Cybersecurity and Communications Based Train Control CBTC... · Cybersecurity and Communications Based Train ... NIST 800-53 r4 NIST 800-53 r4 Controls and Control Enhancements ...
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
www.thalesgroup.com OPEN
Cybersecurity and Communications Based Train Control
How About Cyberattacks against Signalling Networks?▌ The “Tip of the Iceberg”:
January 2008: a teenage hacked into a Polish tram system using an adapted television remote control, derailing four vehicles as a prank. 12 people were injured in one such derailment. The boy had trespassed at tram depots to gather information and equipment.
December 2011: a Pacific Northwest transportation entity reported that hackers remotely attacked computers from three IPs, disrupting railway signals for two days.
- http://www.wired.com/2012/01/railyway-hack/
July 2012: At DefCon, MIT researchers presented a series of steps against wireless access points and antennas that yielded the theft of an invalid certificates and Siemens login credentials. The team also cloned RFID badges of transportation staff.
May 2015: System passwords attached on top of a station controller’s monitor at one of London’s busiest railway stations were exposed to TV viewers during a BBC documentary broadcast.
October 2015: North Korea is suspected of hacking into a Seoul subway operator in 2014 for several months. Over 210 terminals of control centre and power supplier employees were infected with 58 instances of malware.
o Use of Open wireless networks instead of closed WiFi (LTE or WiMAX) - LTE and WiMAX native security is not enough to protect safety critical systems Auxiliary functions where there is no coverage to the CBTC WiFi network.
Fallback functions – use a redundant fall back link to the WiFI network
Primary link replacing the WiFi network – China mandates the use of LTE
o View only from Untrusted Networks (remote ATS consoles) Dedicated workstation in the Client Data Network (CDN) that needs to VPN to the CBTC
Mobile ATS terminals (e.g. Light Client for maintainer) that connect to the DCS via a public radio network (Internet) with secure command capabilities.
Read-only web-based Remote ATS terminals and Universal terminals that reside on a public network
o ATS Interfaces to External Systems in Untrusted Networks (SCADA, Passenger Information System, Master Clock)
▌ Secure Gateway (SG) – Provides secure application level filtering for interfacing with external system such as SCADA and PIS.
▌ Security Information and Event Management Solution (SIEM) – Provide logging and monitoring services and threat detection and prevention (multi-layer): cyberattacks, malware. A searchable central log repository with alerting capabilities to the NMS.
▌ Onboard Internet Security Device (OISD) – Additional SD (Encryption) functions such as multi-layer firewall and Hosting Intrusion Detection Prevention and remote logging to protect against public wireless networks
Secure By Design – Cybersecurity Design Principles
▌ The following cyber security design principles are applied to the development of CBTC cyber security controls:
Defense in Depth – Multiple layers of defense are applied. Even if a layer of defense is breach, e.g. due to a zero-day-vulnerability the system will be resilient and prevent a cybersecurity breach.Incorporate Preventive, Detective, and Recovery Controls – To succeed in addressing today’s sophisticated cyber security attacks, the security solution must incorporate strong preventive mechanisms but also the ability to detect and quickly recover from cyber security attacks without affecting safety and system availability.Design Patterns – Use of proven design patterns and protocols when available. CBTC will leverage tools and techniques that are de-facto industry standards.Risk based Approach – Subsystem requirements, and design trade-off are based on cost benefit analysis from threat and risk assessments.
Meeting challenges in a digital and mobile communication environment
Securing CBTC in the digital and mobile communication environment
▌ Ensuring cybersecurity and the ability of leveraging public networks in a secured way is embedded in the CBTC .Examples Include:
Remote ATS Terminal – web browser viewing of status informationLight Client – Use of tablets by maintainersUse of WiMAX and LTE as a secondary link to the private wireless networkCloud Computing
▌ Providing regular “security” health checkRisk assessment and remediation of existing install base – are the systems still secure?Monitoring, patching of Internet facing systems
▌ Providing cybersecurity monitoring solutions and services