EP3515785A1 - Procédé de fonctionnement d'un système ferroviaire et véhicule d'un système ferroviaire - Google Patents
Procédé de fonctionnement d'un système ferroviaire et véhicule d'un système ferroviaireInfo
- Publication number
- EP3515785A1 EP3515785A1 EP17800401.6A EP17800401A EP3515785A1 EP 3515785 A1 EP3515785 A1 EP 3515785A1 EP 17800401 A EP17800401 A EP 17800401A EP 3515785 A1 EP3515785 A1 EP 3515785A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- vehicle
- trackside
- cryptographic data
- railway system
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 56
- 230000006854 communication Effects 0.000 claims abstract description 93
- 238000004891 communication Methods 0.000 claims abstract description 92
- 230000005540 biological transmission Effects 0.000 claims description 46
- 238000012545 processing Methods 0.000 claims description 4
- 240000007124 Brassica oleracea Species 0.000 claims 1
- 235000003899 Brassica oleracea var acephala Nutrition 0.000 claims 1
- 235000012905 Brassica oleracea var viridis Nutrition 0.000 claims 1
- 238000007726 management method Methods 0.000 description 11
- 238000011161 development Methods 0.000 description 8
- 230000018109 developmental process Effects 0.000 description 8
- 238000012423 maintenance Methods 0.000 description 7
- 230000011664 signaling Effects 0.000 description 7
- 230000008901 benefit Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 6
- 238000012546 transfer Methods 0.000 description 6
- 230000032258 transport Effects 0.000 description 5
- XEEYBQQBJWHFJM-UHFFFAOYSA-N Iron Chemical compound [Fe] XEEYBQQBJWHFJM-UHFFFAOYSA-N 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000013459 approach Methods 0.000 description 2
- 150000001768 cations Chemical class 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 229910052742 iron Inorganic materials 0.000 description 2
- 239000002609 medium Substances 0.000 description 2
- 108090000623 proteins and genes Proteins 0.000 description 2
- 229910052684 Cerium Inorganic materials 0.000 description 1
- 150000000703 Cerium Chemical class 0.000 description 1
- 206010073261 Ovarian theca cell tumour Diseases 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 235000013405 beer Nutrition 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 150000001875 compounds Chemical class 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 230000008021 deposition Effects 0.000 description 1
- 230000032050 esterification Effects 0.000 description 1
- 238000005886 esterification reaction Methods 0.000 description 1
- 230000003137 locomotive effect Effects 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 210000004072 lung Anatomy 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000000746 purification Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000008054 signal transmission Effects 0.000 description 1
- 230000002123 temporal effect Effects 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
- 239000006163 transport media Substances 0.000 description 1
- 238000012384 transportation and delivery Methods 0.000 description 1
Classifications
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B61—RAILWAYS
- B61L—GUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
- B61L3/00—Devices along the route for controlling devices on the vehicle or train, e.g. to release brake or to operate a warning signal
- B61L3/02—Devices along the route for controlling devices on the vehicle or train, e.g. to release brake or to operate a warning signal at selected places along the route, e.g. intermittent control simultaneous mechanical and electrical control
- B61L3/08—Devices along the route for controlling devices on the vehicle or train, e.g. to release brake or to operate a warning signal at selected places along the route, e.g. intermittent control simultaneous mechanical and electrical control controlling electrically
- B61L3/12—Devices along the route for controlling devices on the vehicle or train, e.g. to release brake or to operate a warning signal at selected places along the route, e.g. intermittent control simultaneous mechanical and electrical control controlling electrically using magnetic or electrostatic induction; using radio waves
- B61L3/125—Devices along the route for controlling devices on the vehicle or train, e.g. to release brake or to operate a warning signal at selected places along the route, e.g. intermittent control simultaneous mechanical and electrical control controlling electrically using magnetic or electrostatic induction; using radio waves using short-range radio transmission
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B61—RAILWAYS
- B61L—GUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
- B61L15/00—Indicators provided on the vehicle or train for signalling purposes
- B61L15/0018—Communication with or on the vehicle or train
- B61L15/0027—Radio-based, e.g. using GSM-R
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B61—RAILWAYS
- B61L—GUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
- B61L15/00—Indicators provided on the vehicle or train for signalling purposes
- B61L15/0072—On-board train data handling
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B61—RAILWAYS
- B61L—GUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
- B61L23/00—Control, warning or like safety means along the route or between vehicles or trains
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B61—RAILWAYS
- B61L—GUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
- B61L27/00—Central railway traffic control systems; Trackside control; Communication systems specially adapted therefor
- B61L27/40—Handling position reports or trackside vehicle data
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B61—RAILWAYS
- B61L—GUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
- B61L27/00—Central railway traffic control systems; Trackside control; Communication systems specially adapted therefor
- B61L27/50—Trackside diagnosis or maintenance, e.g. software upgrades
- B61L27/53—Trackside diagnosis or maintenance, e.g. software upgrades for trackside elements or systems, e.g. trackside supervision of trackside control system conditions
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B61—RAILWAYS
- B61L—GUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
- B61L27/00—Central railway traffic control systems; Trackside control; Communication systems specially adapted therefor
- B61L27/70—Details of trackside communication
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B61—RAILWAYS
- B61L—GUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
- B61L2205/00—Communication or navigation systems for railway traffic
Definitions
- the present invention has for its object to provide a method for operating a railway system, which allows in the case of a lack of communication connection, a transmission of cryptographic data to trackside facilities of the railway system in a low-effort way and Wei ⁇ se.
