Security of Communication-Based Train Control Systems
Loading...
Authors
Fakhereldine, Amin
Date
2025-01-28
Type
thesis
Language
eng
Keyword
Communication security , CBTC systems , Connected transportation , Cybersecurity , Machine learning , Reinforcement learning , Blockchain , Intrusion detection , Security control strategy , Key management system
Alternative Title
Abstract
Communication-Based Train Control (CBTC) systems are automatic train control systems that rely on bidirectional communications between trains and wayside units to exchange train status information and operational commands. Introducing wireless technologies changed train control systems to cyber-physical systems vulnerable to cyber attacks. Therefore, it is crucial to protect the security of CBTC systems. This thesis provides a comprehensive solution to secure CBTC communications. Its contributions represent solutions to detect attacks, mitigate their impacts, and securely manage communication session keys. It offers TrainSec, an open-source simulation framework for CBTC networks. TrainSec implements the functional requirements defined in IEEE 1474.1, the standard for CBTC performance and functional requirements. CBTCset is an open-source dataset, provided to detect misbehavior attacks in CBTC networks. The thesis then presents Train-CaDet, a novel context-aware framework for intrusion detection systems (IDSs) that use machine learning (ML) to detect attacks on train-to-wayside (T2W) communications. It facilitates the development of adaptive ML-based IDSs responsive to changes in the dynamic environmental context. The experimental results show that context awareness improves detection performance by increasing accuracy and decreasing false positive rates. Furthermore, deploying train-to-train (T2T) communication links besides T2W links reduces the latency and end-to-end delays of CBTC communications. The security of T2T-CBTC systems is addressed by presenting two resilient control strategies that mitigate the impacts of jamming attacks on their communications. The strategies are based on multi-agent deep reinforcement learning and contribute to achieving convergence and reaching a stable state faster than existing strategies. Train-DGKMS is a decentralized group key management system (DGKMS) proposed to manage group session keys for virtually-coupled train sets. It uses blockchain with smart contracts to ensure tamper-proof and automatic management of group session keys. The experimental results show that Train-DGKMS reduces the communication and computation overhead and the gas costs of smart contract functions compared to existing works in the literature.
Description
Citation
Publisher
License
Queen's University's Thesis/Dissertation Non-Exclusive License for Deposit to QSpace and Library and Archives Canada
ProQuest PhD and Master's Theses International Dissemination Agreement
Intellectual Property Guidelines at Queen's University
Copying and Preserving Your Thesis
This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.
Attribution-NonCommercial-NoDerivatives 4.0 International
ProQuest PhD and Master's Theses International Dissemination Agreement
Intellectual Property Guidelines at Queen's University
Copying and Preserving Your Thesis
This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.
Attribution-NonCommercial-NoDerivatives 4.0 International