Research output: Contribution to conference - Without ISBN/ISSN › Conference paper › peer-review
Research output: Contribution to conference - Without ISBN/ISSN › Conference paper › peer-review
}
TY - CONF
T1 - A Reference Architecture for Integrating Safety and Security Applications on Railway Command and Control Systems
AU - Birkholz, Henk
AU - Krauß, Christoph
AU - Zhdanova, Maria
AU - Kuzhiyelil, Don
AU - Arul, Tolga
AU - Heinrich, Markus
AU - Katzenbeisser, Stefan
AU - Suri, Neeraj
AU - Vateva-Gurova, Tsvetoslava
AU - Schlehuber, Christian
PY - 2018/6/25
Y1 - 2018/6/25
N2 - In critical infrastructures such as railway systems, the continuous and resilient availability of safety critical functions residing on actuator and sensor components must be ensured. Since these components are also more and more connected using the Internet Protocol (IP), they additionally require security functions to provide protection against attackers. Moreover, the railway infrastructure is highly distributed, with its critical components residing at the track side easily accessible to attackers. Thus, a continuous proofing that the safety-critical systems are not manipulated is required, too. The (safety) certification of such safety-critical systems covers both the hardware components and corresponding software components that compose a specific safety-critical application. Since security functions are currently not in use, they are not part of the certification. However, the integration of security functions is imperative to provide the basis for preventing or detecting manipulations of the system. In essence, co-residing security functions are required to retain and assure the trusted interoperability of safety critical systems integrated in the rapidly growing number of newly deployed control networks based on the IP. Thus, it is required that a given safety certification (and the given guarantees) must not be violated by the integration of security functions. In this paper, we present the first results of the ongoing HASELNUSS project1 by introducing the Haselnuss Reference Architecture (HRA) for Railway Command and Control Systems (CCS), that allows uncertified security functions to reside on the same hardware device as certified safety functions; without voiding the certification of these safety functions.
AB - In critical infrastructures such as railway systems, the continuous and resilient availability of safety critical functions residing on actuator and sensor components must be ensured. Since these components are also more and more connected using the Internet Protocol (IP), they additionally require security functions to provide protection against attackers. Moreover, the railway infrastructure is highly distributed, with its critical components residing at the track side easily accessible to attackers. Thus, a continuous proofing that the safety-critical systems are not manipulated is required, too. The (safety) certification of such safety-critical systems covers both the hardware components and corresponding software components that compose a specific safety-critical application. Since security functions are currently not in use, they are not part of the certification. However, the integration of security functions is imperative to provide the basis for preventing or detecting manipulations of the system. In essence, co-residing security functions are required to retain and assure the trusted interoperability of safety critical systems integrated in the rapidly growing number of newly deployed control networks based on the IP. Thus, it is required that a given safety certification (and the given guarantees) must not be violated by the integration of security functions. In this paper, we present the first results of the ongoing HASELNUSS project1 by introducing the Haselnuss Reference Architecture (HRA) for Railway Command and Control Systems (CCS), that allows uncertified security functions to reside on the same hardware device as certified safety functions; without voiding the certification of these safety functions.
U2 - 10.5281/zenodo.1314095
DO - 10.5281/zenodo.1314095
M3 - Conference paper
T2 - International Workshop on MILS
Y2 - 25 June 2018 through 25 June 2018
ER -