Security Architecture for Secure Train Control and Monitoring System

A Train Control and Monitoring System (TCMS) is a vital part of monitoring sensors in a train. The data output of sensors is sent wirelessly to the data server for monitoring. However, as the wireless channel used to send the data is a shared public network, the transmitted data are prone to hackers...

Descripción completa

Detalles Bibliográficos
Autores principales: Purwanto, Yudha, Ruriawan, Muhammad Faris, Alamsyah, Andry, Wijaya, Febry Pandu, Husna, Dewi Nala, Kridanto, Agri, Nugroho, Fifin, Fakhrudin, Anang, Itqon, Mu’ammar, Febrianta, Mochamad Yudha, Widiyanesti, Sri, Mentari, Fussy, Gozali, Alfian Akbar, Romadhony, Ade
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2023
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9921001/
https://www.ncbi.nlm.nih.gov/pubmed/36772380
http://dx.doi.org/10.3390/s23031341
_version_ 1784887208912617472
author Purwanto, Yudha
Ruriawan, Muhammad Faris
Alamsyah, Andry
Wijaya, Febry Pandu
Husna, Dewi Nala
Kridanto, Agri
Nugroho, Fifin
Fakhrudin, Anang
Itqon, Mu’ammar
Febrianta, Mochamad Yudha
Widiyanesti, Sri
Mentari, Fussy
Gozali, Alfian Akbar
Romadhony, Ade
author_facet Purwanto, Yudha
Ruriawan, Muhammad Faris
Alamsyah, Andry
Wijaya, Febry Pandu
Husna, Dewi Nala
Kridanto, Agri
Nugroho, Fifin
Fakhrudin, Anang
Itqon, Mu’ammar
Febrianta, Mochamad Yudha
Widiyanesti, Sri
Mentari, Fussy
Gozali, Alfian Akbar
Romadhony, Ade
author_sort Purwanto, Yudha
collection PubMed
description A Train Control and Monitoring System (TCMS) is a vital part of monitoring sensors in a train. The data output of sensors is sent wirelessly to the data server for monitoring. However, as the wireless channel used to send the data is a shared public network, the transmitted data are prone to hackers and attacks. This paper proposes the Securebox architecture to manage secure data transfer from the onboard Vehicle Control Unit (VCU) to the data server in TCMS. The architecture is comprised of four main functions: network management, buffer management, data management, and security management. The architecture has been successfully developed in an HSM (Hardware Security Modul) and verified using alpha and beta software testing to form a secure TCMS. From the real-time testing phase in an electric-diesel train, the average performance of the AES-based HSM showed 55% faster time processing with unnoticed 0.1% added memory usage compared to the 3DES. The secure TCMS also withstands MITM attack and provides end-to-end data security compared to the (Mobile Station) MS to Base Station (BS) only in GSM-R.
format Online
Article
Text
id pubmed-9921001
institution National Center for Biotechnology Information
language English
publishDate 2023
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-99210012023-02-12 Security Architecture for Secure Train Control and Monitoring System Purwanto, Yudha Ruriawan, Muhammad Faris Alamsyah, Andry Wijaya, Febry Pandu Husna, Dewi Nala Kridanto, Agri Nugroho, Fifin Fakhrudin, Anang Itqon, Mu’ammar Febrianta, Mochamad Yudha Widiyanesti, Sri Mentari, Fussy Gozali, Alfian Akbar Romadhony, Ade Sensors (Basel) Article A Train Control and Monitoring System (TCMS) is a vital part of monitoring sensors in a train. The data output of sensors is sent wirelessly to the data server for monitoring. However, as the wireless channel used to send the data is a shared public network, the transmitted data are prone to hackers and attacks. This paper proposes the Securebox architecture to manage secure data transfer from the onboard Vehicle Control Unit (VCU) to the data server in TCMS. The architecture is comprised of four main functions: network management, buffer management, data management, and security management. The architecture has been successfully developed in an HSM (Hardware Security Modul) and verified using alpha and beta software testing to form a secure TCMS. From the real-time testing phase in an electric-diesel train, the average performance of the AES-based HSM showed 55% faster time processing with unnoticed 0.1% added memory usage compared to the 3DES. The secure TCMS also withstands MITM attack and provides end-to-end data security compared to the (Mobile Station) MS to Base Station (BS) only in GSM-R. MDPI 2023-01-25 /pmc/articles/PMC9921001/ /pubmed/36772380 http://dx.doi.org/10.3390/s23031341 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Purwanto, Yudha
Ruriawan, Muhammad Faris
Alamsyah, Andry
Wijaya, Febry Pandu
Husna, Dewi Nala
Kridanto, Agri
Nugroho, Fifin
Fakhrudin, Anang
Itqon, Mu’ammar
Febrianta, Mochamad Yudha
Widiyanesti, Sri
Mentari, Fussy
Gozali, Alfian Akbar
Romadhony, Ade
Security Architecture for Secure Train Control and Monitoring System
title Security Architecture for Secure Train Control and Monitoring System
title_full Security Architecture for Secure Train Control and Monitoring System
title_fullStr Security Architecture for Secure Train Control and Monitoring System
title_full_unstemmed Security Architecture for Secure Train Control and Monitoring System
title_short Security Architecture for Secure Train Control and Monitoring System
title_sort security architecture for secure train control and monitoring system
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9921001/
https://www.ncbi.nlm.nih.gov/pubmed/36772380
http://dx.doi.org/10.3390/s23031341
work_keys_str_mv AT purwantoyudha securityarchitectureforsecuretraincontrolandmonitoringsystem
AT ruriawanmuhammadfaris securityarchitectureforsecuretraincontrolandmonitoringsystem
AT alamsyahandry securityarchitectureforsecuretraincontrolandmonitoringsystem
AT wijayafebrypandu securityarchitectureforsecuretraincontrolandmonitoringsystem
AT husnadewinala securityarchitectureforsecuretraincontrolandmonitoringsystem
AT kridantoagri securityarchitectureforsecuretraincontrolandmonitoringsystem
AT nugrohofifin securityarchitectureforsecuretraincontrolandmonitoringsystem
AT fakhrudinanang securityarchitectureforsecuretraincontrolandmonitoringsystem
AT itqonmuammar securityarchitectureforsecuretraincontrolandmonitoringsystem
AT febriantamochamadyudha securityarchitectureforsecuretraincontrolandmonitoringsystem
AT widiyanestisri securityarchitectureforsecuretraincontrolandmonitoringsystem
AT mentarifussy securityarchitectureforsecuretraincontrolandmonitoringsystem
AT gozalialfianakbar securityarchitectureforsecuretraincontrolandmonitoringsystem
AT romadhonyade securityarchitectureforsecuretraincontrolandmonitoringsystem

Ejemplares similares