Simulating rail traffic management with Trusted Computing
Bäckman, Ronny (2020)
Bäckman, Ronny
2020
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2020052714334
https://urn.fi/URN:NBN:fi:amk-2020052714334
Tiivistelmä
The railway traffic management and security system are undergoing a renewal. Computer based systems are becoming the backbone that control moving trains. At the same time, cyber-attacks are becoming more common in the sphere of industrial control systems. The purpose of this thesis is to show how the trusted computing module can help mitigating attacks on industrial control systems.
The thesis introduces the basic framework of social trust and the options available to expand that trust into the computer domain with the trusted platform module and attestation. Industrial control system attacks such as Stuxnet, Triton and Industroyer are introduced to present vectors on how the railway security system can be targeted in a cyber-physical attack. The thesis also briefly examines the Finnish Railway security system and traffic management.
Study was conducted by means of intervention methodology. A background study was made concerning the implementation of a simulation environment for testing integrity failures in rail traffic. Testing was conducted to find out if integrity measurements are needed in this environment.
The findings show that attacks can generate incidents that can be noticed by monitoring firmware integrity. The study also shows that in a rail security environment where measured boot and attestation have been implemented, integrity deviations are not only easily noticed but also possible to pinpoint.
The simulation framework developed in this study uses containers to simulate devices. Admittedly this is a limited approach when measuring firmware integrity. Containers illustrating the firmware startup and runtime, can adequately showcase complex structures of attestation with multiple devices. The scope of the study we hope to expand into testing on real rail security systems.
The thesis introduces the basic framework of social trust and the options available to expand that trust into the computer domain with the trusted platform module and attestation. Industrial control system attacks such as Stuxnet, Triton and Industroyer are introduced to present vectors on how the railway security system can be targeted in a cyber-physical attack. The thesis also briefly examines the Finnish Railway security system and traffic management.
Study was conducted by means of intervention methodology. A background study was made concerning the implementation of a simulation environment for testing integrity failures in rail traffic. Testing was conducted to find out if integrity measurements are needed in this environment.
The findings show that attacks can generate incidents that can be noticed by monitoring firmware integrity. The study also shows that in a rail security environment where measured boot and attestation have been implemented, integrity deviations are not only easily noticed but also possible to pinpoint.
The simulation framework developed in this study uses containers to simulate devices. Admittedly this is a limited approach when measuring firmware integrity. Containers illustrating the firmware startup and runtime, can adequately showcase complex structures of attestation with multiple devices. The scope of the study we hope to expand into testing on real rail security systems.