Rule-based anomaly detection for railway signalling networks
We propose a rule-based anomaly detection system for railway signalling that mitigates
attacks by a Dolev-Yao attacker who is able to inject control commands to perform semantic
attacks by issuing licit but mistimed control messages. The system as well mitigates the
effects of a signal box compromised by an attacker with the same effect. We consider an
attacker that could cause train derailments and collisions, if our countermeasure is not
employed. We apply safety principles of railway operation to create a distributed anomaly …
attacks by a Dolev-Yao attacker who is able to inject control commands to perform semantic
attacks by issuing licit but mistimed control messages. The system as well mitigates the
effects of a signal box compromised by an attacker with the same effect. We consider an
attacker that could cause train derailments and collisions, if our countermeasure is not
employed. We apply safety principles of railway operation to create a distributed anomaly …