- This object is achieved by a method for operating a railway system, wherein cryptographic data comprising at least one key and / or at least one digital certificate are stored in a storage device of a vehicle of the railway system and the vehicle, if this in the context of a Movement in communication range to at least one track-side device deters the cryptographic data to the at least one trackside facility of the rail system.
- cryptographic data comprising at least one key and / or at least one digital certificate are thus stored in a storage device of a vehicle of the railroad system.
- a storage device of a vehicle of the railroad system This ⁇ be indicated that the appropriate cryptographic data are stored in the storage device of the vehicle.
- the storage device it is also possible for the storage device to be connected merely to the communication technology to a corresponding control device of the vehicle.
- the vehicle transmits the cryptographic data to at least one trackside device of the railroad system when it is in the course of a journey in communication range to at least one trackside device.
- the vehicle is therefore to the effect with respect to the cryptographic data as a transport means that transports the cryptographic data or the SpeI ⁇ cher worn in which the cryptographic data is stored at a location that onsheimweite in communication to the respective at least one trackside side facility is located.
- the cryptographic data when the vehicle has to reach at least part of its travel, the communication range of a trackside device or is present within the communication range, the received at least one trackside means of Eisenbahnsys ⁇ tems.
- the transmission of kryp ⁇ tographischen data from the vehicle to the at least one wayside device is preferably done so that an additional drive is solely for the transport of the memory device or transmitting the cryptographic data avoided as part of a re ⁇ guldid travel of the vehicle.
- the inventive method is advantageous because it thereof, a low-complexity and thus cost-effective connection arranged also to ent ⁇ superior locations trackside equipment of a rail system to a central facility to the effect enables that by means of a vehicle of the egg ⁇ senbahnsystems cryptographic data from the central A ⁇ direction or Central to be sent to the respective track ⁇ side device.
- the SpeI ⁇ cher worn is transported to a place generating the cryptographic data from the vehicle, of which is a track-side device at least in the transfer ⁇ range.
- the cryptographic data then becomes available from the vehicle which transmits at least one trackside facility.
- the vehicle may be a vehicle of any type. This includes in particular vehicles in the form of locomotives,
- the cryptographic data is transmitted by the vehicle wirelessly, in particular radio-based, to the at least one trackside device.
- wireless and “radio-based” are to be understood hen ⁇ hen that at least a portion of a communication connection between the vehicle and the at least one trackside device is realized accordingly.
- this is in particular an outbound from the vehicle path or leg of a Medunikationsver ⁇ bond with the at least relate to a trackside equipment.
- the wireless transmission of the cryptographic data from the vehicle to the at least one track-side device may in principle, in addition to a radio-based transmission, for example also be a transmission with optical means.
- the rails could be used as a transport medium, in which case, at least the section between the vehicle and the rails would be wireless. Due to their particular robustness and often already given However, availability will usually be preferable to radio-based transmission of the cryptographic data. It is sufficient if the radio system used allows transmission or transmission over short to medium distances, ie, for example, a few hundred meters. Of importance here is only that the transmission range is sufficiently dimensioned to ensure reliable transmission of the cryptographic data from the vehicle to the at least one trackside device of the railway system.
- the inventive method can also be configured such that the cryptographic data from a central facility of a public-key infrastructure of the railway system to the vehicle übermit ⁇ and stored by the vehicle in the storage device.
