Abstract: This paper proposed a security detection scheme for source code of railway application system based on a combination of automated tool detection and manual detection to address the common issues of high false positive and false negative rates in the detection of security defects in railway application system source code tools. The paper elaborated on the process of source code security detection in railway application systems, used automated detection tools to detect source code from multiple dimensions such as code structure, vocabulary, data flow, control flow, and security rule matching. It also introduced manual detection mechanisms and used methods such as keyword detection and business logic detection to supplement and analyze the automated inspection results, achieving efficient and accurate identification of source code security defects in railway application systems. The experimental results show that this scheme can significantly improve the quality and efficiency of security detection of railway application system source code, provide technical support for the security protection of railway application systems.