combination of the probability of occurrence of harm and the severity of that harm. IEC 6158-4:21; ISO/IEC Guide 51:1999, definition 3.2
An arrangement of insulators in the Overhead Line Equipment designed to ensure that two sections are kept
WP4_080 Neutral Section
electrically separate even during the passage of a pantograph.
WP7_028 Non Vital Data Data communication that is not safety critical -
WP4_081 Non-ATO Train Non-ATO equipped trains and trains with inoperative ATO on-board equipment.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_75 non-functional requirement A requirement that does not relate to functionality, but to attributes such as reliability, efficiency, usability,
maintainability and portability.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_77 non-functional testing Testing the attributes of a component or system that do not relate to functionality, e.g., reliability, efficiency,
usability, maintainability and portability.
1) Security service that provides protection against false denial of involvement in a communication.
2) Ability to prove the occurrence of a claimed event or action and its originating entities.
3) Assurance that the sender of information is provided with proof of delivery and the recipient is ving processed the
WP8_136 non-repudiation [ISA/IEC 62443-1-2, D1E6, 2017]
information.
Note to entry: The purpose of non-repudiation is to resolve disputes about the occurrence or non-occurrence of the
event or action and involvement of entities in the event.
A sub-system able to supervise the area in front of or around the train in order to detect and identify objects on or
WP4_082 Obstacle Detection
close to the track that might adversely affect safe train operation.
A portion of track (i.e a track section if Track Vacancy Detection devices are used) having any part of a train present
WP5_025 Occupied Derived from Subset-023
upon it.
A Timing Point defined in the Segment Profile where the train is planned to stop within a given time window defined
WP4_112 Stopping Point
in the Journey Profile, usually to carry out a specific activity such as allowing passengers to join and leave the train.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_114 stress testing A type of performance testing conducted to evaluate a system or component at or beyond the limits of its
anticipated or specified workloads, or with reduced availability of resources such as access to memory or servers.
part of a system, which is itself a system
WP6_115 Subsystem [SOURCE: IEC 60050-192:2015, 192-01-04]
[SOURCE: IEC 60050-192:2015, 192-01-04]
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_116 Subsystem testing
See component testing
(also called super cap) High-capacity capacitor able to store 10 to 100 times more energy per unit volume or mass
WP7_045 Super capacitor -
than electrolytic capacitors
IEV 191-04-01: International Electrotechnical Commission -
WP4_113 Supervision Activity, performed either manually or automatically, intended to observe the state of an item.
Dependability and quality of service
WP6 definition from Giuseppe Savino: WP6 definition from Giuseppe Savino:
WP6_176 Supervision tests
Testing activities related to system monitoring (i.e.: QoS, alarms, notification).
type of loosely coupled distributed monitoring and control system commonly associated with electric power
Supervisory Control And Data transmission and distribution systems, oil and gas pipelines, and water and sewage systems
WP8_102 ISA TR62443-1-2, D1E5
Acquisition (SCADA) System Note to entry: Supervisory control systems are also used within batch, continuous, and discrete manufacturing plants
to centralize monitoring and control activities for these sites.
The Smart Wayside Object Controller (SWOC) is a piece of equipment that is directly connected to the Wayside
SWOC: Smart Wayside Object
WP7_046 Objects, on one side, and to the Route Management Systems (Interlocking, TMS, ATP, etc.), on the other side; and to -
Controller
other SWOCs
Ratio between uplink traffic and downlink traffic. Up-link refers to “mobile to infrastructure”, and down-link refers to
WP3_1.5 Symmetry (Up/Down)
“infrastructure to mobile”.
set of interrelated elements considered in a defined context as a whole and separated from their environment
WP6_117 system [SOURCE: IEC 60050-351:2013, 351-42-08]
[SOURCE: IEC 60050-351:2013, 351-42-08]
WP8_103 System interacting, interrelated, or interdependent elements forming a complex whole ISA TR62443-1-2, D1E5
Phase of System Lifecycle in which following activities are performed:
a) Assessment of complianche of the total combination of subsystems, components and external risk reduction
WP6_177 System Acceptance measures with the overall RAMS requirements of the complete system. [EN 50126: 2011]
b) Acceptance of the system for entry into service.
[EN 50126: 2011]
Deliverable D2.3
Terminology for the future Signalling and Automation System
WP6_165 System Approval See System Acceptance May 2018
person or company that specializes in bringing together component subsystems into a whole and ensuring that those
WP8_104 System Integrator ISA TR62443-1-2, D1E5
subsystems perform in accordance with project specifications
measure of confidence that computer systems and data are free from vulnerabilities and able to report anomalies in
WP8_105 System Security Level a timely manner; and, the computer systems function in the intended manner ISA TR62443-1-2, D1E5
Note to entry: See the definitions of target security level, capability security level, and achieved security level.
