Zone-based security architecture for intra-vehicular wireless communication

What is claimed is: 1. A vehicular communication system, comprising: a plurality of network hardware configured for operable coupling with a vehicle system, the plurality of network hardware being configured to establish a secured network segment including a plurality of secure zones on the vehicle system, each secure zone comprising a network zone to which predefined authorized users have access and unauthorized users do not have access, the secure zones each configured for network linking of a respective plurality of node devices; wherein the plurality of network devices hardware are further configured to establish one or more single points of security each associated with a respective one of the plurality of secure zones on the vehicle system, for providing communication security for the secure zones; and wherein the plurality of network devices hardware are further configured to establish a secure wireless communication tunnel and a public network segment contains a wireless channel on the vehicle system configured to wirelessly transport data traffic between the secure zones. 2. The system of claim 1 , wherein the plurality of network hardware are configured for the communication security, provided by the respective single point of security associated with each secure zone, to be established at least at a network layer level. 3. The system of claim 1 , wherein the plurality of network hardware are configured for the communication security, provided by the respective single point of security associated with each secure zone, to be established at least in part by generating a secure wireless communication tunnel between any two of the plurality of secure zones. 4. The system of claim 1 , wherein the data traffic includes private vehicle control data and signaling data. 5. The system of claim 1 , wherein the data traffic includes public user data. 6. The system of claim 1 , wherein the plurality of node devices include one or more legacy equipment devices operatively connected to wired infrastructure. 7. The system of claim 1 , wherein at least one of the plurality of network hardware which are configured to establish the single points of security respectively associated with the secure zones comprises a respective one of a router or a switch. 8. A vehicular communication system, comprising: a first edge hardware device associated with a first secure zone at a first location in a vehicle system and configured to be communicatively coupled with a first plurality of node devices of the first secure zone, for providing a first point of security for the first secure zone; a second edge hardware device associated with a second secure zone at a second location in the vehicle system and configured to be communicatively coupled with a second plurality of node devices of the second secure zone, for providing a second point of security for the second secure zone; a first wireless transponder operatively coupled to the first edge hardware device; and a second wireless transponder operatively coupled to the second edge hardware device, the first edge hardware device and the second edge hardware device configured to establish a first secure wireless communication tunnel and a public network segment contains a wireless channel between the first secure zone and the second secure zone via the first wireless transponder and the second wireless transponder; wherein each secure zone comprises a network zone to which predefined authorized users have access and unauthorized users do not have access. 9. The system of claim 8 , wherein the first edge hardware device and the second edge hardware device are configured to establish communication security between the first secure zone and the second secure zone at least at a network layer level. 10. The system of claim 8 , wherein: two or more of the first plurality of node devices are configured to communicate with each other within the first secure zone; two or more of the second plurality of node devices are configured to communicate with each other within the second secure zone; and one or more of the first plurality of node devices are configured to communicate with one or more of the second plurality of node devices via the first wireless transponder and the second wireless transponder after establishment of the first secure wireless communication tunnel. 11. The system of claim 8 , wherein each of the first edge hardware device and the second edge hardware device is a respective one of a router or a switch. 12. The system of claim 8 , wherein the vehicle system comprises at least one rail vehicle, and the first plurality of node devices and the second plurality of node devices include electrical equipment associated with the at least one rail vehicle. 13. The system of claim 8 , wherein each of the first secure zone and the second secure zone includes one of an engine room or a control room of the vehicle system. 14. The system of claim 8 , further comprising: a third edge hardware device associated with a third secure zone at a third location in the vehicle system and configured to be communicatively coupled with a third plurality of node devices of the third secure zone, for providing a third point of security for the third secure zone; and a third wireless transponder operatively coupled to the third edge device, the first edge device and the third edge device configured to establish a second secure wireless communication tunnel between the first secure zone and the third secure zone via the first wireless transponder and the third wireless transponder, and the second edge hardware device and the third edge hardware device configured to establish a third secure wireless communication tunnel between the second secure zone and the third secure zone via the second wireless transponder and the third wireless transponder.