Network Unified Security Control Of Railway Communication And Signal Systems

In recent years,the network security of national key infrastructure and industrial control systems in power,energy and transportation systems has received increasing attentions.China railway communication and signal control system is one of the most important national key infrastures which has always been an isolated private network.Due to reasons such as isolated from the Internet,network security problem is not the focus all the time.However,in 2010,"stuxnet" caused the Iranian nuclear power plant a serious accident,which had a significant impact on the entire industrial control community.Subsequently,the concept of advanced persistent threat(APT)and cyber war,etc.,made the network threat of railway communication and signal control system in China constantly upgraded.However,at the beginning of design,the railway signal system mainly considers the problems such as failure and reliability and does not comprehensively considers the network information security problems.In order to realize the coordination and information sharing between different systems,improve the efficiency of railway operation,the railway communication and signal systems are becoming more and more open to the outside.The train control system technology is also constantly changing: control equipment,machinery and electronic equipment are gradually replaced by programmable electronic equipments and COTS products,so as to realize the more flexible control and more powerful computing capacity.Now and for the foreseeable future it will be more open and more extensive interconnectedness.However,the network information security protection technology suitable for the network of railway communication and signal control system is still to be further studied.This paper starts with the services of railway communication and signal control system in China,analyzes its most unique value,and the attacker usually aims at destroying these values.Then,based on the services logic of the system,the possible attack scenarios are constructed and the existing security measures are analyzed.Finally,according to the characteristics of the railway signal control system,namely,Safety is first and Security is to provide guarantee for Safety,we study how to improve the security without affecting the premise of safety,real-time and reliability.Specific research work is described as follows:(1)We firstly set up the analysis model of China railway signal system,including the data flow model,function structure model and security threat model.This model is to highlight the technical and operational characteristics of railway signal systems.Based on the model,we analysize the hazard events of the railway signal system which are train overspeeding,aggressive movments and operation interrupt under malicious attacks.Through the fault tree analysis,we got 63 threat scenarios about the three hazards events,and the existing protection and its vulnerabilities are detailed analysized.The analysis method can let the operaters of signal system getting better understanding of the security risks and to make better desisons.(2)A security architecture is proposed based on trusted computing and software defined networking.We use fault tree qualitative analysis method to analyze the overall risk of railway communication network,including data error,system defect,human errors and lack of redundance.Because the railway communication network is isolated form other networks,the system packages are not easy to upgrade in time.In addition,the management is complex because of the large scale of railway communication network.The existing network security technologies are not fully meet the needs of security requirements for China railway communication systems.So we put forward a new security architecture based on trusted computing combined with SDN.The trusted computing technology can solve the problem of railway communication network which is not easy to upgrade.By using SDN technology,we can solve complexity of railway communicaton network management problem.(3)Unified control and active protection technology of signal safety data network based on SDN.In this paper,we propose SD-SSDN(Software-Defined Signal Safety Data Network)which uses a white list to the unified control of the network flows in signal safety data network.The main functions of SD-SSDN include the assets registration and management of communication services and the risk perception and detection.In addition,based on the SDSSDN architecture,the design realizes the network intrusion confusing system,which can improve the initiative of network security protection of the signal system.The protective effect of SD-SSDN and network intrusion detection system was tested.(4)SDN based network redundancy technology of railway signal system.SDN technology must meet the high real-time performance and high reliability requirement of railway signal system.We proposed RFTM(Redundant Flow Table Mapping)in this paper and adaptive link aggregation based on SDN.RFTM technology realizes the fast failover(switching time 8ms)under 10 switch nodes and solves the network turbulence problem of the ring network redundancy.In addition,the adaptive link aggregation technology proposed in this paper realizes the automation of configuration and the self-adaptation of link aggregation.In order to help the controller to weather out the DDoS attack,an efficient controller scheduling method is proposed.