Visible to the public Biblio

Filters: Keyword is Communication-Based Train Control  [Clear All Filters]
2022-08-26
Zhang, Fan, Bu, Bing.  2021.  A Cyber Security Risk Assessment Methodology for CBTC Systems Based on Complex Network Theory and Attack Graph. 2021 7th Annual International Conference on Network and Information Systems for Computers (ICNISC). :15—20.

Cyber security risk assessment is very important to quantify the security level of communication-based train control (CBTC) systems. In this paper, a methodology is proposed to assess the cyber security risk of CBTC systems that integrates complex network theory and attack graph method. On one hand, in order to determine the impact of malicious attacks on train control, we analyze the connectivity of movement authority (MA) paths based on the working state of nodes, the connectivity of edges. On the other hand, attack graph is introduced to quantify the probabilities of potential attacks that combine multiple vulnerabilities in the cyber world of CBTC. Experiments show that our methodology can assess the security risks of CBTC systems and improve the security level after implementing reinforcement schemes.

2019-03-15
Lakshminarayana, Subhash, Karachiwala, Jabir Shabbir, Chang, Sang-Yoon, Revadigar, Girish, Kumar, Sristi Lakshmi Sravana, Yau, David K.Y., Hu, Yih-Chun.  2018.  Signal Jamming Attacks Against Communication-Based Train Control: Attack Impact and Countermeasure. Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks. :160-171.
We study the impact of signal jamming attacks against the communication based train control (CBTC) systems and develop the countermeasures to limit the attacks' impact. CBTC supports the train operation automation and moving-block signaling, which improves the transport efficiency. We consider an attacker jamming the wireless communication between the trains or the train to wayside access point, which can disable CBTC and the corresponding benefits. In contrast to prior work studying jamming only at the physical or link layer, we study the real impact of such attacks on end users, namely train journey time and passenger congestion. Our analysis employs a detailed model of leaky medium-based communication system (leaky waveguide or leaky feeder/coaxial cable) popularly used in CBTC systems. To counteract the jamming attacks, we develop a mitigation approach based on frequency hopping spread spectrum taking into account domain-specific structure of the leaky-medium CBTC systems. Specifically, compared with existing implementations of FHSS, we apply FHSS not only between the transmitter-receiver pair but also at the track-side repeaters. To demonstrate the feasibility of implementing this technology in CBTC systems, we develop a FHSS repeater prototype using software-defined radios on both leaky-medium and open-air (free-wave) channels. We perform extensive simulations driven by realistic running profiles of trains and real-world passenger data to provide insights into the jamming attack's impact and the effectiveness of the proposed countermeasure.
2018-10-26
Xu, Zhiheng, Zhu, Quanyan.  2017.  A Game-Theoretic Approach to Secure Control of Communication-Based Train Control Systems Under Jamming Attacks. Proceedings of the 1st International Workshop on Safe Control of Connected and Autonomous Vehicles. :27–34.

To meet the growing railway-transportation demand, a new train control system, communication-based train control (CBTC) system, aims to maximize the ability of train lines by reducing the headway of each train. However, the wireless communications expose the CBTC system to new security threats. Due to the cyber-physical nature of the CBTC system, a jamming attack can damage the physical part of the train system by disrupting the communications. To address this issue, we develop a secure framework to mitigate the impact of the jamming attack based on a security criterion. At the cyber layer, we apply a multi-channel model to enhance the reliability of the communications and develop a zero-sum stochastic game to capture the interactions between the transmitter and jammer. We present analytical results and apply dynamic programming to find the equilibrium of the stochastic game. Finally, the experimental results are provided to evaluate the performance of the proposed secure mechanism.