- a central device can be a component in the form of a cerium ⁇ tauthorisedsstelle or a registration authority, for example.
- the term "central" device in contrast to the at least one trackside device is to be understood such that the central facility of the public-key infrastructure of the rail system is connected to a central communication infrastructure of the railway system ⁇ while this for the at least one trackside device is precisely not the case.
- the transmission of the cryptographic data from the device is advantageously carried out also wirelessly to the vehicle, ie in particular funkba ⁇ Siert. this is thus also in relation to the deposition of the cryptographic data in the storage device, an automated, computer-controlled sequence supports or guarantees.
- the inventive method can also be developed such that the vehicle additional information is provided that at least one of the following Kenn ⁇ sizes include: identity of at least one strackenseiti ⁇ gen device, communication address of at least one trackside equipment, the location of the at least one trackside equipment, size of the communication range, location of a respective route to or from the kryptog ⁇ raphischen data from the vehicle to the at least one stre- cken skille means are to be transmitted.
- This embodiment of the method according to the invention has the advantage that said additional information is suitable for ensuring reliable or smooth transmission of the cryptographic data from the vehicle to the at least one trackside device.
- the parameters in question relate in particular to such information, which with the at least allow the vehicle the structure of a communica tion link ⁇ a trackside device or facilitate or inform the vehicle about where the at least one track-side device is arranged.
- a targeted communication between the vehicle and the at least one trackside device is thus made possible.
- the at least one track-side device to which the cryptographic data is transmitted, to act directly around the component for which the cryptographic data are intended.
- no washervertei ⁇ lung or forwarding the cryptographic data is thus trackside required.
- a local administration device of the railroad system is used as the trackside device, and the cryptographic data is distributed by the local management device to at least one further local component of the railroad system.
- this provides the advantage that in the event that the kryp ⁇ tographischen data for a plurality of determined components, the cryptographic data from the vehicle le- must be transmitted to the trackside facility in the form of the local administrative facility of the railway system, thus avoiding communication of the vehicle with a plurality of trackside components.
- the local manager of the railway system may, for example, be a local Regis Trie ⁇ development agency or a local certification body of a pub lic key infrastructure that manages one or more other local components of the rail system as in terms of a distribution of digital certificates.
- the other local components can be designed, for example, as signal-technical safety devices, ie, for example, as element controllers.
- the cryptographic data may be transmitted by the latter to the at least one trackside device during standstill of the vehicle.
- Such an approach may be appropriate, for example when in the vicinity of the at least one trackside equipment in any case a stop of the vehicle is required relationship ⁇ example, carried out. This may be the case, for example, when the trackside facility is in the area of an evasion track and must hold the vehicle at that location anyway to let an oncoming vehicle pass.
- the cryptographic data is transmitted from the vehicle while driving to the at least one trackside device.
- ⁇ which the cryptographic data thus during the passage of the vehicle on which at least transmits a trackside equipment to this.
- the corresponding transmission is thus preferably carried out while the vehicle and the at least one ne trackside device while driving past the vehicle in communication range to each other, without the vehicle is braked or stopped for this purpose.
- the inventive method can also be configured such that the cryptographic data is encrypted or otherwise transmitted securely from the vehicle to the at least one trackside device. This ensures that also the
- the inventive method can also be configured so that up-holding vehicle to be from trackside means or the at least one of the trackside equipment data to the vehicle or another at any given time within the communication range transmitted, the transmitted Since ⁇ th in the storage means filed of the vehicle in question and be forwarded by the vehicle in question outside the Komu ⁇ tion range of at least one trackside direction ⁇ a device to a central facility of the railway system.
- the method according to the invention can therefore also be developed in such a way that data are transmitted from the trackside device or at least one of the trackside devices to a central facility of the railroad system by means of the vehicle.
- the relevant data from the respective track-side device to the vehicle or to another will be received at the appropriate time within the communication range ⁇ aufhaltendes vehicle and from this forwarded outside the communication range of the at least one trackside device to the central facility of the railway system.
- the transmission of the data from the respective trackside device to the vehicle on the one hand in the temporal context with the transmission of the cryptographic data from the vehicle to the at least one trackside device done.
