Visible to the public Implementing a Security Architecture for Safety-Critical Railway Infrastructure

TitleImplementing a Security Architecture for Safety-Critical Railway Infrastructure
Publication TypeConference Paper
Year of Publication2021
AuthorsEckel, Michael, Kuzhiyelil, Don, Krauß, Christoph, Zhdanova, Maria, Katzenbeisser, Stefan, Cosic, Jasmin, Drodt, Matthias, Pitrolle, Jean-Jacques
Conference Name2021 International Symposium on Secure and Private Execution Environment Design (SEED)
Keywordscertification, composability, information technology, Kernel, MILS, pubcrawl, Rail transportation, railway, resilience, Resiliency, Safety, security, TPM, trusted platform modules
AbstractThe digitalization of safety-critical railroad infrastructure enables new types of attacks. This increases the need to integrate Information Technology (IT) security measures into railroad systems. For that purpose, we rely on a security architecture for a railway object controller which controls field elements that we developed in previous work. Our architecture enables the integration of security mechanisms into a safety-certified railway system. In this paper, we demonstrate the practical feasibility of our architecture by using a Trusted Platform Module (TPM) 2.0 and a Multiple Independent Levels of Safety and Security (MILS) Separation Kernel (SK) for our implementation. Our evaluation includes a test bed and shows how certification and homologation can be achieved.
DOI10.1109/SEED51797.2021.00033
Citation Keyeckel_implementing_2021