We present the proposed security architecture Deutsche Bahn plans to deploy to protect its trackside safety-critical signalling system against cyber-attacks. We first present the existing reference interlocking system that is built using standard components. Next, we present a taxonomy to help model the attack vectors relevant for the railway environment. Building upon this, we present the proposed "compartmentalized" defence concept for securing the upcoming signalling systems.
Cite
@article{arxiv.2009.04207,
title = {A Security Architecture for Railway Signalling},
author = {Christian Schlehuber and Markus Heinrich and Tsvetoslava Vateva-Gurova and Stefan Katzenbeisser and Neeraj Suri},
journal= {arXiv preprint arXiv:2009.04207},
year = {2020}
}