Implementing a Security Architecture for Safety-Critical Railway Infrastructure

AuthorEckel, Michael; Kuzhiyelil, Don; Krauß, Christoph; Zhdanova, Maria; Katzenbeisser, Stefan; Cosic, Jasmin; Drodt, Matthias; Pitrolle, Jean-Jacques
TypeConference Paper
AbstractThe digitalization of safety-critical railroad infrastructure enables new types of attacks. This increases the need to integrate Information Technology (IT) security measures into railroad systems. For that purpose, we rely on a security architecture for a railway object controller which controls field elements that we developed in previous work. Our architecture enables the integration of security mechanisms into a safety-certified railway system. In this paper, we demonstrate the practical feasibility of our architecture by using a Trusted Platform Module (TPM) 2.0 and a Multiple Independent Levels of Safety and Security (MILS) Separation Kernel (SK) for our implementation. Our evaluation includes a test bed and shows how certification and homologation can be achieved.
ConferenceInternational Symposium on Secure and Private Execution Environment Design (SEED) 2021