Testing conducted on a complete, integrated system to evaluate the system's compliance with its specified
WP6_118 system testing requirements. [ISO/IEC/IEEE 24765, 2010]
[ISO/IEC/IEEE 24765, 2010]
WP8_106 System Under Consideration collection of IACS and related assets for the purpose of security risk analysis ISA TR62443-1-2, D1E5
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_119 system under test
See test object.
WP8_107 Target of Evaluation (TOE) set of software, firmware and/or hardware possibly accompanied by guidance CC-1, CCMB-2012-09-001
Target of Evaluation (TOE)
WP8_108 assessment of a TOE against defined criteria CC-1, CCMB-2012-09-001
evaluation
WP8_109 Target Security Level measure of confidence based on security policy and consequence analysis ISA TR62443-1-2, D1E5
An organisation that operates one or more telecoms bearers (e.g. a public Mobile Network Operator (MNO) or the
WP3_3.24 Telecoms Bearer Operator
communications department of an Infrastructure Manager).
Telecoms Equipment
WP3_4.2 A company or organization that is responsible for developing and manufacturing telecoms equipment.
Manufacturers
WP3_2.16 Terminal CAPEX Costs for terminal / on-board costs
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_160 test automation The use of software to perform or support test activities, e.g. test management, test design, test execution and
results checking.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_120 test automation architecture An instantiation of the generic test automation architecture to define the architecture of a test automation solution,
i.e., its layers, components, services and interfaces.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_121 test automation strategy
A high-level plan to achieve long-term objectives of test automation under given boundary conditions.
[ISTQB (http://glossar.german-testing-board.info/)]
A set of input values, execution preconditions, expected results and execution postconditions, developed for a [ISTQB (http://glossar.german-testing-board.info/)]
WP6_122 test case
particular objective or test condition, such as to exercise a particular program path or to verify compliance with a
specific requirement.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_123 test case result The final verdict on the execution of a test and its outcomes, such as pass, fail, or error. The result of error is used for
situations where it is not clear whether the problem is in the test object.
[ISO/IEC/IEEE 24765, 2010]
1. documentation specifying the details of the test approach for a software feature or combination of software
[ISO/IEC/IEEE 24765, 2010]
WP6_125 Test design features and identifying the associated tests. IEEE Std 1012-2004 IEEE Standard for Software Verification and
Validation.3.1.32
NOTE commonly includes the organization of the tests into groups
[ISO/IEC/IEEE 24765, 2010]
[ISO/IEC/IEEE 24765, 2010]
WP6_126 test design specification 1. a document specifying the details of the test approach for a software feature or combination of software features
and identifying the associated tests
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_127 test environment An environment containing hardware, instrumentation, simulators, software tools, and other support elements
needed to conduct a test.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_128 test execution
The process of running a test on the component or system under test, producing actual result(s).
Deliverable D2.3
Terminology for the future Signalling and Automation System
[ISTQB (http://glossar.german-testing-board.info/)] May 2018
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_129 test execution automation The use of software, e.g., capture/playback tools, to control the execution of tests, the comparison of actual results
to expected results, the setting up of test preconditions, and other test control and reporting functions.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_130 test execution tool
A type of test tool that is able to execute other software using an automated test script, e.g., capture/playback.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_131 test implementation The process of developing and prioritizing test procedures, creating test data and, optionally, preparing test
harnesses and writing automated test scripts.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_132 test input The data received from an external source by the test object during test execution. The external source can be
hardware, software or human.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_133 test item
The individual element to be tested. There usually is one test object and many test items.
[ISTQB (http://glossar.german-testing-board.info/)]
A group of test activities that are organized and managed together. A test level is linked to the responsibilities in a
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_134 test level project.
Examples of test levels used in WP6 (see D6.2) are subsystem test, integration test and system test.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_135 test management
The planning, estimating, monitoring and control of test activities, typically carried out by a test manager.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_136 test manager The person responsible for project management of testing activities and resources, and evaluation of a test object.
The individual who directs, controls, administers, plans and regulates the evaluation of a test object.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_137 test object
The component or system to be tested.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_138 test objective
A reason or purpose for designing and executing a test.
