Why is it important to work on the (network) lower layers in cybersecurity?

ERCI, European Railway Clusters Initiative, Lille, FRANCE, 27-/06/2018 - 27/06/2018Présentation des travaux du LEOST sur l'analyse des signaux de bas niveau pour détecter des attaque

Jamming Signal Immunity Tests on GSM-R Communications Compared to EMC Basic Standards

This paper presents the work being done in SECRET project (European Program FP7/2007-2013 under grant agreement number “285136”) to strengthen the European rail network against the potential jamming of the railway communications. Standardized immunity tests, currently conducted on communication equipment in the presence of electromagnetic (EM) interferences are presented. It then presents the tests carried out in SECRET to assess the resistance of railway communication systems face the signals generated by telecommunication jammers.SECRE

Evaluation of the Impact of Transient Disturbances on Railway Signaling Systems Using an Adapted Time-Frequency Analysis Method

As many other industrial environments, the railway electromagnetic environment is characterized by a large number of electromagnetic signals and disturbances. Among these, transient signals, with high energy level and wide frequency spectrum, represent an important threat to different signaling subsystems. In this paper, a new methodology dedicated to the detection and the characterization of the transient disturbances is presented. Based on a flexible and adjustable time-frequency analysis, this methodology is used to evaluate the impact of transient disturbances on a ground‑to‑train radio communication. A test bench was developed in order to validate the results of this evaluation

EM Monitoring and classification of IEMI and protocol-based attacks on IEEE 802.11n communication networks

International audienceThe development of connected devices and their daily use are today at the origin of the omnipresence of Wi-Fi wireless networks. However, these Wi-Fi networks are often vulnerable, and can be used by malicious people to disturb services, intercept sensitive data or to gain access to system. In railways, trains are now equipped with wireless communication systems for operational purposes or for passenger services. In both cases, defense strategies have to be developed to prevent misuses of the networks. The first objective of this study is to propose a monitoring solution, which is independent of the communication networks, to detect the occurrence of attacks. The second objective is to develop a method able to classify attacks of different types: the intentional electromagnetic interference (IEMI), i.e., jamming attacks, and the protocol-based attacks. This study focuses on the IEEE 802.11n Wi-Fi protocol. To perform these analyses, we propose to monitor and to analyze electromagnetic (EM) signals received by a monitoring antenna and a receiver collecting EM spectra. After that, we build a classification protocol following two steps: the first consists in the construction of a Support Vector Machine (SVM) classification model using the collected spectra and the second step uses this SVM model to predict the class of the attack (if any). A time-based correction of this prediction using the nearest neighbors is also included in this second step

Immunité aux interférences des systèmes de communication à lumière visible

International audienceLes systèmes de communication basées sur la lumière visible recourent au double usage des infrastructures d'éclairage pour transmettre données. Cette technologie est considérée sécure, à bon marché et immune aux interférences causées par les fréquences radio. L'interférence optique est l'unique source de perturbation externe normalement considéré dans les modèles de canal. Néanmoins, toutes les interférences sur les composants électroniques, susceptibles d'avoir un impact sur les performances du système, doivent être intégrées dans le modèle de transmission afin d'améliorer les performances du système de communication. Dans ce papier, on analyse l'interférence et l'immunité des systèmes VLC en ce qui concerne les fréquences couvrant tout le spectre jusqu' à 1 GHz. Nous fournissons une évaluation détaillée de l'immunité d'un système VLC réalisé en chambre anéchoïque, en considérant des interférences avec différents niveaux de puissance. Les résultats sont très intéressants. En considérant des valeurs de fréquence spécifiques, le signal transmis par VL est trop perturbé pour être correctement récupéré. Afin d'évaluer l'impact de cette interférence, on a estimé le Bit Error Rate (BER) pour différentes indexes de modulation, en considérant une modulation de position d'impulsions (mPPM)

Real-time 3D electromagnetic field measurement instrument with direct visualization

Nowadays, a wide variety of terminals are proposed to nomadic users. Generally these terminals provide wireless communication operating at frequencies between one and a few GHz. For technical reasons, including multiple access to the communication channel and battery autonomy, these terminals transmit only during very short periods i.e. transmission bursts. For a direct observation of certain characteristics of the transmitted signals radiated by such terminals, only a few measurement setups exist. This article proposes such a novel real-time 3D electromagnetic field measurement instrument with direct visualization. The prototype used for validation is based on an array of probes regularly attached on a non-conductive rigid loop which is put into fast rotation around the terminal under test. To cite this article: J. Rioult et al., C. R. Physique 10 (2009). (C) 2008 Academie des sciences. Published by Elsevier Masson SAS. All rights reserved

On the Interference Immunity of Visible Light Communication (VLC)