- ⁇ is also the possibility that the data from the trackside equipment temporally decoupled from the transmission of cryptographic data to the vehicle or the other is transmitted to the given time in the Empfangsbe ⁇ rich delaying vehicle. Regardless of the time of transmission of the data, these may be data or information of any kind. This includes both additional cryptographic data or standing in connection with cryptographic methods data and recorded diagnostic data or security-relevant events in question ⁇ notes or messages.
- methods with a plurality of communication steps are realized by means of at least one further trip of the vehicle or at least one further vehicle.
- This means that even more complex methods or communication processes for example in the form of "handshake” methods, for example according to the "Certificate Management Protocol” (CMP), can be implemented using vehicles for the purpose of transmitting the relevant data or messages. This can be done by means of journeys so ⁇ probably the same vehicle as well as by driving different vehicles.
- CMP Certificate Management Protocol
- the invention further relates to a vehicle of an iron ⁇ rail system.
- vehicle of the present invention is based on the object of specifying a vehicle of a railway system to ⁇ that enables transmission of cryptographic data to trackside of the rail system in the event of a lack of communication connection to aufwandsar- me manner.
- a vehicle of a railway system are stored to a storage device in which cryptographic data, the at least one key and / or at least a digital certificate umfas ⁇ sen, control means for detecting that the vehicle is in a drive in communication range to at least one trackside device of the railroad system, and a communication device for transmitting the cryptographic data to the at least one trackside device.
- the vehicle according to the invention can be designed such that the communication device is designed for wireless, in particular radio-based, transmission of the cryptographic data from the vehicle to the at least one trackside device.
- the invention further comprises a railway system with at least one vehicle according to the invention or at least one vehicle according to the preferred development of the vehicle according to the invention and with a central device which is designed to transmit the cryptographic data to the vehicle, wherein the vehicle is designed, the Store cryptographic data in the storage device.
- the rail system according to the invention can also be further developed such that the rail system is formed ⁇ provide additional information to the vehicle, comprising at least one of the following characteristics: iden- tity of at least one trackside equipment, communication address of the at least one trackside equipment, point of at least a trackside equipment, size of the communication range, location of a gene jeweili ⁇ route to or from the cryptographic data from the vehicle to the at least one trackside a ⁇ direction are to be transmitted.
- the trackside facility is a local management facility of the railway system and the local management facility is designed to distribute the cryptographic data to at least one further local component of the railroad system.
- this is designed to carry out the method according to one of claims 5 to 9. The invention will be explained in more detail below with reference to exemplary embodiments. This shows
- FIG. 3 shows a third schematic diagram for He ⁇ purification of a further embodiment of the inventive method.
- FIG. 1 shows a first schematic diagram for explaining an embodiment of the inventive method an embodiment of the inventive egg senbahnsystems with an embodiment of the vehicle according to Inventive ⁇ .
- a railway system 10 which on the one hand comprises a central device 20, which may also be referred to as a central communication infrastructure or as a central office.
- the central device 20 comprises a central administration and / or control device 21, which serves to manage and / or control the railroad system 10.
- a registration authority 22 in English Registration Authority, RA for short
- a certification authority 23 in the English Certificate Authority, CA for short
- the registration authority 22 and the certification authority 23 together with optionally further components form the Public-key infrastructure, ie a system that can issue, distribute and audit digital certificates.
- the certificates issued within the public-key infrastructure are used within the railway system 10 to secure computer-aided communication.
- the central device 20 of the railway system 10 further comprises a central communication device 24, which provides or enables radio-based communication in the illustrated embodiment.
- the Kom ⁇ components 21, 22, 23 and 24 of the central device 20 of the rail system 10 are interconnected indirectly or UNMIT ⁇ telbar, wireless or wired communication technology connected.
- the railroad system 10 also includes a decentralized device 30 which, in the context of the exemplary embodiment described, comprises components which, with reference to a travel path 50, ie a track or rails, control or respectively monitor such a signal by way of signal transmission Encounters of vehicles on the route 50 are excluded or on the track 50 in the form of the single track encountering vehicles can pass each other at the escape point 51.
- a decentralized device 30 which, in the context of the exemplary embodiment described, comprises components which, with reference to a travel path 50, ie a track or rails, control or respectively monitor such a signal by way of signal transmission Encounters of vehicles on the route 50 are excluded or on the track 50 in the form of the single track encountering vehicles can pass each other at the escape point 51.
