Home > Research > Publications & Outputs > A Reference Architecture for Integrating Safety...

Text available via DOI:

View graph of relations

A Reference Architecture for Integrating Safety and Security Applications on Railway Command and Control Systems

Research output: Contribution to conference - Without ISBN/ISSN Conference paperpeer-review

Published

Standard

A Reference Architecture for Integrating Safety and Security Applications on Railway Command and Control Systems. / Birkholz, Henk; Krauß, Christoph; Zhdanova, Maria et al.
2018. Paper presented at International Workshop on MILS, Luxembourg, Luxembourg.

Research output: Contribution to conference - Without ISBN/ISSN Conference paperpeer-review

Harvard

Birkholz, H, Krauß, C, Zhdanova, M, Kuzhiyelil, D, Arul, T, Heinrich, M, Katzenbeisser, S, Suri, N, Vateva-Gurova, T & Schlehuber, C 2018, 'A Reference Architecture for Integrating Safety and Security Applications on Railway Command and Control Systems', Paper presented at International Workshop on MILS, Luxembourg, Luxembourg, 25/06/18 - 25/06/18. https://doi.org/10.5281/zenodo.1314095

APA

Birkholz, H., Krauß, C., Zhdanova, M., Kuzhiyelil, D., Arul, T., Heinrich, M., Katzenbeisser, S., Suri, N., Vateva-Gurova, T., & Schlehuber, C. (2018). A Reference Architecture for Integrating Safety and Security Applications on Railway Command and Control Systems. Paper presented at International Workshop on MILS, Luxembourg, Luxembourg. https://doi.org/10.5281/zenodo.1314095

Vancouver

Birkholz H, Krauß C, Zhdanova M, Kuzhiyelil D, Arul T, Heinrich M et al.. A Reference Architecture for Integrating Safety and Security Applications on Railway Command and Control Systems. 2018. Paper presented at International Workshop on MILS, Luxembourg, Luxembourg. doi: 10.5281/zenodo.1314095

Author

Birkholz, Henk ; Krauß, Christoph ; Zhdanova, Maria et al. / A Reference Architecture for Integrating Safety and Security Applications on Railway Command and Control Systems. Paper presented at International Workshop on MILS, Luxembourg, Luxembourg.4 p.

Bibtex

@conference{75f744f5241a4e76a2397191c05cf5d0,
title = "A Reference Architecture for Integrating Safety and Security Applications on Railway Command and Control Systems",
abstract = "In critical infrastructures such as railway systems, the continuous and resilient availability of safety critical functions residing on actuator and sensor components must be ensured. Since these components are also more and more connected using the Internet Protocol (IP), they additionally require security functions to provide protection against attackers. Moreover, the railway infrastructure is highly distributed, with its critical components residing at the track side easily accessible to attackers. Thus, a continuous proofing that the safety-critical systems are not manipulated is required, too. The (safety) certification of such safety-critical systems covers both the hardware components and corresponding software components that compose a specific safety-critical application. Since security functions are currently not in use, they are not part of the certification. However, the integration of security functions is imperative to provide the basis for preventing or detecting manipulations of the system. In essence, co-residing security functions are required to retain and assure the trusted interoperability of safety critical systems integrated in the rapidly growing number of newly deployed control networks based on the IP. Thus, it is required that a given safety certification (and the given guarantees) must not be violated by the integration of security functions. In this paper, we present the first results of the ongoing HASELNUSS project1 by introducing the Haselnuss Reference Architecture (HRA) for Railway Command and Control Systems (CCS), that allows uncertified security functions to reside on the same hardware device as certified safety functions; without voiding the certification of these safety functions.",
author = "Henk Birkholz and Christoph Krau{\ss} and Maria Zhdanova and Don Kuzhiyelil and Tolga Arul and Markus Heinrich and Stefan Katzenbeisser and Neeraj Suri and Tsvetoslava Vateva-Gurova and Christian Schlehuber",
year = "2018",
month = jun,
day = "25",
doi = "10.5281/zenodo.1314095",
language = "English",
note = " International Workshop on MILS : Architecture and Assurance for Secure Systems ; Conference date: 25-06-2018 Through 25-06-2018",

}

RIS

TY - CONF

T1 - A Reference Architecture for Integrating Safety and Security Applications on Railway Command and Control Systems

AU - Birkholz, Henk

AU - Krauß, Christoph

AU - Zhdanova, Maria

AU - Kuzhiyelil, Don

AU - Arul, Tolga

AU - Heinrich, Markus

AU - Katzenbeisser, Stefan

AU - Suri, Neeraj

AU - Vateva-Gurova, Tsvetoslava

AU - Schlehuber, Christian

PY - 2018/6/25

Y1 - 2018/6/25

N2 - In critical infrastructures such as railway systems, the continuous and resilient availability of safety critical functions residing on actuator and sensor components must be ensured. Since these components are also more and more connected using the Internet Protocol (IP), they additionally require security functions to provide protection against attackers. Moreover, the railway infrastructure is highly distributed, with its critical components residing at the track side easily accessible to attackers. Thus, a continuous proofing that the safety-critical systems are not manipulated is required, too. The (safety) certification of such safety-critical systems covers both the hardware components and corresponding software components that compose a specific safety-critical application. Since security functions are currently not in use, they are not part of the certification. However, the integration of security functions is imperative to provide the basis for preventing or detecting manipulations of the system. In essence, co-residing security functions are required to retain and assure the trusted interoperability of safety critical systems integrated in the rapidly growing number of newly deployed control networks based on the IP. Thus, it is required that a given safety certification (and the given guarantees) must not be violated by the integration of security functions. In this paper, we present the first results of the ongoing HASELNUSS project1 by introducing the Haselnuss Reference Architecture (HRA) for Railway Command and Control Systems (CCS), that allows uncertified security functions to reside on the same hardware device as certified safety functions; without voiding the certification of these safety functions.

AB - In critical infrastructures such as railway systems, the continuous and resilient availability of safety critical functions residing on actuator and sensor components must be ensured. Since these components are also more and more connected using the Internet Protocol (IP), they additionally require security functions to provide protection against attackers. Moreover, the railway infrastructure is highly distributed, with its critical components residing at the track side easily accessible to attackers. Thus, a continuous proofing that the safety-critical systems are not manipulated is required, too. The (safety) certification of such safety-critical systems covers both the hardware components and corresponding software components that compose a specific safety-critical application. Since security functions are currently not in use, they are not part of the certification. However, the integration of security functions is imperative to provide the basis for preventing or detecting manipulations of the system. In essence, co-residing security functions are required to retain and assure the trusted interoperability of safety critical systems integrated in the rapidly growing number of newly deployed control networks based on the IP. Thus, it is required that a given safety certification (and the given guarantees) must not be violated by the integration of security functions. In this paper, we present the first results of the ongoing HASELNUSS project1 by introducing the Haselnuss Reference Architecture (HRA) for Railway Command and Control Systems (CCS), that allows uncertified security functions to reside on the same hardware device as certified safety functions; without voiding the certification of these safety functions.

U2 - 10.5281/zenodo.1314095

DO - 10.5281/zenodo.1314095

M3 - Conference paper

T2 - International Workshop on MILS

Y2 - 25 June 2018 through 25 June 2018

ER -