基于以太网的列车通信网络安全脆弱性定性分析

岳川; 王立德; 申萍; 朵瑞峰; 王登锐

doi:10.13890/j.issn.1000-128X.2022.04.007

您当前的位置：

首页 >

文章列表页 >

基于以太网的列车通信网络安全脆弱性定性分析

电力牵引与控制 | 更新时间：2024-08-02

- 基于以太网的列车通信网络安全脆弱性定性分析
- Qualitative analysis of cyber security vulnerability for Ethernet-based train communication network
- 机车电传动 2022年第4期页码：45-54
- 作者机构：
  
  北京交通大学电气工程学院，北京　100044
- 作者简介：
  
  岳　川（1993—），男，博士，研究方向为列车通信网络入侵检测；E-mail: 16117394@bjtu.edu.cn
- 基金信息：
  
  中国国家铁路集团有限公司科技研究开发计划重点课题(N2020J007)
- DOI：10.13890/j.issn.1000-128X.2022.04.007
  中图分类号： U285.8
- 纸质出版日期：2022-07-10，
  
  收稿日期：2021-07-06，
  
  修回日期：2022-04-16，
- 稿件说明：
扫描看全文
岳川, 王立德, 申萍, 等. 基于以太网的列车通信网络安全脆弱性定性分析[J]. 机车电传动, 2022,(4):45-54.

YUE Chuan, WANG Lide, SHEN Ping, et al. Qualitative analysis of cyber security vulnerability for Ethernet-based train communication network[J]. Electric drive for locomotives, 2022,(4):45-54.
岳川, 王立德, 申萍, 等. 基于以太网的列车通信网络安全脆弱性定性分析[J]. 机车电传动, 2022,(4):45-54. DOI： 10.13890/j.issn.1000-128X.2022.04.007.

YUE Chuan, WANG Lide, SHEN Ping, et al. Qualitative analysis of cyber security vulnerability for Ethernet-based train communication network[J]. Electric drive for locomotives, 2022,(4):45-54. DOI： 10.13890/j.issn.1000-128X.2022.04.007.

摘要

采用以太网技术的列车通信网络与外界信息环境的交互越来越多，这使其面临着严峻的网络安全威胁。目前国内外缺少对列车通信网络成体系的脆弱性定性分析，开展这项研究迫在眉睫。首先，从网络协议与网络设备2个角度出发，对列车通信网络的脆弱性进行宏观定性分析；其次，针对列车通信网络可能面临的潜在网络攻击，分析其攻击主体、攻击途径以及攻击行为；最后，设计建立列车通信网络模拟攻击测试平台，模拟测试几类主要攻击，测试结果表明这些攻击所指向的脆弱问题在列车通信网络中实际存在，且易于被利用。

Abstract

Interactions between the Ethernet-based train communication network (ETCN) and the outside information environment are increasing rapidly

which means that ETCN is facing severe cyber security threats. There is no systematic and macroscopic qualitative analysis of the vulnerability of ETCN at home and abroad

therefore it is urgent to analyze its security vulnerability. Firstly

from the perspective of network protocols and network devices

a macroscopic qualitative analysis of the vulnerabilities of ETCN were carried out. Secondly

potential attacks against ETCN were analyzed through the subjects

routes

and behaviors of attacks. At last

an ETCN attack testbed was built to conduct experiments on several kinds of primary attacks. Experimental results indicate that the vulnerabilities exploited by these attacks exist in ETCN and are easy to be compromised.

关键词

列车通信网络工业以太网网络攻击安全脆弱性分析信息物理系统

Keywords

train communication networkindustrial Ethernetnetwork attacksecurity vulnerability analysiscyber-physical system

references

简捷. 基于以太网的列车通信网络多业务调度优化策略研究[D]. 北京: 北京交通大学, 2020.

JIAN Jie. Optimization strategy of multi-service schedule in Ethernet-based train communication networks[D]. Beijing: Beijing Jiaotong University, 2020.

WU Dazhong, REN Anqi, ZHANG Wenhui, et al. Cybersecurity for digital manufacturing[J]. Journal of Manufacturing Systems, 2018, 48 Part C: 3-12.

