Digitalisation is transforming the railway globally. One of the major considerations in digital transformation of any industry including the railway is the increased exposure to cyberattacks. The railway industry is vulnerable to these attacks because since the number of digital items and also number of interfaces between digital and physical components in the railway systems keep increasing. Increased number of items and interfaces require new frameworks, concepts and architectures to ensure the railway system’s resilience with respect to cybersecurity challenges, such as lack of proactiveness, lack of holistic perspective and obsolescence of safety systems exposed to current and future cyber threats landscape. To this date, there are several works carried out in the literature that studied the cybersecurity aspects and its application on railway infrastructure. However, to develop and implement an appropriate roadmap to cybersecurity in railways, there is a need of describing emerging challenges, and approaches to deal with these challenges and the possibilities and benefits of these.

Hence, the objective of this paper is to provide a systematic review and outline cybersecurity emerging trends and approaches, and also to identify possible solutions by querying literature, academic and industrial, for future directions. The authors of this paper conducted separate searches through four popular databases, that is, Google Scholar, Scopus, Web of Science and IEEE explore. For the screening process, authors have used keywords with Boolean operators and database filters and identified 90 articles most relevant to the study domain. The analysis of 90 articles shows that majority of the cybersecurity studies lies within the railways are conceptual and lags in application of Artificial Intelligence (AI) based security. Like other industries, it is very important that railways should also follow latest security technologies, trends and train their workforce for cyber hygiene since railways are already in digitalization transition mode.

数字化正在改变全球铁路。包括铁路在内的任何行业数字化转型的主要考虑因素之一是网络攻击风险增加。铁路行业很容易受到这些攻击，因为铁路系统中数字项目的数量以及数字和物理组件之间的接口数量不断增加。越来越多的项目和接口需要新的框架、概念和架构来确保铁路系统在网络安全挑战方面的弹性，例如缺乏主动性、缺乏整体视角以及暴露于当前和未来网络威胁环境的安全系统过时。时至今日，文献中有几项研究网络安全方面及其在铁路基础设施中的应用。然而，为了制定和实施适当的铁路网络安全路线图，需要描述新出现的挑战、应对这些挑战的方法以及这些挑战的可能性和好处。

因此，本文的目的是提供系统回顾和概述网络安全新兴趋势和方法，并通过查询学术和工业文献来确定可能的解决方案，以了解未来的方向。本文作者分别通过 Google Scholar、Scopus、Web of Science 和 IEEE explore 四个热门数据库进行了搜索。在筛选过程中，作者使用了带有布尔运算符和数据库过滤器的关键字，并确定了与研究领域最相关的 90 篇文章。对 90 篇文章的分析表明，铁路领域的大多数网络安全研究都是概念性的，在基于人工智能 (AI) 的安全应用方面存在滞后。与其他行业一样，铁路也应遵循最新的安全技术，这一点非常重要，