How secure is ERTMS?
Gashi, I., Bloomfield, R., Bloomfield, R. E. & Stroud, R. (2012). How secure is ERTMS?. Paper presented at the Workshop on Dependable and Secure Computing for Large-scale Complex Critical Infrastructures (DESEC4LCCI), 25 September 2012, Herrenkrug, Germany.
Abstract
This paper reports on the results of a security analysis of the European Railway Traffic Management System (ERTMS) specifications. ERTMS is designed to be fail-safe and the general philosophy of ‘if in doubt, stop the train’ makes it difficult to engineer a train accident. However, it is possible to exploit the fail-safe behaviour of ERTMS and create a situation that causes a train to halt. Thus, denial of service attacks are possible, and could be launched at a time and place of the attacker’s choosing, perhaps designed to cause maximum disruption or passenger discomfort. Causing an accident is more difficult but not impossible.
| Publication Type: | Conference or Workshop Item (Paper) |
|---|---|
| Additional Information: | Co-hosted with the he 31st International Conference on Computer Safety, Reliability and Security (SAFECOMP) 2012 conference. |
| Publisher Keywords: | security assessment, safety-critical systems, ERTMS, railway signaling systems, safety and security interactions |
| Subjects: | Q Science > QA Mathematics > QA76 Computer software Z Bibliography. Library Science. Information Resources > ZA Information resources > ZA4050 Electronic information resources |
| Departments: | School of Science & Technology > Computer Science > Software Reliability |
Download (316kB) | Preview
Export
Downloads
Downloads per month over past year
Metadata
MetadataActions (login required)
Admin Login