Use this URL to cite or link to this record in EThOS:
Title: A systematic development of a secure architecture for the European Rail Traffic Management System
Author: Thomas, Richard James
ISNI:       0000 0004 7972 6882
Awarding Body: University of Birmingham
Current Institution: University of Birmingham
Date of Award: 2019
Availability of Full Text:
Access from EThOS:
Access from Institution:
The European Rail Traffic Management System (ERTMS) is a new signalling scheme that is being implemented worldwide with the aim of improving interoperability and cross-border operation. It is also an example of an Industrial Control System, a safety-critical system which, in recent years, has been subject to a number of attacks and threats. In these systems, safety is the primary concern of the system designers, whilst security is sometimes an afterthought. It is therefore prudent to assure the security for current and future threats, which could affect the safe operation of the railway. In this thesis, we present a systematic security analysis of parts of the ERTMS standard, firstly reviewing the security offered by the protocols used in ERTMS using the ProVerif tool. We will then assess the custom MAC algorithm used by the platform and identify issues that exist in each of the ERTMS protocol layers, and aim to propose solutions to those issues. We also identify a challenge presented by the introduction of ERTMS to National Infrastructure Managers surrounding key management, where we also propose a novel key management scheme, TRAKS, which reduces its complexity. We then define a holistic process for asset owners to carry out their own security assessments for their architectures and consider the unique challenges that are presented by Industrial Control Systems and how these can be mitigated to ensure security of these systems. Drawing conclusions from these analyses, we introduce the notion of a `secure architecture' and review the current compliance of ERTMS against this definition, identifying the changes required in order for it to have a secure architecture, both now and also in the future.
Supervisor: Not available Sponsor: EPSRC
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available
Keywords: QA75 Electronic computers. Computer science ; QA76 Computer software ; TF Railroad engineering and operation