- the remote device 30 includes in the Darge ⁇ exemplary embodiment illustrated, a signal-based Siche ⁇ inference means 31, which is for example a signal and / or a switch may be controlled element controller to one, and a local managing means 32, for example, as a local Registration office or as a local certification body, ie
- the local management device 32 is connected to a remote communication ⁇ means 33 in the form of a radio transmission device and forms together therewith a trackside device 35th
- the decentralized device 30, which may also be referred to as an interlocking island , may have further components, which are not shown in FIG. 1 for reasons of clarity.
- the public-key infrastructure realizes an asymmetrical cryptosystem in which the respective transmitting unit requires the public key of the respective recipient for an encrypted transmission.
- the public-key infrastructure realizes an asymmetrical cryptosystem in which the respective transmitting unit requires the public key of the respective recipient for an encrypted transmission.
- the remote device 30 is disposed at a place that is far away from the central device 20 of the rail system 10 and to which there is no communica tion ⁇ compound.
- This may, for example, relate to the case of mine railways that operate in large, isolated areas whose communication technology development would cause disproportionately high costs for the purpose of connecting the decentralized device 30 to the central device 20 or which is impractical or possible for other reasons.
- a vehicle may now be 40 of the rail system 10 is used advantageously in the context of an automated process.
- This has a vehicle-side controller 41, a vehicle-side SpeI ⁇ cher responded 42 and a vehicle-side communication device ⁇ 43rd
- the communication device 43 is likewise designed for radio-based communication and although such that between the decentralized communication device 33 and the vehicle-side communication device 43, a radio-based data transmission is possible.
- the memory device 42 of the vehicle 40 stores cryptographic data which comprise at least one key and / or at least one digital certificate.
- the local device 30 such approaches is that it is in communication range of the decentralized communication device 33 so that communication between the decentralized communication device 33 and the vehicle-side communication means 43 is possible, the cryptographic data can be read from the memory device 42 and the decentral communication device 33 to the trackside device 35 relationship ⁇ the local management device 32 are transmitted to the same.
- the control device 41 of the vehicle 40 is designed to detect that the vehicle 40 has approached the trackside device sufficiently in the course of its journey.
- control device 41 may also preferably use additional information stored in the memory device 42, which as a parameter preferably at least identifies the identifiers.
- additional information stored in the memory device 42 which as a parameter preferably at least identifies the identifiers.
- the cryptographic data for example from the registration point 22, the certification point 23 or the central management and / or control device 21 of the central device 20, may also be transmitted to the vehicle 40 in a radio-based manner, for example this according to Emp ⁇ fang are stored by the vehicle-side communication means 43 via the control device 41 in the storage device 42nd
- This step is thus carried out at a time ⁇ point which is forward-the situation shown in Figure 1, that is, at an earlier point in time at which the vehicle 40 stays still closer to the central bodies 20, so that a corresponding radio-based transmission is possible ,
- the vehicle 40 has the trackside equipment just approximated extent that transmitted the cryptographic data from the vehicle 40 to the trackside device 35 Kgs ⁇ NEN.
- the cryptographic data from the local management unit 32 may then in at least one other local component of the rail system 10 in the form of the signal ⁇ technical safety device 31 as well as optionally present further technical signal securing means be distributed.
- the transfer or transmission of the cryptographic data from the vehicle 40 at points, the route cken workede device 35 or the local administrative ⁇ processing device 32 of the same takes place here vorteilhafter-, during traveling of the vehicle 40 so that a Ver ⁇ slowdown or interruption of the running of the vehicle 40 is not required.
- This means that the cryptographic data is transmitted without affecting the normal operation of the vehicle 40.
- the transmission of the cryptographic data from the vehicle 40 to the at least one trackside device is encrypted ⁇ advantageous way legally or otherwise secured, so that attacks with or alter the cryptographic data are excluded.
- Figure 2 shows a second schematic diagram for white ⁇ ter personaln explaining the embodiment of the inventive method.
- the representation of Figure 2 corresponds to a flow diagram wherein the left hand side, in turn, the central device 20 of the rail system ge ⁇ shows is that according to the embodiment of Figure 1, the central administration and / or control device 21, the registry 22 Certification authority 23 and the central communication device 24 includes.
- the Figure 2 is the remote device 30 is shown on the right side where it is in accordance with the embodiment of Figure 1 to the stre ⁇ cken workede device 35 and the signal-based inference means Siche ⁇ 31st
- further signal-technical safety devices 31a and 31b are indicated in FIG.
