Hardware-based Safety Platform for Railroad Control and Safety Technology

Information technology (IT) is increasingly being used to introduce new functionalities and increase process efficiency in rail facilities. However, as a result of the digitization of rail infrastructure and the networking of control and safety technology, the risk of IT attacks is also increasing. Since rail facilities are also part of Germany’s critical infrastructures, they are accordingly heavily regulated by the IT Security Act. This digital transformation of the railroad leads to new demands on IT-based systems in the railroad sector and requires new IT security solutions.

The aim of the HASELNUSS research project is to develop a hardware-based security platform for control and safety technology that is adapted to the specific requirements of railroads and provides necessary IT security functions without affecting safety. The platform offers measures to ensure system integrity and provides the basis for secure networking of the railroad infrastructure.

The HASELNUSS architecture is based on a latest generation hardware security module, the “Trusted Platform Module (TPM) 2.0”, which serves as a security anchor, and the microkernel-based operating system PikeOS, which allows secure coexistence of critical and non-critical applications and is easy to verify. On this basis, services for secure patch and update management, health monitoring, anomaly and attack detection will be implemented.

The developed security platform will then be implemented in demonstrators and tested in practice at the DB Netz AG test center and at the Darmstadt railroad operations field.

For more information please visit haselnuss-projekt.de.

FYI: HASELNUSS is the german word for HAZELNUT