WO2009027380A1 - Procédé de gestion en ligne de clés etcs - Google Patents

Procédé de gestion en ligne de clés etcs Download PDF

Info

Publication number
WO2009027380A1
WO2009027380A1 PCT/EP2008/061102 EP2008061102W WO2009027380A1 WO 2009027380 A1 WO2009027380 A1 WO 2009027380A1 EP 2008061102 W EP2008061102 W EP 2008061102W WO 2009027380 A1 WO2009027380 A1 WO 2009027380A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
etcs
rbc
keys
kmc
Prior art date
Application number
PCT/EP2008/061102
Other languages
German (de)
English (en)
Inventor
Detlef Kendelbacher
Holger Schilling
Fabrice Stein
Original Assignee
Siemens Aktiengesellschaft
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Aktiengesellschaft filed Critical Siemens Aktiengesellschaft
Publication of WO2009027380A1 publication Critical patent/WO2009027380A1/fr

Links

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B61RAILWAYS
    • B61LGUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
    • B61L15/00Indicators provided on the vehicle or vehicle train for signalling purposes ; On-board control or communication systems
    • B61L15/0018Communication with or on the vehicle or vehicle train
    • B61L15/0027Radio-based, e.g. using GSM-R
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B61RAILWAYS
    • B61LGUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
    • B61L27/00Central railway traffic control systems; Trackside control; Communication systems specially adapted therefor
    • B61L27/20Trackside control of safe travel of vehicle or vehicle train, e.g. braking curve calculation
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B61RAILWAYS
    • B61LGUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
    • B61L27/00Central railway traffic control systems; Trackside control; Communication systems specially adapted therefor
    • B61L27/30Trackside multiple control systems, e.g. switch-over between different systems
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B61RAILWAYS
    • B61LGUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
    • B61L27/00Central railway traffic control systems; Trackside control; Communication systems specially adapted therefor
    • B61L27/70Details of trackside communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B61RAILWAYS
    • B61LGUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
    • B61L27/00Central railway traffic control systems; Trackside control; Communication systems specially adapted therefor
    • B61L27/20Trackside control of safe travel of vehicle or vehicle train, e.g. braking curve calculation
    • B61L2027/202Trackside control of safe travel of vehicle or vehicle train, e.g. braking curve calculation using European Train Control System [ETCS]

