Categorie Filter

Actual Themes

Cyber Security Competence Center – review and outlook

For one and a half years now, the Knorr-Bremse Rail Division has been operating a Center of Competence at Selectron for the cybersecurity of its controllers, many variants of which are used in trains. So, it is high time for a short review of what has been achieved and a look at the future goals.


Governance, risk management and compliance
Governance, risk management and compliance are the main tasks of the Center of Competence. Primarily, these are tasks relating to management, setting targets and planning the implementation of cybersecurity.

The first priority was therefore to define an organization within the group, both for the processes and the structure of the teams working on cybersecurity. This organization has now been put in place. In addition to the Center of Competence at Selectron in Lyss, the roles of Cyber Security Manager and Cyber Security Engineer have been established for each global business unit. Since each business unit is responsible for the business with its systems worldwide and these systems have very different structures, it makes sense to plan these roles for each business unit separately.

The Center of Competence will thus remain a small team with the task of developing the strategy and overall architecture, while it is the function of the business unit to implement these under its own responsibility and adapted to its business environment.


Cybersecurity strategy
As an important guiding principle, Knorr-Bremse has set itself the target of orienting itself to the IEC 62443 standard. At the same time, Selectron is working within CENELEC on the development of a technical specification for the rail industry – the TS 50701 – which is closely based on the IEC 62443.


Cyber Security Competence Center – review and outlookzoom

This is always centered on the risk-oriented approach. This means that, first of all, a risk analysis is undertaken to determine and assess the possible risks of a cyber attack for each system or component. This analysis can then be used to derive specific requirements for the hardware and software of the devices, which can be implemented by developers.

 


The second important approach is to plan and introduce or enable the necessary security measures throughout the entire lifecycle of a system. Cybersecurity should be considered even during the product design and should be built in from the beginning; however, the built-in measures must also be validated and verified. "Has the planned protection been built in correctly and is it fulfilling its purpose?" are important questions that are often investigated by specialists using "hacking methods."

This requires engineers to think about possible attacks during the development of the software and prevent their code from creating dangerous vulnerabilities – to this end, the Center of Competence has conducted specialized training courses to provide software developers with highly practical training.

But even during the system operation on the train, the operator must at least be able to rely on the components and systems to collect information, to register possible attacks or dangers and to make this information available. This requirement for real-time threat detection during operation is necessary because clever minds are developing new potential lines of attack every day. Security must therefore be constantly improved through a continuous process because the attackers are also evolving every day.


Security architecture

The security architecture can be compared to a solution construction plan. The construction plan is intended to ensure that when various products and systems are combined, the security features of all systems fit harmoniously together like an orchestra. As a comparison, imagine a kitchen in which appliances from various manufacturers are to be installed in a basic framework of kitchen furniture. This is possible without any problems because the standard dimensions of the units are fixed, so every customer can choose the appliances freely and is sure that they will fit in without any problems.

Security architecture is pursuing a similar goal. There are certain basic measures for which it is necessary to use common standards or even solutions so that everything fits together in the end. At the same time, however, the business units should have maximum flexibility when it comes to determining the specific solution for their devices themselves.


Trusted Platform Module (TPM)
The Trusted Platform Module (TPM) is an important architectural element. The TPM is a small hardware chip that can be built into a device; the chip is standardized in terms of its functionality. It offers functions for encrypting information (e.g., passwords), generating random passwords (or keys) or securely storing information in a protected memory. Because all this takes place within protected hardware, such information cannot be stolen or altered. The identity of a device can also be stored on such a chip in a manner that is protected against falsification; it can be thought of as an identity card that uniquely identifies each device. This unique identification is an important basis for any protection – because only things that are known can be protected.


Public Key Infrastructure (PKI)
Another important architectural element known as “PKI” is used for the automated identity management of the devices. This is a cloud service that can confirm and manage identities with what are referred to as security certificates. Confirmation is provided by a digital signature that clearly identifies the Knorr-Bremse Group as the manufacturer and issuer of the certificate.

The same PKI service can also be used for other protection mechanisms; for example, a new software version can also be provided with a forgery-proof identity. The recipient of the software can then confirm that the software is original and has not been modified. Already when a device is switched on, it is possible to determine whether anything has been changed in the software or hardware of the device since the last time it was switched on.

Other measures of this kind are made possible by a PKI – showing why this is such an important element of the architecture. The Center of Competence in Lyss is currently setting up the Knorr-Bremse PKI. It will be tested from June to September 2020 and, from autumn onwards, it will be available for productive use by all software developers and interested customers.

 

Subject to technical changes and amendments to technical specifications at any time.

 
worldwide references selectron

Selectron Systems AG - Bernstrasse 70 - 3250 Lyss/Schweiz     
T +41 32 387 61 61 - info@selectron.ch