宋守信,许葭,陈明利, 等. 脆弱性特征要素递次演化分析与评价方法研究[J]. 北京交通大学学报(社会科学版), 2017, 16(2): 57-65.

SONG Shouxin, XU Jia, CHEN Mingli, et al. The mechanism and evaluation of vulnerability factors’ progressive growth[J]. Journal of Beijing Jiaotong University (Social Sciences Edition), 2017, 16(2): 57-65.

PAUL A, SCHUSTER F, KÖNIG H. Towards the protection of industrial control systems － conclusions of a vulnerability analysis of profinet IO[C]//Springer. International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Heidelberg: Springer, 2013: 160-176.

兰丽, 张友鹏. 基于随机Petri网的铁路时间同步网协议脆弱性分析[J]. 铁道学报, 2017, 39(8): 85-92.

LAN Li, ZHANG Youpeng. Vulnerability analysis of railway time synchronization network protocol based on stochastic Petri net[J]. Journal of the China Railway Society, 2017, 39(8): 85-92.

王轶楠. 电力信息物理系统建模及网络攻击环境下的脆弱性研究[D]. 杭州: 浙江大学, 2019.

WANG Yinan. Modeling technique and vulnerability assessment of electrical cyber physical systems considering cyber attacks[D]. Hangzhou: Zhejiang University, 2019.

李洁, 饶东, 张文彬. 北京大兴机场线电动客车以太网网络控制与诊断系统[J]. 铁道机车车辆, 2019, 39(6): 106-110.

LI Jie, RAO Dong, ZHANG Wenbin. Train control and monitor system of electric train for Beijing Daxing airport express[J]. Railway Locomotive & Car, 2019, 39(6): 106-110.

陈泰夫, 宁振钧, 李思源. 信息交互式列车骨干以太网链路管理的实现[J]. 电力机车与城轨车辆, 2020, 43(5): 39-44.

CHEN Taifu, NING Zhenjun, LI Siyuan. Implementation of link management for Ethernet train backbone network based on information exchange[J]. Electric Locomotives & Mass Transit Vehicles, 2020, 43(5): 39-44.

王中尧. 京张高铁智能动车组PHM系统以太网传输规范[J]. 轨道交通装备与技术, 2020(1): 56-59.

WANG Zhongyao. Ethernet transmission specification for PHM system of intelligent EMUs for Beijing-Zhangjiakou line[J]. Rail Transportation Equipment and Technology, 2020(1): 56-59.

刘长青, 王雷. 400 km/h跨国互联互通高速动车组[J]. 机车电传动, 2020(2): 1-6.

LIU Changqing, WANG Lei. 400 km/h transnational interconnection high-speed EMU[J]. Electric Drive for Locomotives, 2020(2): 1-6.

IEC. Electronic railway equipment-train communication network (TCN)-part 1: general architecture: IEC 61375-1: 2012[S]. British: British Standards Institution, 2012.

周诚, 李伟伟, 莫璇, 等. 一种网络安全脆弱性评估方法[J]. 江苏大学学报(自然科学版), 2017, 38(1): 68-77.

ZHOU Cheng, LI Weiwei, MO Xuan, et al. An assessment method of network security vulnerability[J]. Journal of

Jiangsu University (Natural Science Edition), 2017, 38(1): 68-77.

IEC. Electronic railway equipment-train communication network (TCN)-part 2-5: Ethernet train backbone: IEC 61375-2-5: 2014[S]. British: British Standards Institution, 2014.

鲜明,包卫东,王永杰, 等. 网络攻击效果评估导论[M]. 长沙: 国防科技大学出版社, 2007: 7-16.

XIAN Ming, BAO Weidong, WANG Yongjie, et al. Introduction to effect evaluation of network attacks[M]. Changsha: National University of Defense Technology Press, 2007: 7-16.

浏览量

下载量

CSCD

CNKI被引量

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向列车通信网络的轻量化加密方案

列车通信网络安全现状分析及应对方案研究

基于以太网列车通信网的交换机测试方法

高速列车总线式与交换式网络控制系统重联设计

基于云模型和组合赋权法的列车通信网络性能评估