Implementing a Security Architecture for Safety-Critical Railway Infrastructure

Eckel, Michael; Kuzhiyelil, Don; Krauß, Christoph; Zhdanova, Maria; Katzenbeisser, Stefan; Cosic, Jasmin; Drodt, Matthias; Pitrolle, Jean-Jacques

doi:10.1109/SEED51797.2021.00033

2021

Conference Paper

Abstract

The digitalization of safety-critical railroad infrastructure enables new types of attacks. This increases the need to integrate Information Technology (IT) security measures into railroad systems. For that purpose, we rely on a security architecture for a railway object controller which controls field elements that we developed in previous work. Our architecture enables the integration of security mechanisms into a safety-certified railway system. In this paper, we demonstrate the practical feasibility of our architecture by using a Trusted Platform Module (TPM) 2.0 and a Multiple Independent Levels of Safety and Security (MILS) Separation Kernel (SK) for our implementation. Our evaluation includes a test bed and shows how certification and homologation can be achieved.

Author(s)

Eckel, Michael

Kuzhiyelil, Don

Krauß, Christoph

Zhdanova, Maria

Katzenbeisser, Stefan

Cosic, Jasmin

Drodt, Matthias

Pitrolle, Jean-Jacques

Mainwork

International Symposium on Secure and Private Execution Environment Design, SEED 2021. Proceedings

Conference

International Symposium on Secure and Private Execution Environment Design (SEED) 2021

Options

Implementing a Security Architecture for Safety-Critical Railway Infrastructure