- a delivery of cryptographic data from the central device 20 to the remote device 30 may now for example be made such that the kryptogra ⁇ phical data shall be transmitted, for example, by the certification office 23 in a message 60 to the central communication device 24th From the central communica- tion device 24, the cryptographic data in a message 61 radio-based transmitted to the vehicle-side Kommuni ⁇ cation device 43 of the vehicle 40 and stored with the interposition of the controller 41 in the storage device 42.
- the vehicle 40 moves in the direction of travel 45 in the direction of the decentralized device 30 and eventually reaches the communication range of the trackside device 35.
- the route-side device 35 transmits the cryptographic data or the parts of the same relevant to the respective component with the messages 64, 65 and 66 to the signaling devices 31, 31a and 31b. In this way, it is subsequently possible to continue to communicate with one another in a secure manner based on updated or exchanged keys and / or certificates, which is indicated in FIG. 2 by messages 67, 68 and 69.
- Figure 3 shows a third schematic diagram for Erläu ⁇ esterification of a further embodiment of the erfindungsge- MAESSEN method.
- the representation of FIG. 3 essentially corresponds to that of FIG. 2, wherein a separate representation of the individual components has been dispensed with in relation to the central device 20. This is intended are indicated that these components may be executed as such under ⁇ different.
- a communication exchange first takes place between the signaling device 31 and the other signaling devices 31a, 31b and the trackside device 35 (or the local management device 32 thereof) by means of messages 80, 81 and 82 Inquiries in the context of public key infrastructure procedures, which are answered by the trackside facility 35 in the form of messages 83, 84 and 85.
- the signaling devices 31, 31a and 31b exchange messages 86, 87, 88 and 89 with each other, which are secured using keys and digital certificates.
- a message 90 data or an information request 71 are now transmitted to the vehicle 40 by the trackside device 35.
- this is done in return for a transmission of cryptographic data from the vehicle 40 to the local management device 32, as has been explained above in connection with FIG.
- this can be done temporally decoupled from the corresponding transmission of cryptographic data and a transmission of the information request 71 also to another vehicle of the rail system 10 SUC ⁇ gene.
- the information request may relate to both cryptographic method or implemented corresponding method, Request that is for example, a Aktualisie ⁇ tion of certificates when his divorced also of cryptographic rule method, ie for example, a transfer of diagnostic data concern.
- the transmitted data is stored in the memory device 42 of the vehicle 40 and from the vehicle 40 outside the transmission range of the trackside device 35 forwarded to the central device 20 of the railway system 10. In FIG. 3 this is indicated by the messages 92 and 93.
- the centra ⁇ len device 20 to a communication exchange in the form of messages 95 and 96, at the same 30 messages 97 and 98 are replaced by the de ⁇ central facility.
- an information reply 72 is then transmitted by the central device 20 to another vehicle 40a, which is thus not the vehicle 40.
- the other vehicle 40a similar to the vehicle 40 has a further control device 41a, a white ⁇ tere memory means 42a and a further Kommunikati ⁇ ons Rhein 43a and the other vehicle moves in a direction 45a in the direction of the decentralized device 30.
- 41a in communication range of the stre- cken solutionen device 35, it transfers the informa tion ⁇ response 72 by means of messages 100/101 to points, the route cken bathe device 35 or the local administrative ⁇ processing device thereof. This transmits the information answer or a respective part of it in
- the vehicle according to the invention and the railway system according to the invention have in particular the advantage that they provide a transmission in particular Enable cryptographic data from a central office to decentralized trackside facilities even in cases where they have no direct communication link.
- an automatic transport of the corresponding data by means of vehicles or trains takes place using storage devices installed in them.
- At the respective remote location there is then a transfer or download of the relevant data, so that a local maintenance crew is advantageously not required.
- Ver ⁇ drive advantageously can run completely automatically and be ⁇ no maintenance action. This also enables high-frequency key exchange, which can increase IT security without incurring additional costs.
