 Rule-based anomaly detection for railway signalling networksMarkus Heinrich, Arwed Gölz, Tolga Arul and Stefan Katzenbeisser International Journal of Critical Infrastructure Protection, 2023, vol. 42, issue C Abstract: We propose a rule-based anomaly detection system for railway signalling that mitigates attacks by a Dolev-Yao attacker who is able to inject control commands to perform semantic attacks by issuing licit but mistimed control messages. The system as well mitigates the effects of a signal box compromised by an attacker with the same effect. We consider an attacker that could cause train derailments and collisions, if our countermeasure is not employed. We apply safety principles of railway operation to create a distributed anomaly detection system that inspects incoming commands on the signals and points. The proposed anomaly detection system detects mistimed control messages against light signals, points and train detection systems that lead to derailments and collisions without producing false positives, while it requires only a small amount of overhead in terms of network communication and latency compared to normal train operation. Keywords: Critical infrastructure protection; Cyber–physical system; Cybersecurity; Railway signalling; Rule-based anomaly detection; Safety and security co-engineering; Semantic attack (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:eee:ijocip:v:42:y:2023:i:c:s1874548223000161 DOI: 10.1016/j.ijcip.2023.100603 Access Statistics for this article International Journal of Critical Infrastructure Protection is currently edited by Leon Strous More articles in International Journal of Critical Infrastructure Protection from Elsevier |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.