International audienceVisible Light Communication (VLC) relies on the dual use of existing light infrastructure for wirelessly send data. VLC is regarded as a "green", cost-effective and secure communication technology. Moreover, VLC has been always considered immune to Radio Frequency (RF) waves. The only type of interference that has always been included in the channel model is the optical interference. Nevertheless, all the interference components potentially impacting on the performance of the system should be integrated in the transmitting model in order to improve the performance of the communication system. In this paper, we investigate on the interference and immunity of the VLC systems in respect of frequencies spanning the spectrum up to 1 GHz. We provide a detailed evaluation of the immunity of a VLC system by the means of experiments realized in "controlled" environment, i.e. an anechoic chamber, by considering interference at different power levels. Results are very interesting, since at specific frequency values, the VL transmitted signal results too "interfered" and noisy to be correctly recovered. In order to evaluate the impact of this interference, we have estimated the Bit Error Rate (BER) for different index modulations of Pulse-Position Modulation (mPPM)

Cyber Security of the Railway wireless system: detection, decision and Human-in-the-Loop

TRA 2018, 7th Transport Research Arena, Vienne, AUTRICHE, 16-/04/2018 - 19/04/2018The networks used in the Railway domain are usually heterogeneous, not enough protected and not fitted to the usual Cyber Security requirements in terms of sustainability, protection and attack detection. Furthermore, the quick evolution of the telecommunication means, the threats and the sustainability aspects have to be taken into account in order to protect the Railway system. The paper presents the first contributions on Cyber Security for railways that can be divided into three main aspects dealing with the Cyber Security of the wireless part of the railway communication system: detection, decision and Human-in-the-Loop. Part of the work will be devoted to the development of an Open Pluggable Framework (OPF). The OPF is a software framework based on automation principles. It monitors the environment, then some algorithms detect abnormal behaviours, and next, OPF decides which reaction to take and finally apply this action (e.g. an alarm or a reconfiguration). The last part 'human in the loop' aims at answering the questions: what happens if the automatic countermeasures fail and how the driver can cope with the attack consequences. It consists in placing professional drivers and Central Traffic Control operators in a realistic simulator and playing scenarios involving attacks and observing the reactions of the professional drivers. A preliminary methodology is proposed and discussed through a concrete case study

Overview of the European Project Security of Railways in Europe Against Electromagnetic Attacks

The terrorism threat to European citizens has been elevated for several years and this threat notably concerns rail transportation and the infrastructures providing mass transport. Both rail operation and its infrastructure are critical priorities because of the economic and security impacts of potential attacks (loss of service, destruction of vehicles and destruction of infrastructure...), extended consequences on the surrounding businesses and finally, the impaired reputation of being a safe and secure transport system. The European railway infrastructure is concerned by EM attacks because it constitutes a mass transport system which includes a large number of telecommunication, command-control, electronic and informatics systems and subsystems vulnerable to electromagnetic interferences. The Electromagnetic interferences can act on the wireless communications, on the wired networks and on the electronic and informatics systems.La menace terroriste augmente constamment en Europe depuis plusieurs années. Cette menace concerne notamment les transports de masse tel que le transport ferroviaire. La protection du réseau ferroviaire et de son infrastructure est prioritaire en raison des impacts sécuritaires et économiques qui peuvent résulter d'attaques terroristes, mais également en raison des conséquences sur la réputation du système de transport en matière de sécurité, qui peuvent considérablement affecter sa fréquentation.Le chemin de fer est une cible attrayante pour les actions malveillantes en raison de sa facilité d'accès. Les attaques menées sur l'infrastructure ferroviaire française en Novembre 2008 à l'aide de barres métalliques placées sur les caténaires ont provoqué des retards pour 160 TGV, Eurostar et Thalys ( attaques coordonnées qui ciblaient quatre lignes ferroviaires différentes sur le réseau des chemins de fer français ) et ont montré que des actions plus subtiles que des attentats à la bombe peuvent être effectuées par des terroristes : les terroristes peuvent fonder leurs méthodes d'action sur les vulnérabilités des technologies employées . Le terrorisme électromagnétique (EM) est basé sur une approche similaire qui consiste à mettre en défaut des équipements ou appareils qui sont utilisés pour optimiser l'efficacité et la sécurité du système de transport ferroviaire.L'infrastructure ferroviaire européenne est une infrastructure particulièrement critique en matière d'attaques EM. En effet, le réseau ferroviaire européen constitue un système de transport de masse, fortement automatisé, qui comprend un grand nombre de systèmes électroniques, informatiques et de télécommunication vulnérables aux interférences électromagnétiques. Ces technologies vulnérables assurent des fonctions de contrôle-commande, de communication ou de signalisation.Dans le projet SECRET, les dispositifs d'attaque EM considérés sont des dispositifs relativement faciles à obtenir tels que des brouilleurs de télécommunications. Certains de ces brouilleurs sont très faciles à utiliser et peuvent couvrir des fréquences utiles dans le domaine ferroviaire. Cet article décrit les principaux travaux menés dans le cadre du projet SECRET afin de protéger le réseau contre ce type de menace et de faciliter le retour à la normale