Railway
Digital Rail Summer School
Hacking RaSTA
Customised IT security for your company! For every task assigned to us, we draw on our industry experts to provide you with effective and customised solutions. From security design, implementation and verification to our training programmes. Get on the safe side too.
Martin is a cybersecurity expert with many years of OT expertise in the railway sector. Martin is therefore your excellent contact for all security topics in the areas from A for ATO to Z for Zero-Days.
Get in touch!
Daniel is your industry expert for automotive security.His expertise ranges from A for architecture to P for penetration testing and Z for future technology quantum cryptography.
Get in touch with him.
Matthias looks back on a long career in systems engineering and security in various industrial sectors, such as energy supply and railroads. He uses his experience to create effective and efficient solutions.
Please get in touch.
INCYDE GmbH
Unter den Linden 21
10117 Berlin
Cyber attacks on software, data or the general operability of road and rail vehicles pose a potential threat to people and machines. The increasing networking of vehicles and the ever-growing range of externally connected technologies and services are creating more opportunities for attacks.
The aim of the project is to develop a holistic protection system for central control systems as well as road and rail vehicles. During operation, attacks are to be monitored and detected using rule-based and AI-based approaches, and defended against semi-automatically using a series of established countermeasures.
Research into a holistic safety concept, taking into account all subcomponents in vehicles, fleet management and connected systems. To this end, security-critical components are first identified and their interaction for system security is evaluated.
As part of the German government’s research framework programme on IT security ‘Digital. Secure. Sovereign.’, methods and technologies for analysing security at all system levels are being developed.
The IT Security Act obliges operators of critical infrastructures to protect the information technology systems used in accordance with the state of the art. In order to be able to fulfil this obligation towards the legislator, the operator must provide evidence of this in a suitable form in accordance with §8a BSIG.
The aim of the project is to support a well-known railway operator in the implementation and preparation of proof in accordance with §8a. This involves going through a special risk management process that includes the following tasks:
Description of the technical systems, evaluation of the need for protection, analysis of security requirements, assessment of risks based on threat scenarios and the derivation of security measures to protect the systems.
The challenge of securing information technology systems in the critical infrastructure environment lies in particular in the complex interplay between operational technology (OT) and traditional information systems (IT), which are responsible for controlling and monitoring the OT systems.
Specialised knowledge of the modes of action of the OT systems used in the critical infrastructure environment as well as in-depth knowledge of the protection of classic IT systems are necessary in order to be able to derive an overall picture of potential threats to the critical infrastructure. Our cyber security specialists from the railway sector assess the specific threats, identify dedicated attack patterns and vulnerabilities and develop suitable security measures.
Our integrated risk analysis methodology successively brings together information on the specific functionalities of OT/IT information technology systems, identifies potential vulnerabilities and unimplemented security measures and analyses dedicated attack scenarios on the critical systems under consideration in order to create a realistic picture of the situation.
As a result of our risk analyses, we provide decision-makers with clear instructions for action, which ensure that information technology systems can be secured according to the state of the art. These include long-term planning of recommended security measures to reduce intolerable risks.
Furthermore, our customers receive a graphical and textual representation of the analysed information technology systems, a customer-specific determination of protection requirements, a detailed assessment of the identified risks and a prioritised list of necessary measures derived from this.
As part of the European and national approval processes, it is now essential to test the technology of modern operations management (OT) processes for their conformity with the normative specifications for IT security.
INCYDE evaluates the conformity of the requirements for the latest generation of DB Netz AG’s digital interlockings (DSTW) and their implementation in the context of specific projects with the specifications of the IT security standard series IEC 62443 and TS 50701.
This assessment is one of the bases for the commissioning authorisation of the new DSTW.
The objective for the team of security experts provided by INCYDE was to carry out the assessments and prepare technical statements and inspection reports for the completed project-specific phases. The following phases were analysed and evaluated:
The DLST (digital control and signalling technology) NeuPro pre-series project Mertingen-Meitingen is the first time that a digital interlocking system (DSTW) has been integrated into the infrastructure of DB Netz AG. This requires a precise analysis and evaluation of the security during the phases of requirements definition, development, integration and processes for the entire life cycle. In particular, the embedding in the existing systems and the transmission system of DB Netz AG must be analysed and assessed from a security perspective.
The following method was used to prepare the technical statements and inspection reports (project results):
The European Rail Traffic Management System (ERTMS) and its individual projects serve to harmonise the standards for communication and train control on a European basis. The European Train Control System (ETCS) serves to simplify the equipment of lines in the trans-European networks, but has also found its way into railway infrastructures beyond this. The ERTMS Users Group (EUG) represents the interests of infrastructure operators.
The ERTMS Security Core Group (ESCG) was founded due to increased risks and extended European security requirements. INCYDE is responsible for the organisational and technical management of this newly created body. Threats and risks are analysed within the ESCG. The analysis will lead to proposals for improving the TSI subsets. In addition, already implemented systems and current standards will be taken into account in the analyses in order to enable comprehensive safeguarding. This will be done in close co-operation with the members of the EUG. The ESCG intends to use this to define security measures for the ERTMS area in order to improve future standards and enable the migration of existing systems.
The ESCG was founded on the basis of proposals from INCYDE to the EUG and its structure was planned by INCYDE. This required the rapid integration of security experts from several ERTMS operators, as well as the development of a project plan for the first year. The ESCG and INCYDE face the following challenges:
Several outcome documents will publicly document the progress of the ESCG’s work. The following documents have been published to date:
The management of the European committee for security in ERTMS includes the following tasks:
The RaSTA protocol plays an important role in the data exchange of modern digital interlockings. But does the protocol also offer protection against cyber attacks? We adressed this question in a hackathon together with students from the Hasso Plattner Institute and the University of Passau. In a laboratory environment, we attacked the IT security properties of the RaSTA protocol stack and gained valuable experience in protecting digital signaling technology. In doing so, we used the open-source RaSTA-Implementation.
Customer Voices:
Mario Freund (HPI Student): “As students, we could only benefit from the collaboration with INCYDE. We had the opportunity to apply our knowledge from the lectures in practice and receive detailed feedback from security experts. It was particularly good to see that INCYDE brings together experts from different domains and therefore has expertise in both rail operations and IT security. This is unique in this industry and a huge advantage.”
In order to understand and analyze the RaSTA transport protocol, it is necessary to consider the overall context in which RaSTA is used. An isolated consideration based on the protocol specification does not lead to a meaningful result when answering the following key questions:
The investigation of RaSTA was carried out by a group of motivated students using an open-source RaSTA implementation and a complete, simulated interlocking environment consisting of interlocking logic, dispatcher workstation and representation of the field elements (switches and signals).
