OT Security in Indian Transport and Logistics: Railways, Ports, and Sagarmala
Country Manager, Sweden
AI, DevOps, Security, and Cloud Solutioning. 12+ years leading enterprise cloud transformation across Scandinavia
Indian Railways moves 24 million passengers and 3 million tonnes of freight daily on an OT infrastructure that is simultaneously being modernised and increasingly targeted by cyber actors. The Indian Railways network - 68,000 route kilometres, 7,335 stations, and one of the world's largest employer organisations - runs on operational technology spanning signalling systems, Train Control Management Systems (TCMS), interlocking, traction power supply, and operations management. A successful OT attack on a critical railway OT system does not just disrupt schedules; it creates life-safety risks for passengers and freight. CERT-In issued its first railway sector cybersecurity advisory in 2023, reflecting growing recognition of the threat. (Indian Railways, 2025)
India's port and logistics infrastructure faces parallel OT security challenges. Sagarmala Programme investments in port modernisation, terminal automation, and logistics connectivity are creating OT environments - automated cranes, vessel traffic systems, port SCADA, and logistics tracking - that are increasingly connected and insufficiently secured. The nine major ports under the Ministry of Ports, Shipping and Waterways handle over 700 million metric tonnes of cargo annually, making port OT disruption economically significant at a national scale. (Ministry of Ports, 2025)
OT threat landscape India 2026Key Takeaways
- Indian Railways OT spans signalling, TCMS, interlocking, and traction power - all life-safety critical systems.
- Sagarmala Programme port modernisation is creating automated, connected port OT without consistent security standards.
- The 2022 Indian Railways data breach illustrated that railway IT/OT boundary security needs urgent attention.
- Metro rail systems in 18+ Indian cities operate independent OT environments with varying security maturity.
- NCIIPC designates transport as critical infrastructure; sector-specific OT security requirements are developing.
What Makes Indian Railways OT Security Uniquely Complex?
Indian Railways' OT environment is uniquely complex for three reasons. Scale: a network spanning the entire subcontinent, with systems from multiple technology generations operating simultaneously. Criticality: signalling and interlocking systems are directly responsible for preventing train collisions - a compromised interlocking is a safety emergency, not just an IT incident. Modernisation velocity: Kavach (Train Collision Avoidance System), automatic train protection, and communication-based train control (CBTC) on metro lines are being deployed rapidly, creating new OT environments before security frameworks for old systems have been fully implemented.
Kavach, India's indigenous ATP system being deployed across the Indian Railways network, uses radio communication between trains and trackside transponders to provide collision avoidance. The cybersecurity of Kavach's communication protocols and control systems is a national safety issue: if Kavach can be manipulated to disable collision warnings or inject false track occupation signals, the safety system becomes the attack vector. Railway Research Design and Standards Organisation (RDSO) cybersecurity standards for Kavach and other signalling systems are critical national infrastructure requirements. (RDSO, 2025)
[CHART: Indian Railways OT stack - signalling, TCMS, traction, operations - and security zones - Source: Opsio]How Is Port OT Being Modernised Under Sagarmala?
Sagarmala Programme's port modernisation investments include terminal automation (automated cranes, straddle carriers, AGVs), Vessel Traffic Management Systems (VTMS), port community systems integrating customs and logistics, and cargo tracking systems. Each of these introduces OT or OT-adjacent systems that control physical infrastructure. Automated cranes at JNPT (Jawaharlal Nehru Port Trust) and Mundra use PLC-controlled systems that, if compromised, can create physical safety risks. VTMS at major ports guides vessel movements in restricted channels where a false navigational instruction could cause a grounding or collision. (Sagarmala, 2025)
Indian port OT security is complicated by the multi-operator environment of most major ports. JNPT hosts multiple terminal operators (APM Terminals, DP World, Maersk-APMT Gateway) alongside the port authority itself. Each operator runs independent OT systems that must interoperate at the port community level. Security governance across this multi-stakeholder environment requires formal agreements, shared standards, and coordination mechanisms that most Indian ports are still developing.
Cyber Incidents Affecting Indian Transport
The 2022 data breach at South Western Railway zone of Indian Railways, which exposed data from millions of passenger records, illustrated the inadequacy of IT security at Indian Railways. While that incident was primarily an IT breach, it demonstrated the network access that attackers can achieve in railway systems - network access that, without adequate segmentation, could reach OT systems including operations management and potentially signalling support systems. The 2021 attack on Jawaharlal Nehru Port Trust's IT systems caused significant disruption to port operations for two days, affecting cargo throughput and demonstrating the dependencies between IT and OT in port operations. (CERT-In, 2022)
Need expert help with ot security in indian transport and logistics?
Our cloud architects can help you with ot security in indian transport and logistics — from strategy to implementation. Book a free 30-minute advisory call with no obligation.
What OT Security Controls Are Needed for Transport Infrastructure?
Transport sector OT security requires controls tailored to the safety-critical nature of the systems involved. For Indian Railways, the most critical requirements are: separation of signalling OT from operations management IT through robust network boundaries, authentication and integrity protection for signalling communication protocols (including Kavach), physical security for signalling equipment locations, and monitoring that can detect anomalous signalling states without introducing latency that affects train operation. Safety instrumented systems must be verified to meet both functional safety (IEC 61508) and cybersecurity requirements simultaneously.