Landscapes
- Engineering & Computer Science (AREA)
- Mechanical Engineering (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Train Traffic Observation, Control, And Security (AREA)
- Electric Propulsion And Braking For Vehicles (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102016223481.1A DE102016223481A1 (de) | 2016-11-25 | 2016-11-25 | Verfahren zum Betreiben eines Eisenbahnsystems sowie Fahrzeug eines Eisenbahnsystems |
PCT/EP2017/077280 WO2018095682A1 (fr) | 2016-11-25 | 2017-10-25 | Procédé de fonctionnement d'un système ferroviaire et véhicule d'un système ferroviaire |
Publications (2)
Publication Number | Publication Date |
---|---|
EP3515785A1 true EP3515785A1 (fr) | 2019-07-31 |
EP3515785B1 EP3515785B1 (fr) | 2024-08-21 |
Family
ID=60382149
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP17800401.6A Active EP3515785B1 (fr) | 2016-11-25 | 2017-10-25 | Procédé de fonctionnement d'un système ferroviaire et véhicule d'un système ferroviaire |
Country Status (5)
Country | Link |
---|---|
US (1) | US11958519B2 (fr) |
EP (1) | EP3515785B1 (fr) |
CN (1) | CN110023170A (fr) |
DE (1) | DE102016223481A1 (fr) |
WO (1) | WO2018095682A1 (fr) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11970194B2 (en) * | 2018-12-06 | 2024-04-30 | Mitsubishi Electric Corporation | Terminal device and data management method |
CN110753320B (zh) * | 2019-09-25 | 2022-11-01 | 株洲凯创技术有限公司 | 一种列车车载加密装置及列车车载加密机 |
CN113242235A (zh) * | 2021-05-08 | 2021-08-10 | 卡斯柯信号有限公司 | 一种对铁路信号安全通信协议rssp-i加密认证的系统及其方法 |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE19851709A1 (de) | 1998-10-30 | 2000-05-04 | Siemens Ag | Verfahren zum Online-Update sicherheitskritischer Software in der Eisenbahn-Signaltechnik |
ES2265861T3 (es) * | 2000-12-30 | 2007-03-01 | Siemens Schweiz Ag | Procedimiento de programacion de un sistema de destinacion redundante con exigencias de seguridad. |
US6863246B2 (en) | 2002-12-31 | 2005-03-08 | Quantum Engineering, Inc. | Method and system for automated fault reporting |
DE102006028938B3 (de) * | 2006-06-23 | 2008-02-07 | Siemens Ag | Verfahren zur Übertragung von Daten |
DE102007041177B4 (de) * | 2007-08-27 | 2009-04-30 | Siemens Ag | Verfahren zum ETCS-Online-Schlüsselmanagement |
US20090212168A1 (en) * | 2008-02-25 | 2009-08-27 | Ajith Kuttannair Kumar | System and Method for Transporting Wayside Data on a Rail Vehicle |
CN101567780B (zh) * | 2009-03-20 | 2011-05-18 | 武汉理工大学 | 一种针对加密数字证书的密钥管理与恢复方法 |
DE102011006772A1 (de) * | 2011-04-05 | 2012-10-11 | Siemens Aktiengesellschaft | System und Verfahren für ein Schlüsselmanagement eines Zugsicherungssystems |
DE102011083340A1 (de) * | 2011-09-23 | 2013-03-28 | Siemens Aktiengesellschaft | Verfahren zum Bedienen einer streckenseitigen Einrichtung des spurgebundenen Verkehrs sowie streckenseitige Einrichtung |
JP6092548B2 (ja) | 2012-09-03 | 2017-03-08 | 西日本旅客鉄道株式会社 | 無線システム及び列車制御システム |
US9166952B2 (en) * | 2012-10-15 | 2015-10-20 | Thales Canada Inc | Security device bank and a system including the and SD security device bank |
US9522685B2 (en) * | 2014-10-15 | 2016-12-20 | General Electric Company | System and method for configuring and updating wayside devices |
DE102014226902A1 (de) * | 2014-12-23 | 2016-01-14 | Siemens Aktiengesellschaft | Einrichtung einer sicheren Datenübertragungsverbindungim Schienenverkehr |
CN105025479B (zh) | 2015-07-27 | 2019-03-05 | 北京交通大学 | 城市轨道交通系统车地无线通信认证密钥配置系统及方法 |
CN205725863U (zh) | 2016-06-29 | 2016-11-23 | 河南蓝信软件有限公司 | 动车组车辆信息动态监测系统 |
-
2016
- 2016-11-25 DE DE102016223481.1A patent/DE102016223481A1/de not_active Withdrawn
-
2017
- 2017-10-25 WO PCT/EP2017/077280 patent/WO2018095682A1/fr unknown
- 2017-10-25 US US16/464,362 patent/US11958519B2/en active Active
- 2017-10-25 EP EP17800401.6A patent/EP3515785B1/fr active Active
- 2017-10-25 CN CN201780072836.4A patent/CN110023170A/zh active Pending
Also Published As
Publication number | Publication date |
---|---|
WO2018095682A1 (fr) | 2018-05-31 |
DE102016223481A1 (de) | 2018-05-30 |
