Securing the Amsterdam Metro Underground
The Amsterdam Metro is a mixed rapid transit
and light rail system in Amsterdam and its surrounding
municipalities: Amstelveen, Diemen and
Ouder-Amstel in the Netherlands. The network is
owned by the city of Amsterdam and operated by
the Gemeentelijk Vervoerbedrijf (GVB), the company that also
operates trams, ferries and local buses.
Underground Lock System
The lock system of the Amsterdam underground is quite extensive
and includes 2,574 cylinders. GVB was able to find and implement a
system that solved their key issues as well as environmental issues. We
will take a look at the challenge Amsterdam Metro is facing, the CyberLock
system, the solution, and finally, how CyberLock’s system
benefit Amsterdam Metro.
In the Amsterdam underground, a cylinder has a lot to endure.
must be resistant to burglary attempts, vandalism, manipulation, corrosion
and rough handling. Even if it’s strong enough to withstand
all of these, the life of a lock can be severely shorted if a vital key
“We used to have a mechanical lock system, but we were constantly
facing problems with lost keys,” said Frank de Vries, security
manager of the Amsterdam underground stations. “Since replacing
all cylinders would be a rather costly affair, we only replaced those
that the lost key could open. In doing so, we eventually ended up with
huge key rings.”
CyberLock is a key-centric access control solution. The power is
completely in the key. Each key contains a unique ID that cannot be
changed or duplicated. These keys have the ability to store thousands
of access events such as lock ID, date and time and event type.
The keys carry access schedules for the specific key holder and
retain encrypted access codes that bind the key to a specific system.
Each key contains a specific list of authorized locks and a schedule of
when they may be accessed. For example, a key can be programmed
to allow access to one or several locks from 8 a.m. to 6 p.m. on weekdays
and 10 a.m. to 4 p.m. on Saturdays.
If presented outside of this schedule it is denied access. As for
key expirations, keys can be assigned a start date and an expiration
date which means keys can be issued before they become active, and
can be set to expire on a regular basis in the future. Key holders must
reauthorize keys before access will be granted again. Setting shortterm
expiration dates is an excellent way to minimize risk due to lost
or stolen keys.
When a key first makes contact, the key energizes the lock. A split
second exchange of information determines if a key is at an approved
lock within an authorized time frame. Access is then either granted or
denied and that action, along with a date and time stamp, is recorded
to the memories of both the key and the lock. These features were
crucial in Amsterdam Metro’s need to get rid of the huge key rings
the employees were carrying around and with the programmability
and expiration date of the keys, re-keying will never be in the Amsterdam
Because diversity of communication was necessary for Amsterdam
Metro, the devices they selected served as an interface between the
hardware and software. Key holders were given access privileges as
needed. An audit trail also could be downloaded from the key while
simultaneously uploading new schedules, permissions and system information.
The system is able to keep track of keep track of remote
and on ground employees.
The GVB decided to look for another way to protect its station
entrances and restrict access to equipment rooms. Under consideration
were various alternatives, including electronic access systems
and remote card readers; however, these solutions were not resistant
to water, frost or vandalism. GVB felt the diversity of electronic cylinder
locks made it easy for GVB to convert all locks by retrofitting
all their existing hardware on site. Access privileges are distributed to
key holders via communicators. These devices are linked to the software
over a local area network or securely over the Internet.
Met with some skepticism from some managers, GVB officials
held firm to their decision.
“Initially, this system was received with some skepticism; there
were a few complaints from managers who were no longer able to
open certain doors—doors they should not have been able to open to
begin with,” de Vries said. “Within a month, all cylinders had been
replaced, including those in doors with very uncommon profiles. We
have not had to adjust a single lock, and the installation of the cylinders
was easily done by our own locksmith.”
Since re-keying was a costly option, and CyberLock’s electronic
cylinders were installed without wiring, Amsterdam Metro was able
to stay in budget, as the price for a lock is one-tenth the cost for
a hardwired system. Since the implementation of CyberLock at the
GVB, de Vries has received visits from colleagues of nearly all Dutch
transport companies wanting to learn more about the system that has
been such a huge success for Amsterdam Metro.
This article originally appeared in the August 2017 issue of Security Today.