Tantek · 上海宝檀信息技术 — 城市轨道交通的网络安全

Securing the systems
that move cities.

让城市轨道的网络，安全可见。

Tantek builds operational-technology cybersecurity for urban rail transit — signaling, SCADA, AFC and PIS — designed around how trains, stations and OCC actually run. Aligned with DB 31/T 1499-2024. 面向 CBTC 信号、综合监控、自动售检票与乘客信息系统的运营技术安全——以 DB 31/T 1499-2024 为对标基线。

21/线路

Lines covered网络规模

523/站

Stations in scope站点覆盖

7×24

SOC continuous不间断运营

C-01

OT & signal hardening

轨交工控与信号加固

Network protection for CBTC, SCADA, FAS, BAS, AFC and PIS. Protocol whitelisting, asset visibility and segmentation engineered for safety-critical systems. 为信号、综合监控、自动售检票、乘客信息等运营技术系统提供边界防护、资产可视化与协议白名单。

CBTC
Thales Seltrac
TRANAVI
Modbus
IEC 61375
EN 50159

C-02

Compliance & baseline

合规建设与等保

Level-3 / Level-4 classified protection delivery, CII designation support, and cryptographic compliance assessment. 面向城轨等保 2.0 三级 / 四级、关基定级、密评，整线对齐 DB 31/T 1499-2024。

等保 III / IV
关基保护
密评
GB/T 22239

C-03

SOC & monitoring

7×24 安全运营中心

Continuous 24/7 monitoring with rail-specific threat intelligence and OT-protocol-aware hunting. 7×24 不间断监测，基于轨交专项威胁情报，OT 协议感知的威胁狩猎，与 OCC 值班体系联动。

MDR
Threat Hunting
Rail TI
OCC Liaison

C-04

Red & blue exercise

红蓝对抗与渗透

Red-team engagements, blue-team drills, code audit and pre-launch security assessment for new lines and major upgrades. 面向新线开通与系统改造的红蓝对抗、代码审计与上线前安全评估，按真实攻击面而非合规清单设计。

Pen-test
Code Audit
Drill
Pre-launch

C-05

Incident response

应急响应与取证

Rapid containment, digital forensics, post-mortem and tabletop drills. On-call retainers for safety-critical operators. 应急响应保留服务、数字取证、事故复盘与桌面演练；对安全关键运营商提供常驻 on-call 留存。

IR Retainer
Forensics
Tabletop
Post-mortem

C-06

Advisory & training

顾问咨询与培训

Architecture review, multi-year roadmap, procurement support and team training—senior advisors with rail-domain background. IT/OT 融合架构评估、多年期安全规划、采购阶段陪审与一线团队培训；顾问均具备轨交一线背景。

Architecture
Roadmap
Procurement
Training

Securing the systems
that move cities.

Six lines of defence,
built for rail.

OT & signal hardening

Compliance & baseline

SOC & monitoring

Red & blue exercise

Incident response

Advisory & training

We build to standard.

The networks we build for.

30 分钟，聊一条线。

Securing the systems that move cities.

Six lines of defence,built for rail.

OT & signal hardening

Compliance & baseline

SOC & monitoring

Red & blue exercise

Incident response

Advisory & training

We build to standard.

The networks we build for.

30 分钟，聊一条线。

Securing the systems
that move cities.

Six lines of defence,
built for rail.