The surveillance activity of road works is regulated in most of the European countries by laws or directives and, although differing one from the other mainly in the frequency of inspections, these rules indicate ways of operating substantially similar to that prescribed in Italy.

In Italy the regulatory reference is represented by the Ministerial Circular No. 6736‐61‐A1 of 19/07/1967 "Control of the stability conditions of road works" (Circolare Ministeriale n° 6736‐61‐A1 del 19/7/67 “Controllo delle condizioni di stabilità delle opere d’arte stradali”).

The “main Inspection” of bridges and viaducts essentially aims to assess the level of damage to the works, identifying those for which it is necessary to schedule a maintenance intervention.

In particular, the main inspection to be performed only on major works typically on an annual basis. Therefore this “Main Inspection” differs from the “Recurring Inspection” which is performed on all works and more frequently.

Differing from the thorough inspection, the main inspection does not provide for the execution of tests and investigations (destructive or non-destructive) which may possibly be activated following the closure of the main inspection, thus initiating the further level of investigation.

Modern railway systems increasingly use IT equipment and devices for the control, monitoring and communication activities of both the grounded infrastructure and on board vehicles.

For reasons of cost reduction and use of technological developments destined for the civil and industrial market, the increasingly widespread trend is to use non-proprietary or standardized hardware, softwares, and communication protocols (COTS - Commercial off the shelf).

However, this choice implicates the risk of exposing oneself to cyber attacks based on methodologies developed to be aimed at conventional targets which are much more frequent since information relating to commercial systems is much more in the public domain. Such attacks can be particularly critical in railway systems as they are intended to transport hundreds of people per train and their safety cannot be jeopardized.

It is therefore necessary to effectively counter these attacks also to avoid the risk of a possible easy persecution by cyber criminals interested in blackmailing (Ransomware) the managers to obtain large profits. Therefore, it is necessary to adopt suitable design choices and construction solutions to contain these risks in compliance with the standards relating to Rail Cybersecurity issues such as the CENELEC TS 50701 technical specification and the IEC 62443 series.