Abstract
In this paper we present analysis of attack actions on the railway infrastructure based on the integrated model. The novelty of the presented solution is in combination of the component-based approach, which is used to detect attack vectors based on the presence of vulnerabilities, the semi-natural model, which is used to model vulnerabilities exploitation, the simulation model, which is used to analyze attack scenarios that are affecting timetable planning process and the analytical model, which is used to analyze multi-step attack scenarios. The integrated model also contains the model of attacker, which distinguish them by type of access to the railway infrastructure as well as by level of capabilities and resources. The integrated model is used due to the fact that none of the listed approaches can effectively analyze all classes of attacks, while combining these approaches allows one to represent various aspects of the investigated object and provides the ability for attack actions effective analysis. The proposed solution has a strong focus on security, which determines the main contribution to the research field. The objective of the proposed model is to increase the security of critical infrastructure by improving the quality of attack actions analysis. The correctness of the proposed model is validated by various application examples.
The reported study was funded by RFBR, project number 19-37-90082 and 19-29-06099, and by the budget, the project No. 0073-2019-0002.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
BruCON 2009: Rage Against the Kiosk. https://captf.com/conferences/BruCon%202009/Paul%20James%20Craig%20-%20Rage%20Against%20The%20Kiosk.pdf. Accessed 31 Jan 2020
IT Security News. The Russian Railways information system got hacked in 20 minutes. https://www.itsecuritynews.info/the-russian-railways-information-system-got-hacked-in-20-minutes/. Accessed 31 Jan 2020
Allotta, B., Pugi, L., Bartolini, F.: An active suspension system for railway pantographs: the T2006 prototype. Proc. Inst. Mech. Eng. Part F J. Rail Rapid Transit. 223(1), 15–29 (2009)
Ambrósio, J., Pombo, J., Pereira, M.: Optimization of high-speed railway pantographs for improving pantograph-catenary contact. Theor. Appl. Mech. Lett. 3(1), 013006 (2013)
Baldini, G., et al.: An early warning system for detecting GSM-R wireless interference in the high-speed railway infrastructure. Int. J. Crit. Infrastruct. Prot. 3(3–4), 140–156 (2010)
Bloomfield, R., Bendele, M., Bishop, P., Stroud, R., Tonks, S.: The risk assessment of ERTMS-based railway systems from a cyber security perspective: methodology and lessons learned. In: Lecomte, T., Pinger, R., Romanovsky, A. (eds.) RSSRail 2016. LNCS, vol. 9707, pp. 3–19. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-33951-1_1
Chen, B., et al.: Security analysis of urban railway systems: the need for a cyber-physical perspective. In: Koornneef, F., van Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9338, pp. 277–290. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24249-1_24
Cheng, Y.C., Lee, S.Y., Chen, H.H.: Modeling and nonlinear hunting stability analysis of high-speed railway vehicle moving on curved tracks. J. Sound Vib. 324(1–2), 139–160 (2009)
Desnitsky, V., Levshun, D., Chechulin, A., Kotenko, I.V.: Design technique for secure embedded devices: application for creation of integrated cyber-physical security system. JoWUA 7(2), 60–80 (2016)
Flammini, F., Gaglione, A., Mazzocca, N., Pragliola, C.: Quantitative security risk assessment and management for railway transportation infrastructures. In: Setola, R., Geretshuber, S. (eds.) CRITIS 2008. LNCS, vol. 5508, pp. 180–189. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03552-4_16
Gorodetski, V., Karsayev, O., Kotenko, I., Khabalov, A.: Software development kit for multi-agent systems design and implementation. In: Dunin-Keplicz, B., Nawarecki, E. (eds.) CEEMAS 2001. LNCS (LNAI), vol. 2296, pp. 121–130. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45941-3_13
Han, Z., Zhang, Y., Liu, S., Gao, S.: Modeling and simulation for traction power supply system of high-speed railway. In: 2011 Asia-Pacific Power and Energy Engineering Conference, pp. 1–4. IEEE (2011)
Heddebaut, M., et al.: Towards a resilient railway communication network against electromagnetic attacks (2014)
Ho, T., Mao, B., Yuan, Z., Liu, H., Fung, Y.: Computer simulation and modeling in railway applications. Comput. Phys. Commun. 143(1), 1–10 (2002)
Kotenko, I.: Active vulnerability assessment of computer networks by simulation of complex remote attacks. In: 2003 International Conference on Computer Networks and Mobile Computing, ICCNMC 2003. pp. 40–47. IEEE (2003)
Kotenko, I., Chechulin, A., Bulgakov, M.: Intelligent security analysis of railway transport infrastructure components on the base of analytical modeling. In: Abraham, A., Kovalev, S., Tarassov, V., Snasel, V., Vasileva, M., Sukhanov, A. (eds.) IITI 2017. AISC, vol. 680, pp. 178–188. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-68324-9_20
Kotenko, I., Doynikova, E., Chechulin, A.: Security metrics based on attack graphs for the Olympic Games scenario. In: 2014 22nd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing, pp. 561–568. IEEE (2014)
Levshun, D., Kotenko, I., Chechulin, A.: The integrated model of secure cyber-physical systems for their design and verification. In: Kotenko, I., Badica, C., Desnitsky, V., El Baz, D., Ivanovic, M. (eds.) IDC 2019. SCI, vol. 868, pp. 333–343. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-32258-8_39
Milošević, M.S., Stamenković, D.S., Milojević, A.P., Tomić, M.: Modeling thermal effects in braking systems of railway vehicles. Therm. Sci. 16(2), 515–526 (2012)
Petersen, E., Taylor, A.: A structured model for rail line simulation and optimization. Transp. Sci. 16(2), 192–206 (1982)
Salido, M.A., Barber, F., Ingolotti, L.: Robustness for a single railway line: analytical and simulation methods. Exp. Syst. Appl. 39(18), 13305–13327 (2012)
Schlehuber, C., Heinrich, M., Vateva-Gurova, T., Katzenbeisser, S., Suri, N.: A security architecture for railway signalling. In: Tonetta, S., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2017. LNCS, vol. 10488, pp. 320–328. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66266-4_21
Soderi, S., Hämäläinen, M., Iinatti, J.: Cybersecurity Considerations for Communication Based Train Control. Alstom Signalling Solutions, Florence (2016)
Ticali, D., Acampa, G., Denaro, M.: Renewable energy efficiency by railway transit. Case study on Rebaudengo railway tunnel in Turin. In: AIP Conference Proceedings, vol. 2040, p. 140009. AIP Publishing (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Levshun, D., Bakhtin, Y., Chechulin, A., Kotenko, I. (2020). Analysis of Attack Actions on the Railway Infrastructure Based on the Integrated Model. In: You, I., Chen, HC., Leu, FY., Kotenko, I. (eds) Mobile Internet Security. MobiSec 2019. Communications in Computer and Information Science, vol 1121. Springer, Singapore. https://doi.org/10.1007/978-981-15-9609-4_11
Download citation
DOI: https://doi.org/10.1007/978-981-15-9609-4_11
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-9608-7
Online ISBN: 978-981-15-9609-4
eBook Packages: Computer ScienceComputer Science (R0)