A Formal Security Analysis of ERTMS Train to Trackside Protocols

Add to your list(s) Download to your calendar using vCal

• Richard Thomas (University of Birmingham)
• Thursday 16 June 2016, 11:00-12:00
• Sloman Lounge, School of Computer Science.

If you have a question about this talk, please contact Andreea Radu.

We present a formal security analysis of the train to trackside communication protocols used in the European Railway Traffic Management System (ERTMS) standard, and in particular the EuroRadio protocol. This protocol is used to secure important commands sent between train and trackside, such as movement authority and emergency stop messages. We perform our analysis using the applied pi-calculus and the ProVerif tool. This provides a powerful and expressive framework for protocol analysis and allows to check a wide range of security properties based on checking correspondence assertions. We show how it is possible to model the protocol’s counter-style timestamps in this framework. We define ProVerif assertions that allow us to check for secrecy of long and short term keys, authenticity of entities, message insertion, deletion, replay and reordering. We find that the protocol provides most of these security features, however it allows undetectable message deletion and the forging of emergency messages. We discuss the relevance of these results and make recommendations to further enhance the security of ERTMS .

This talk is part of the Computer Security Seminars series.

This talk is included in these lists:

• Computer Science Departmental Series
• Computer Science Distinguished Seminars
• Computer Security Seminars
• Sloman Lounge, School of Computer Science
• computer sience

Note that ex-directory lists are not shown.