Some recent incidents and analyses have indicated that possibly the vulnerability of IT systems in railway automation has been underestimated so far. Due to several trends, such as the use of commercial IT and communication systems or privatization, the threat potential has increased. This paper discusses the relationship of IT security and functional safety from the perspective of their integrity measures. Recently, reports on IT security incidents related to railways have increased as well as public awareness. For example, it was reported that on December 1, 2011, " hackers, possibly from abroad, executed an attack on a Northwest rail company's computers that disrupted railway signals for two days " [1]. Although the details of the attack and also its consequences remain unclear, this episode clearly shows the threats to which railways are exposed when they rely on modern commercial-off-the-shelf (COTS) communication and computing technology. However, in most cases, the attacks are denial-of-service attacks leading to service interruptions, but so far not to safety-critical incidents. Many other attacks that have been reported or have been claimed to be possible, could fortunately be shown to be unfounded or were oriented towards public relation, e. g. a hack of Nurem-berg's automated metro was performed on an unprotected self-made system [2]. However, in 2014, the German Federal Agency for IT Security (BSI) reported the first successful attack on critical industrial infrastructure. As a consequence a blast furnace was damaged and had to be shut down [3]. What distinguishes railway systems from many critical infrastructures is their inherent distributed and net-worked nature with tens of thousands of track-kilometers for major operators, or even more. Thus, it is not economical to completely protect against physical access to this infrastructure and, as a consequence, railways are very vulnerable to physical denial-of-service attacks leading to service interruptions. Another distinguishing feature of railways from other systems is the long lifetime of their systems and components. Current contracts usually demand support for at least 25 years and history has shown that many systems , e.g. mechanical or relay interlockings, last much longer. IT security analyses have to take into account such long lifespans. Some of the technical problems are not railway-specific, but are shared by a few other sectors such as Air Traffic Management. Publications and presentations related to IT security in the railway domain are increasing. Some are particularly targeted at the use of public networks such as Ethernet or GSM for railway purposes, while others directly pose the question " Could rail signals be hacked to cause crashes? " [4]. While in railway automation harmonized functional safety standards were elaborated more than a decade ago, up to now no harmonized international IT security requirements for railway automation exist. This paper starts with a discussion of the normative background and then discusses the similarities and dis-similarities of IT security and functional safety, in particular from the point of view of their integrity measure Security Level (SL) and Safety Integrity Level (SIL), respectively. In particular the requirements for SL and SIL are compared, e. g. which SL can be covered by SIL.