In recent years, the European train control system (ETCS) has begun to be rolled out more intensively. ETCS defines interfaces between the train and trackside in order to enable digital and uniform train control transmission. Certain interfaces must therefore be provided on the train side. In order to also create standardized interfaces within the train and the systems required for ETCS, the OCORA project was founded. The railway undertakings DB, SNCF, NS, ÖBB and SBB have joined forces within the OCORA initiative.
Considering the increasing threats in the security environment and the requirements of the legislator, security was also taken into account at an early stage. The Technical Workstream (TWS) 06 (Cyber-) Security was created to include security requirements already in the development phase of the on-board architecture. For this purpose, the workstream performs in-depth analyses of the existing architecture and interface designs and identifies both the need for changes and additional requirements. The process is based on the security methodology defined jointly with the EULYNX, RCA and EUG projects.
Project Lead DB Systemtechnik GmbH: „INCYDE did an excellent job of introducing the OCORA security team to the security principles and methodologies, thereby bringing the project to the finish line on time and with the highest quality.“
The OCORA Security Workstream achieves a deep integration of security measures through an early consideration of security in the development process of the OCORA architecture. The representation of DB Netz AG within the OCORA Security Workstream by INCYDE faces the following challenges, among others:
- Design of requirements for the OCORA architecture
- Analysis of interface designs of a future architecture
- Coordination of the interests of different railway untertakings
The results of the work of the Security Workstream are publicly available in documents, of which the following are currently available:
- OCORA Security Concept
The integration of security into safety systems is a technical challenge, which amongst other activities is accomplished by the following essential project steps
- Definition of the security requirements for the OCORA architecture
- Creation of a security concept based on the existing architecture designs
- Analysis of the protection requirements of all potential interfaces
- Security concept for the network architecture