EP3515785B1 (fr) | 2024-08-21 |
CN110023170A (zh) | 2019-07-16 |
US20210114635A1 (en) | 2021-04-22 |
US11958519B2 (en) | 2024-04-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1824721B1 (fr) | Procede et systeme pour controler une unite de transmission de donnees servant a commander un objet roulant | |
WO2016198231A1 (fr) | Procédé et dispositif de détermination d'une autorisation de circuler pour un véhicule guidé sur rails | |
DE102010026433A1 (de) | Steuernetzwerk für ein Schienenfahrzeug | |
DE102014210190A1 (de) | Fahrerlaubnis für ein Schienenfahrzeug | |
WO2012136525A1 (fr) | Système et procédé de gestion de clés d'un système de protection des trains | |
WO2018228758A1 (fr) | Procédé pour faire fonctionner un système de circulation guidé | |
DE102008045050A1 (de) | Verfahren und Vorrichtung zur Zugbeeinflussung | |
EP3515785A1 (fr) | Procédé de fonctionnement d'un système ferroviaire et véhicule d'un système ferroviaire | |
DE102013101927A1 (de) | Vorrichtung, Zugendekontrollgerät, Schienenstrecke und Verfahren zur Datenübertragung | |
WO2018001674A1 (fr) | Procédé et dispositif de commande d'un passage à niveau | |
DE102019204135A1 (de) | Verfahren zum gemischten Betrieb eines gleisgebundenen Streckenabschnitts mit Weiche sowie Streckenabschnitt und Weiche | |
DE102016217902A1 (de) | Überwachung eines Schienenfahrzeugs | |
WO2013117398A2 (fr) | Système pour commander, sécuriser et/ou surveiller des voies praticables pour véhicules guidés, et procédé pour faire fonctionner un tel système | |
EP2088051B1 (fr) | Procédé et dispositif destinés au réglage sécurisé d'une voie de circulation pour un véhicule sur rail | |
EP1931550B1 (fr) | Procede d'exploitation d'une ligne ferroviaire | |
EP2663483A1 (fr) | Dispositif de contrôle des trains pour système etcs l2 - système européen de contrôle des trains, niveau 2 - | |
EP3795451B1 (fr) | Procédé de localisation d'un véhicule dans une station destinée à un arrêt du véhicule | |
DE102019211966A1 (de) | Gleisgebundener Streckenabschnitt, ausgestattet mit einem automatischen Zugsicherungssystem, und Verfahren zu dessen Betrieb | |
EP3013666B1 (fr) | Procédé d'exploitation d'un système de commande automatique de la marche d'un train et système de commande automatique de la marche d'un train | |
DE102012206479A1 (de) | Verfahren zur Hilfsbedienung eines Fahrwegelements sowie betriebsleittechnisches System | |
EP1892171A1 (fr) | Procédé d'entrainement d'un poste d'aiguillage et procédé d'entrainement d'un centre de contrôle | |
EP2489570B1 (fr) | Procédé et système destinés à l'échange de données entre une unité centrale et une composante de commande de la marche des trains pour des besoins de tests | |
DE102004057907A1 (de) | Verfahren bei der Einbindung von Rangiervorgängen bei der Zugsteuerung und Zugsicherung mittels bidirektionaler Funk-Informationsübertragung | |
DE10240376B4 (de) | Sicheres Zugmeldebuch | |
DE102016217913A1 (de) | Überwachung eines Schienenfahrzeugs |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: UNKNOWN |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20190426 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: SCHULZ, OLIVER Inventor name: SEIFERT, MATTHIAS |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20211105 |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: GRANT OF PATENT IS INTENDED |
|
INTG | Intention to grant announced |
Effective date: 20240318 |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: B61L 27/70 20220101ALI20240229BHEP Ipc: B61L 27/53 20220101ALI20240229BHEP Ipc: B61L 27/40 20220101ALI20240229BHEP Ipc: B61L 23/00 20060101ALI20240229BHEP Ipc: B61L 15/00 20060101ALI20240229BHEP Ipc: B61L 3/12 20060101AFI20240229BHEP |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE PATENT HAS BEEN GRANTED |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D Free format text: NOT ENGLISH |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R096 Ref document number: 502017016366 Country of ref document: DE |