Experiences from testing security solutions in the railway use-case

Slides:

Advertisements

Similar presentations

ELOC Bank Table Top Exercise Executive Leadership of Cybersecurity Austin, TX December 3,

Advertisements

David A. Brown Chief Information Security Officer State of Ohio

Greg Pierce| Concerto Cloud Services Which Cloud is Right for Microsoft CRM?

Optimizing Your Clarity Support Team.

Report on the Benchmarking Study Evaluation 2006 Margarita Moreno, Manager Document Supply Service National Library of Australia.

Networks ∙ Services ∙ People Mandeep Saini TF-MSP, Espoo, Finland Service Delivery and Adoption 10 th Sep 2015 Task Leader, GN4-1 SA7 T3.

© Siemens AG All rights reserved. openlab III Board of Sponsors 3-4 May 2011 at CERN Joint Report Siemens - CERN.

Don’t Customize, Just Personalize! Jan 17, 2008 Prabhakar Pooskur Dharmang Purohit.

Welcome to Hosted VoIP Eric Thomas Founder & CEO, FreedomVOICE Systems. Creators of FreedomIQ Hosted VoIP PBX. Over twelve years experience as a leading.

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.

1 Executive Leadership of Cybersecurity Austin, TX December 3, 2014 ELOC Bank Table Top Exercise.

Information Security: Model, Process and Outputs Presentation to PRIA WG November 10, 2006.

Managed Support CSM Event – 1 st June Steven Grier Premier Support Manager Premier Support.

Cognitive & Organizational Challenges of Big Data in Cyber Defence. YALAVARTHI ANUSHA 1.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

Networks ∙ Services ∙ People Sonja Filiposka, Yuri Demchenko, Tasos Karaliotas, Migiel de Vos, Damir Regvart TNC 2016 DISTRIBUTED CLOUD SERVICES.

Critical Situation Management, Inc. Automating Response Processes with 4 command ™

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement n° iGrid Aron Kondoro.

Delivering a Modern IT Infrastructure Experience for our Customers

Chapter 1 Computer Technology: Your Need to Know

Enterprise Service Bus

TOPdesk Service Management Software on Azure

Oracle BI Tools on the Cloud--On Premise vs. Hosted vs. Oracle Cloud

Horizon 2020 – R&D Opportunities

Phare EIONET Centralised Training Session

ADVANCED RESEARCH WORKSHOP Azores, 28th June 2016

Integrated Management System and Certification

Catalogue of Services for Research: Requirements survey

Bringing EU Cybersecurity & privacy research results closer to the market Cybersecurity.

Robert Szuman – Poznań Supercomputing and Networking Center, Poland

IT Service Operation - purpose, function and processes

INFORMATION & PUBLICITY REQUIREMENTS

Critical Infrastructure Protection Policy Priorities

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Task 1 Activities Achievements Pictures

Use Case: The GEO-Wetlands Community Portal

Hyper-V Cloud Proof of Concept Kickoff Meeting <Customer Name>

Dr Paul Lewis Chief Technology Officer

IBM Start Now Host Integration Solutions

XML Based Interoperability Components

Logsign All-In-One Security Information and Event Management (SIEM) Solution Built on Azure Improves Security & Business Continuity MICROSOFT AZURE APP.

SharePoint Administrative Communications Planning: Dynamic User Notifications for Upgrades, Migrations, Testing, … Presented by Robert Freeman (

Seamless Office Migrations with Add-ins and Macros

CRM 2016 Solutions and Package Deployer

Ilias Spais AEGIS IT RESEARCH LTD H2020 Project Clustering Workshop

Interactive tools for large-scale social surveys

Welcome from the Careers Service

US Cluster Visit Booklet

Anja Burghardt, Institute for Employment Research (IAB)

Role Models and Lifecycles in IoT and their Impact on the W3C WoT Thing Description Michele Blank.

"Cloud services" - what it is.

Chapter 7 –Implementation Issues

CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018

Nero Blanco Service Offering – Disaster Recovery as a Service

Increase and Improve your PC management with Windows Intune

Denial-of-Service Jammer Detector Training Course Worldsensing

Security for Safety: Enabling Digitalization of Railway Systems

CIPSEC Framework components: XL-SIEM

The Antimalware component: Bitdefender Gravity Zone

CIPSEC Future Activities

ESA's TEC Directorate Asset Management - Present and Future

Matteo Merialdo RHEA Group Innovative aspects in cyber range solutions.

their business through new product lines

Welcome from the Careers Service

Digital Forensics via AEGIS Visualization toolkit 16/10/2018

In-house Developed Library Solutions

WP6 – EOSC integration J-F. Perrin (ILL) 15th Jan 2019

Network Services Evolution and Development

Closing event 16th July 2019 Technical Assistance for Establishing the Institutional Framework for the Implementation of AIS/AES Project funded by the.

Network Services Evolution and Development

Presentation transcript:

Experiences from testing security solutions in the railway use-case CIPSEC workshop Frankfurt am Main, 16.10.2018 Dominik Renkel, DB Netz AG Christian Schlehuber, DB Netz AG heard a lot about the different solutions No lets talk about experiences made by testing the solutions in the railway testing facility The research leading to these results has received funding from the European Union’s Horizon 2020 Research and Innovation Programme, under Grant Agreement no 700378.

CIPSEC Security Framework Application (D3.1) Architecture below = digital interlocking system Layer are described in the CIPSEC framework architecture CIPSEC Workshop Frankfurt 16/10/2018 2

CIPSEC Deployment (@ Testing Facilities) Eisenbahnbetriebsfeld Darmstadt Tools are deployed Communications are working Events are generated and are received by the XL-SIEM solution Alerts are raised and visualized in the CIPSEC Dashboard CIPSEC Workshop Frankfurt 16/10/2018 3

Work ongoing Tests to be performed Successful Services to face the new challenges CIPSEC will provide solutions Staff Training and Awareness Is our staff capable to understand cyber security? Forensic Analysis Analysis vs. Fast Recovery Detection/Locating of Denial of Service Attacks Future railway operation will rely heavily on GSM-R Work ongoing Tests to be performed Successful Forensic Analysis: Add specific dashboard for RaSTA communication WOS DoS Sensing: Test performed and CIPSEC framework noticed and presented Alert CIPSEC Workshop Frankfurt 16/10/2018 4

CI Requirements vs. Current Status Some findings: Some solutions had few possibilities for own configuration CI operators require the possibility to adapt solutions to their needs (e.g. disable certain functionalities) SSH configuration by supplier is required In general no uncontrolled access is granted to a supplier to a productive environment; also not possible due to missing Internet link Implementation should be performable by a normal user and not only an expert  automated installation would be beneficial see above point, besides the maintenance personnel of CI may not be able to perform complex setup procedures CIPSEC will offer consulting services & in-house assistance  Minor issue Usage of update and patching service SSH in operative environment not needed anymore  Major issue CIPSEC easy to deply -> commercial of the shelf CIPSEC core easy to install and deploy CIPSEC services Update and patching In-house assistance  Minor issue CIPSEC Workshop Frankfurt 16/10/2018 5

Thanks for your attention! Questions? Contact: Christian Schlehuber / Dominik Renkel DB Netz AG christian.schlehuber@deutschebahn.com www.cipsec.eu @CIPSECproject https://www.linkedin.com/in/cipsec-project/ https://www.youtube.com/channel/UCekxicSFAwZdIPAV3iLHttg CIPSEC Workshop Frankfurt 16/10/2018