Safety component-based approach and its application to ERTMS/ETCS on-board train control system

International audienceSafety-critical software is becoming more and more complex and at the same time it operates in frequently changing environments on which it reacts by reconfiguring its architecture. Thus, an appropriate modelling approach is needed to reduce the complexity of designing and to enable the verification of dynamic reconfiguration behaviour before the deployment at runtime. The paradigm of software component-based engineering provides an essential support for this. However, composing software from many reconfigurable components can lead to a huge number of possible compositional configurations difficult to handle at design time. Moreover, analysing all possible sequences of reconfiguration, including failure situations, is far beyond feasibility without an appropriate abstraction and granularity levels. In this paper, we propose a hierarchical component-based design approach to reduce the complexity of designing and to analyse the dynamic reconfiguration behaviour. We illustrate our approach with a case study derived from ERTMS/ETCS level 2

A systematic development of a secure architecture for the European Rail Traffic Management System

The European Rail Traffic Management System (ERTMS) is a new signalling scheme that is being implemented worldwide with the aim of improving interoperability and cross-border operation. It is also an example of an Industrial Control System, a safety-critical system which, in recent years, has been subject to a number of attacks and threats. In these systems, safety is the primary concern of the system designers, whilst security is sometimes an afterthought. It is therefore prudent to assure the security for current and future threats, which could affect the safe operation of the railway. In this thesis, we present a systematic security analysis of parts of the ERTMS standard, firstly reviewing the security offered by the protocols used in ERTMS using the ProVerif tool. We will then assess the custom MAC algorithm used by the platform and identify issues that exist in each of the ERTMS protocol layers, and aim to propose solutions to those issues. We also identify a challenge presented by the introduction of ERTMS to National Infrastructure Managers surrounding key management, where we also propose a novel key management scheme, TRAKS, which reduces its complexity. We then define a holistic process for asset owners to carry out their own security assessments for their architectures and consider the unique challenges that are presented by Industrial Control Systems and how these can be mitigated to ensure security of these systems. Drawing conclusions from these analyses, we introduce the notion of a `secure architecture' and review the current compliance of ERTMS against this definition, identifying the changes required in order for it to have a secure architecture, both now and also in the future

Digital route model aided integrated satellite navigation and low-cost inertial sensors for high-performance positioning on the railways

The basis of all railway signalling activities is the knowledge of the position and velocity of all trains in the system. The railways traditionally rely on train detection systems for this knowledge. However, the dependence of these systems on railway infrastructures limits their ability to cope with the advent of new high-speed lines and the development of freight networks across the Europe. Hence, there is a need for the introduction of modern positioning technologies into the railways. Unfortunately railways provide an unfriendly environment for satellite-based radio positioning systems (GNSS). For this reason it is common to integrate GNSS with low-cost inertial sensors (INS) but such systems cannot meet all railway positioning requirements. This thesis examines the potential of enhancing such an integrated GNSS/INS system with a digital route model (DRM). The study is carried out through a series of simulations of typical railway positioning scenes. A simulated database of GNSS, inertial and DRM data is built from real GPS data collected on a rail line between Norwich and Lowestoft. Several tests are first performed to test the validity of the database. Simulations are then done with a number of traditional INS/GPS integration architectures to test the possible performance of each system in the railway environment using lowcost INS sensors. The DRM-aiding is then realised through an integration with the GNNS/INS system via an extended Kalman Filter. Results from the study confirm the need for additional positioning information for an integrated system with low-cost inertial sensors to deal with difficult satellite signal situations such as tunnels, deep cuttings and covered stations. It is shown that a DRM leads to significant improvements in the overall system positioning performance. Also the optimal configuration, in terms of point spacing and accuracy, for a digital route model is selected from amongst simulated candidates

Analysis of Railway Signalling Systems to Increase Line and Node Capacity

"Europe is one of the most urbanized continents on the planet: about 75% of its population lives in urban areas” (European Enviroment Agency, 2017). In this urban context, the car is still the widely used way of transport, while public transport manages to capture residual segments of the demand for mobility. However, in a structural framework of obvious concern and criticality for public transport, there is a component of the sector in strong expansion, that is, all rail transports. In addition, the incidence of rail transport is even more significant in large metropolitan systems where daily travel reaches its highest levels of expression. It is known, however, that the supply of transport services is limited by the capacity of the transport system which depends on the physical size of the infrastructure, that is, the capacity of the infrastructure, the number of vehicles, the capacity of the vehicle fleet, the operating time and the traffic regime implemented

Optimisation of automatic train protection systems.

EThOS - Electronic Theses Online ServiceGBUnited Kingdo