Title | Implementing a Security Architecture for Safety-Critical Railway Infrastructure |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Eckel, Michael, Kuzhiyelil, Don, Krauß, Christoph, Zhdanova, Maria, Katzenbeisser, Stefan, Cosic, Jasmin, Drodt, Matthias, Pitrolle, Jean-Jacques |
Conference Name | 2021 International Symposium on Secure and Private Execution Environment Design (SEED) |
Keywords | certification, composability, information technology, Kernel, MILS, pubcrawl, Rail transportation, railway, resilience, Resiliency, Safety, security, TPM, trusted platform modules |
Abstract | The digitalization of safety-critical railroad infrastructure enables new types of attacks. This increases the need to integrate Information Technology (IT) security measures into railroad systems. For that purpose, we rely on a security architecture for a railway object controller which controls field elements that we developed in previous work. Our architecture enables the integration of security mechanisms into a safety-certified railway system. In this paper, we demonstrate the practical feasibility of our architecture by using a Trusted Platform Module (TPM) 2.0 and a Multiple Independent Levels of Safety and Security (MILS) Separation Kernel (SK) for our implementation. Our evaluation includes a test bed and shows how certification and homologation can be achieved. |
DOI | 10.1109/SEED51797.2021.00033 |
Citation Key | eckel_implementing_2021 |