For ports and logistics, OT security focuses on: access control for automated equipment systems (cranes, AGVs, conveyors), network segmentation between terminal OT and port community IT systems, authentication for VTMS operator workstations, and monitoring of cargo tracking systems for data integrity. Supply chain attack surface at ports is significant: connectivity with shipping lines, freight forwarders, customs systems, and logistics providers creates numerous entry points that need managed interfaces rather than open connections.
OT network segmentation guide for IndiaHow Are Indian Metro Rail Systems Approaching OT Security?
India now operates metro rail systems in 20-plus cities, with more under construction. Each metro network operates independent OT: CBTC for signalling, integrated supervisory control (ISC) for traction and station systems, automatic fare collection systems, and passenger information systems. Delhi Metro Rail Corporation (DMRC), the most mature Indian metro operator, has established dedicated cybersecurity functions that cover OT systems. Newer metro systems being commissioned in tier-2 cities are building cybersecurity requirements into procurement specifications from inception, reflecting lessons learned from earlier metro deployments. (DMRC, 2025)
Metro OT security is complicated by the IT-adjacent nature of many metro systems. Automatic fare collection, passenger information, and train management systems all process passenger and operational data in ways that create interfaces with enterprise IT. These interfaces must be managed carefully to prevent IT-side compromises from reaching OT. DMRC's experience with managing these interfaces, built over two decades of operation, provides a model that newer metro operators can reference.
Frequently Asked Questions
Has there been a cyber attack on Indian railway signalling systems?
No confirmed cyber attack on Indian railway signalling OT has been publicly documented as of 2025. The 2022 South Western Railway data breach affected IT systems and passenger data. CERT-In has issued advisories about cyber threats to railway infrastructure and has noted reconnaissance activity against Indian railway IT systems. The absence of confirmed OT signalling incidents likely reflects both the current separation between IT and OT in much of the Indian Railways network and under-monitoring rather than absence of threat. (CERT-In, 2022)
What are the Kavach cybersecurity requirements?
RDSO has published cybersecurity requirements for Kavach ATP system components as part of the system specification standards. These requirements cover communication protocol security, device authentication, tamper detection, and software integrity verification. Implementation of Kavach cybersecurity requirements is the responsibility of the system integrators and equipment suppliers who must demonstrate compliance as part of RDSO certification. The specific technical requirements are detailed in RDSO specification documents available to certified system suppliers. (RDSO, 2025)
What OT security standards apply to Indian ports?
Indian ports are subject to NCIIPC guidelines for critical infrastructure, the International Ship and Port Facility Security (ISPS) Code for maritime security (which has cyber elements), and CERT-In's incident reporting requirements. The International Maritime Organization's Maritime Cyber Risk Management guidelines (MSC-FAL.1/Circ.3) provide a reference framework for port and maritime OT cybersecurity that aligns with NIST CSF. Sagarmala Programme cybersecurity requirements for funded port modernisation projects are specified in project guidelines from the Ministry of Ports. (Ministry of Ports, 2025)
How should Indian airports approach OT security?
Indian airports operate OT systems including runway and taxiway lighting control, baggage handling systems, airfield ground lighting, HVAC for terminal buildings, and airport operations control. The Airports Authority of India (AAI) and private airport operators (GMR, GVK, Adani Airport Holdings) have varying OT security maturity. Airport OT security should focus on separation of airfield OT from terminal IT systems, access control for baggage system PLCs, and monitoring of critical safety systems. BCAS (Bureau of Civil Aviation Security) cybersecurity guidelines for airports are developing to address OT-specific requirements. (AAI, 2025)
Does OT security apply to highway toll and traffic management systems?
Yes. National Highway Authority of India (NHAI) operates FASTag-based electronic toll collection infrastructure and Integrated Traffic Management Systems (ITMS) at major corridors. These systems - which control toll barriers, traffic signals, variable message signs, and incident detection - are OT environments. ITMS systems at major Indian highways use PLCs and SCADA components that require security controls. FASTag infrastructure, while primarily an IT/IoT system, has OT interfaces at toll plazas. NHAI's digital infrastructure is subject to CERT-In reporting requirements and NCIIPC classification as critical infrastructure. (NHAI, 2025)
Securing the Arteries of India's Economy
India's transport and logistics infrastructure is the physical foundation of economic activity. Railways, ports, and logistics systems move the goods, materials, and people that make the economy function. The OT systems controlling this infrastructure are increasingly connected, increasingly sophisticated, and increasingly targeted. Securing them is not a technical exercise - it is an economic and national security imperative.
The transport sector's OT security journey is at an earlier stage than energy and manufacturing in India. The regulatory framework is still developing. Technical standards for specific transport OT domains are being written now. The organisations that invest in OT security leadership today - building the capabilities, governance, and standards that the sector needs - will not only protect their own operations but will shape the norms that the entire sector follows.
For transport and logistics OT security advisory, visit our OT security services for India.
About the Author
Country Manager, Sweden at Opsio
AI, DevOps, Security, and Cloud Solutioning. 12+ years leading enterprise cloud transformation across Scandinavia
Editorial standards: This article was written by a certified practitioner and peer-reviewed by our engineering team. We update content quarterly to ensure technical accuracy. Opsio maintains editorial independence — we recommend solutions based on technical merit, not commercial relationships.