Loading [a11y]/accessibility-menu.js
Security Analysis of the RaSTA Safety Protocol | IEEE Conference Publication | IEEE Xplore

Security Analysis of the RaSTA Safety Protocol


Abstract:

RaSTA is a transport protocol that has been designed to be deployed in the safety-critical domain of railway signalling. The protocol provides safety properties such as m...Show More

Abstract:

RaSTA is a transport protocol that has been designed to be deployed in the safety-critical domain of railway signalling. The protocol provides safety properties such as message authenticity, integrity, timeliness, and sequence. However, critical railway infrastructures face cyber attacks and therefore require security measures. We investigate the security properties of RaSTA by analysing weaknesses of the utilized MD4 algorithm in the context where RaSTA is utilized. To overcome the weaknesses, we propose relevant enhancements to the protocol that maintain the safety properties and additionally provide secure message authentication. We evaluate our work using the computation time for message authentication which is crucial for the utilization of RaSTA in a safety-critical network.
Date of Conference: 09-11 November 2018
Date Added to IEEE Xplore: 27 December 2018
ISBN Information:
Conference Location: Miami, FL, USA

I. Introduction

While the digitalization finds its way in every aspect of our lives, security properties of information and operation technology systems start to receive more attention. This is also true for critical infrastructures like railway services, which can become the target of attackers. Rail Safe Transport Application (RaSTA) is a safety-critical network protocol designed for the fast and reliable transport of control messages between railway interlocking systems, as well as signalling and switching equipment. The protocol is an important piece in the transformation of interlocking systems from proprietary, monolithic blocks towards modularized and standardized systems to optimize cost and enable interchangeability. In turn, the security of the modularized system must be investigated to avoid compromising safety [1]. Since a communication protocol, as well as the underlying network connection, present a prominent attack surface, it is important to be aware of their security properties and possible vulnerabilities.

Contact IEEE to Subscribe

References

References is not available for this document.