[ISO/IEC/IEEE 24765, 2010]
[ISO/IEC/IEEE 24765, 2010]
WP6_140 test phase 1. the period of time in the software life cycle during which the components of a software product are evaluated and
integrated, and the software product is evaluated to determine whether or not requirements have been satisfied
[ISO/IEC/IEEE 24765, 2010]
test plan
1. a document describing the scope, approach, resources, and schedule of intended test activities. IEEE Std 1012-
2004 IEEE Standard for Software Verification and Validation.3.1.33.
2. a document that describes the technical and management approach to be followed for testing a system or
component. IEEE Std 1012-2004 IEEE Standard for Software Verification and Validation.3.1.33. [ISO/IEC/IEEE 24765, 2010]
WP6_141 test plan/test strategy
3. a plan that establishes detailed requirements, criteria, general methodology, responsibilities, and general planning
for test and evaluation of a system. ISO/IEC 2382-20:1990, Information technology — Vocabulary — Part 20: System
development.20.06.09
NOTE It identifies test items, the features to be tested, the testing tasks, who will do each task, and any risks
requiring contingency planning. Typical contents identify the items to be tested, tasks to be performed,
responsibilities, schedules, and required resources for the testing activity.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_142 test script
Commonly used to refer to a test procedure specification, especially an automated one.
WP6_143 test sequence see use case: WP6_150 #WERT!
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_144 test specification
A document that consists of a test design specification, test case specification and/or test procedure specification.
Deliverable D2.3
Terminology for the future Signalling and Automation System
[ISTQB (http://glossar.german-testing-board.info/)] May 2018
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_159 test strategy A high-level description of the test levels to be performed and the testing within those levels for an organization or
programme (one or more projects)
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_145 test tool A software product that supports one or more test activities, such as planning and control, specification, building
initial files and data, test execution and test analysis.
[ISTQB (http://glossar.german-testing-board.info/)]
[ISTQB (http://glossar.german-testing-board.info/)]
WP6_146 test type A group of test activities aimed at testing a component or system focused on a specific test objective, i.e. functional
test, usability test, regression test etc. A test type may take place on one or more test levels or test phases.
[ISTQB (http://glossar.german-testing-board.info/)] [ISTQB (http://glossar.german-testing-board.info/)]
WP6_147 tester
A skilled professional who is involved in the testing of a component or system.
[ISO/IEC/IEEE 24765, 2010]
1. activity in which a system or component is executed under specified conditions, the results are observed or [ISO/IEC/IEEE 24765, 2010]
WP6_148 testing
recorded, and an evaluation is made of some aspect of the system or component. IEEE Std 829-2008 IEEE Standard
for Software and System Test Documentation.3.1.46
1) potential for violation of security, which exits when there is a circumstance, capability, action, or event that could
breach security and cause harm
2) circumstance or event with the potential to adversely affect organizational operations (including mission,
functions, image or reputation), organizational assets, IACS, or individuals via unauthorized access destruction,
WP8_110 Threat [ISA/IEC 62443-1-2, D1E6, 2017]
disclosure, modification of data and/or denial of service
3) circumstances or event with the potential to adversely affect operations (including mission, functions, image or
reputation), assets, control systems or individuals via unauthorized access, destruction, disclosure, modification of
data and/or denial of service
WP8_111 Threat Action assault on system security ISA TR62443-1-2, D1E5
Method, including a surrogate, used to breach the security of a facility, operation or system by exploiting a
WP8_112 Threat Agent [ISA/IEC 62443-1-2, D1E6, 2017]
vulnerability
WP8_113 Threat Assessment Formal description and evaluation of threat to an information system. NIST SP 800-53 r4
WP8_114 Threat Scenario situation and manner in which an attacker (or Threat Agent) attempts to cause harm ISA TR62443-1-2, D1E5
intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may
WP8_115 Threat Source ISA TR62443-1-2, D1E5
accidentally trigger a vulnerability (synonymous with threat agent)
WP8_116 Threat Vector a threat vector is a path or means by which a threat agent can gain access to an asset resulting in a negative outcome ISA TR62443-1-2, D1E5
WP4_114 Timetable Planned chronological occupation of rail infrastructure for train movements.
A location and stopping accuracy defined in the Segment Profile for which a type (Stopping or Passing Point) and
WP4_115 Timing Points specific time is identified in the Journey Profile. This time may be an arrival time, a departure time, or in the case of a
train not scheduled to stop at that location, the passing time.
An electrical circuit of which the rails of a track section form a part and which is used to positively detect the absence
WP7_050 Track Circuit -
of trains over that section of the Station or Line.
WP5_037 Track free A route being detected clear of obstacles such that permission may be given for a train to enter that route. Subset-023
WP5_038 Track occupied An object in a route that prevents that route being offered to a train. Subset-023
Connected and bounded section of a track.
WP5_039 Track Portion Note: This does not necessarily correspond to a track vacancy detection related track section. --
To be clarified
The equipment with the aim of exchanging information with the vehicle for safely supervising train circulation. The
WP5_040 Trackside equipment information exchanged between track and trains can be either continuous or intermittent according to the Subset-023
ERTMS/ETCS level of application and to the nature of the information itself.
WP3_3.13 Trackside Maintenance Staff Staff tasked with maintaining the track and railway infrastructure