Stroud, R. & Gashi, I. (2012). Methodology for a security audit of ERTMS. Paper presented at the 42nd IEEE International Conference on Dependable Systems and Networks (DSN) 2012, 25 - 28 June 2012, Boston, USA.
Download (104kB) | Preview
In this paper we discuss the methodology we used for a security audit of the European Railway Traffic Management System (ERTMS) specifications. ERTMS is a major industrial project that aims at replacing the many different national train control and command systems in Europe. We discuss the stages of the audit, threat model used, and the output of each stage of the audit.
|Item Type:||Conference or Workshop Item (Paper)|
|Additional Information:||© 2012 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works|
|Uncontrolled Keywords:||security review, security audit, ERTMS, safetycritical systems|
|Subjects:||Q Science > QA Mathematics > QA76 Computer software|
|Divisions:||School of Informatics > Centre for Software Reliability|
Actions (login required)
Downloads per month over past year