Security of Wi-Fi on-board intra-vehicular communication: Field trials of tunnel scenario

Soderi, Simone; Viittala, Harri; Saloranta, Jani; Hämäläinen, Matti; Iinatti, Jari; Gurtov, Andrei

doi:10.1109/itst.2013.6685559

Cited by 2 publications

(5 citation statements)

References 9 publications

(11 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this Section, we collect some types of attacks on IV communications often discussed in the literature (see, for instance, [29], [30], [31]) 4 . Consider an adversary onboard the train (see Figure 11) with his laptop that performs various attacks against IV Wi-Fi communications.…”

Section: Threat Models For IV Communicationsmentioning

confidence: 99%

“…To do so, Soderi et al [30], [31], [29] proposes using Host Identity Protocol (HIP) for industrial and railway applications to secure the IV communication system architecture.…”

Section: E Building a Secure Conduit: An Approach Based On Host Ident...mentioning

confidence: 99%

“…Figure 13 presents the results of using HIP in a tunnel scenario similar to the one where a CBTC typically operates. The measurements, extracted from [30], used OpenHIP [34], an open-source version of HIPv1 [35]. Results show how HIP introduces an acceptable overhead of throughput loss, jitter, and packet loss up to 300 m without any repeater and in Non-Line-of-Sight (NLOS) configurations [30].…”

Section: E Building a Secure Conduit: An Approach Based On Host Ident...mentioning

confidence: 99%

“…The measurements, extracted from [30], used OpenHIP [34], an open-source version of HIPv1 [35]. Results show how HIP introduces an acceptable overhead of throughput loss, jitter, and packet loss up to 300 m without any repeater and in Non-Line-of-Sight (NLOS) configurations [30]. HIP also makes the conduit resilient to MITM-type and eavesdropping attacks and makes the communication between the two zones (i.e., between two physical areas of the train) transparent and secure, significantly reducing the security risk associated with these attacks.…”

Section: E Building a Secure Conduit: An Approach Based On Host Ident...mentioning

confidence: 99%

See 3 more Smart Citations

Cybersecurity Considerations for Communication Based Train Control

Soderi,

Masti,

Hämäläinen

et al. 2023

IEEE Access

Self Cite

View full text Add to dashboard Cite

The CENELEC TS 50701 is the first encompassing standard aiming at governing cybersecurity risk management processes within the railway industry. Although the technical maturity of this framework is undeniable, its application in practical projects is still an active field of discussion among practitioners, especially when dealing the communication-heavy subsystems. Among such subsystems, signaling is among the most critical ones. Both Communication-based Train Control (CBTC) and European Railway Traffic Management Systems (ERTMS) heavily rely on wireless communications for their operation. This paper describes two cybersecurity attack scenarios regarding wireless communications for CBTCs that can impact the safety of these systems using the lens of the framework provided by the novel CENELEC TS 50701. In doing so, we discuss the implications of using such guidance, especially concerning the different interpretations found in the literature regarding zoning communication systems, to assess and mitigate the cybersecurity risk and improve the posture of CBTC systems concerning the examined attacks. Experimental tests conducted in controlled laboratory environments and high fidelity simulations have been conducted to support the cybersecurity analysis.

show abstract

Section: Threat Models For IV Communicationsmentioning

confidence: 99%

“…To do so, Soderi et al [30], [31], [29] proposes using Host Identity Protocol (HIP) for industrial and railway applications to secure the IV communication system architecture.…”

Section: E Building a Secure Conduit: An Approach Based On Host Ident...mentioning

confidence: 99%

Section: E Building a Secure Conduit: An Approach Based On Host Ident...mentioning

confidence: 99%

Section: E Building a Secure Conduit: An Approach Based On Host Ident...mentioning

confidence: 99%

See 2 more Smart Citations

Cybersecurity Considerations for Communication Based Train Control

Soderi,

Masti,

Hämäläinen

et al. 2023

IEEE Access

Self Cite

View full text Add to dashboard Cite

show abstract

“…HIP with the Base Exchange (BEX) initial stage establishes a Secure Association (SA) between end-nodes, then both hosts use IP Security (IPSec) in order to exchange data via a secure tunnel, as shown in Figure 2. Measurements campaign in a tunnel scenario has shown that HIP IPSec is a promising protocol to secure intra-vehicular communications in terms of throughput, jitter and packet loss [7].…”

Section: A Attack To Wi-fi Based Dcsmentioning

confidence: 99%

Cybersecurity considerations for CBTC

Soderi¹,

Hämäläinen²,

Iinatti³

2021

Preprint

Self Cite

View full text Add to dashboard Cite

<div> <div> <div> <p>Communication Based Train Control (CBTC) and the European Rail Traffic Management Systems (ERTMS) are prevailing radio controlled systems for railway. As a part of the ERTMS standard, the European Train Control System (ETCS) implements on-board control systems throughout multiple radios. CBTC makes use of RF-based data communication systems (DCSs) for train control and traffic management. Even if ERTMS and CBTC have different origins, both make use of wireless communications for safety related systems. This paper describes cybersecurity considerations for CBTC. First, authors studied the impact of security on intra-vehicular communications in a real tunnel scenario, e.g. for urban transit where the usage of security is mandatory in order to maintain the system safety. Secondly, the impact of a jamming attack against ETCS radio has been analyzed. Measurement campaigns confirmed Host Identity Protocol (HIP) as an effective security solution at layer 3 in terms of the protocol overhead introduced. On the other hand, the Balise Transmission Module (BTM), included in ETCS standard, is sensitive to jamming attack and the measurements presented here would offer the sights for further security considerations around the CBTC. </p> </div> </div> </div>

show abstract

Security of Wi-Fi on-board intra-vehicular communication: Field trials of tunnel scenario

Cited by 2 publications

References 9 publications

Cybersecurity Considerations for Communication Based Train Control

Cybersecurity Considerations for Communication Based Train Control

Cybersecurity considerations for CBTC

Contact Info

Product

Resources

About