Definitions

  • the invention relates to a method for ETCS online key Selma management of radio-control-entity-specific authentication key used in the for établie ⁇ tion each new radio link between the entities block center (RBC) and ETCS vehicle, which (from a key center KMC ) are transmitted via a data link to the En ⁇ tticianen.
  • the ETCS - European Train Control System - is based on a uniform European standard for train control systems, which enables interoperable railway traffic and thus forms the basis for increased performance and reduced costs.
  • Level 2 and 3 of the ETCS the continuous operation of ETCS vehicles is carried out by section-wise responsible RBC (Radio Block Center), through which the reference variables to the ETCS vehicles are handled by GSM-R Global digital radio System for Mobile Communication - railway.
  • RBC Radio Block Center
  • the safety-critical data transmission between the jewei ⁇ time RBC and the guided ETCS vehicle is protected by kryptolo ⁇ cal assurance procedures.
  • a secret cryptographic session key is used that is valid for the duration of the connection.
  • a personalization key is inserted by the manufacturer of the hardware. It is specific to each entity - vehicle, RBC - and manufacturer access protected. The personalization key is used to encrypt the keys to be stored in the entity and is never used outside the system.
  • the transport key is used in key generation in a protected environment to encrypt the authentication keys and at the manufacturer to decrypt the authentication keys.
  • the authentication key is entity specific and is needed to establish the connection between ETCS vehicle and RBC.
  • the ETCS on-board requires the authentication key of all RBC with which it needs to communicate in addition to his own Authentactusschlüs ⁇ sel.
  • An RBC requires the authentication keys of all ETCS vehicles with which it must communicate in addition to its own authentication key.
  • the Retention of the authentication key is encrypted .
  • the session key secures the data to be transmitted between the vehicle and RBC.
  • the session key is derived at the time the connection is established from the authentication keys of the participating communication partners and a random variable exchanged between the communication partners.
  • the session key is maintained for the duration of a communication link between RBC and ETCS
  • the introduction of the authentication key in the ETCS vehicles and RBC route centers can be done both offline, as well as online.
  • offline process all authentication keys are introduced before the start of the Sys ⁇ tems in the entities. This fixes the possible communication relationships.
  • Extensions, such as the inclusion of new vehicles in the ETCS require an update of the authentication keys in the respective entities.
  • a key exchange takes place between entities and a key distribution center - KMC Key Management Center - to nachzula ⁇ required authentication key via a data connection, if necessary.
  • the transmission of the authentication key is encrypted.
  • the national KMC of the various rail operators can exchange data to refer requested key foreign ETCS vehicles from KMC of the corresponding train ⁇ operator.
  • Communication can be offline or online.
  • the KMC must be pre-supplied with the keys of all national and international ETCS vehicles.
  • the transfer of erfor ⁇ sary key at the time of the request and selective tive can take place. It can therefore be assumed that in a national KMC all authentication keys are available for communication with the national and international authorities and can be retrieved as needed.
  • the message format between the KMCs of different rail operators is defined by an UNISIG standard in subset 38.
  • the invention has for its object to provide a method of the generic type, which is characterized by more resource-efficient key distribution.
  • the object is achieved by encrypting the authentication keys for transmission with a transport key.
  • the method according to the invention regulates the administration and distribution of the authentication keys between the entities KMC, RBC and ETCS vehicle.
  • the function of the transport key is extended.
  • the transport key over ⁇ now not only takes the protection of authenticatio ⁇ approximate key from the key generation in the KMC to the manufacturer, but also the protection of the transport of au- fiz istsêtl from KMC to the entities RBC and ETCS vehicle.
  • the ETCS vehicles and the trackside RBC of the railway operator are extended by a non-secure key memory for receiving the encrypted transport key. This is the Transport key another in each entity to spei ⁇ chernder key.
  • the encryption of the authentication key to be transmitted to an entity takes place with the transport key related to the entity.
  • the decryption of the authentication key is done with the Transportschlüs ⁇ sel in the entities.
  • the storage of the authentication key is encrypted in a preferably access-protected storage medium. This storage medium can be housed in a non-secure computer.
  • the introduction of the transport key into the ETCS vehicle possibly requires the encryption of the transport key with a manufacturer-specific personalization key.
  • the ETCS vehicles have all required future Keyring ⁇ sel to communicate with non-cooperative RBC already during communication with cooperative RBC advance. Abroad, the ETCS vehicle thus has all the keys for all RBC own and third party operators without additional key management activities.
  • New ETCS vehicles can easily be integrated into the ETCS system.
  • the keys of the ETCS vehicle needed in all RBCs are distributed automatically - automatically learning system.
  • railway operators can independently and flexibly define update protocols between KMC and RBC and between ETCS vehicle and RBC.
  • each ETCS vehicle can be supplied with the required authentication keys in every situation.
  • the necessary update protocols and local non ⁇ access protected data storage in the ETCS vehicles and RBC require little extra effort on development and resource allocation.
  • the additional network load can be minimized as a result of suitable update procedures. Traffic for the ETCS train control is not affected as a result of the process application.
  • the transport key is stored encrypted in the entity with a entity-specific, provided by the manufacturer Personaltechnischs wooll and decrypted only when used.
  • the transport keys are predetermined by the railway operator and are specific to the entity. This means that a specific transport key is used for over ⁇ mediation of authentication keys for each RBC and for each ETCS vehicle. DA with is the highest flexibility and security of Austau ⁇ MOORISH reached. Alternatively, the method according to claim 4 can also be realized with an operator-wide uniform transport key.
  • a further possible feature of the method according to the invention is the use of the manufacturer-specified and entity-specific personalization key as a transport key in order to save the additional generation and management of transport keys.
  • this waives the independence of key production between manufacturer and operator.
  • vehicle update protocol - RBC builds on the existing and standardized EURORADIO protocol and uses its services to set up, manage and initiate additional virtual connections between the vehicle and RBC.
  • the update protocol is operator-specific set festzu ⁇ .
  • the RBC is provided with access to the key memory of the KMC for transmitting key data between KMC and RBC on the basis of a transmission protocol to be introduced, ie update protocol KMC-RBC.
  • the update protocol KMC - RBC can build on ⁇ be arbitrary transmission services or protocols and train operator-specific set.
  • FIG. 1 shows a first variant for key transmission
  • FIG. 2 shows a second variant for key transmission
  • FIG. 3 shows a third variant for key transmission
  • FIG. 4 shows a first update method
  • FIG. 5 shows a second update method
  • the key management method according to the invention provides three different variants for key transmission from a key distribution center KMC to an ETCS vehicle:
  • Distribution via RBC takes place in 3 stages.
  • the identification and provision of all necessary keys for all ETCS vehicles of a railway operator managed in the KMC takes place.
  • the keys of an ETCS vehicle for domestic communication links are stored in the KMC and can be distributed immediately if required.
  • the keys of an ETCS vehicle for foreign Kommuni ⁇ kationsitatien can be deposited when using the online data exchange between KMC in the foreign KMC and may need to be first transmitted from there to the domestic KMC. For this reason, the KMC of the various rail operators can be interconnected and share the keys of the international trains running ETCS vehicles un ⁇ behind the other. If the offline data exchange is used between the KMCs, this first step is eliminated because the keys for all foreign and domestic communications ⁇ connections must already be at KMC in this case.
  • the update protocol can use existing Festozover ⁇ bonds between the KMC and the RBC. Since the key stocks are rarely changed and only changes are transferred over the there ⁇ ten Koch, the additional network load generated by the key distribution is ge ⁇ ring. There are no UNISIG specifications for the KMC - RBC update protocol so that every rail operator can use its own protocol. Key data for all ETCS vehicles managed by the KMC are kept as copies in all RBCs.
  • the keys are transferred between RBC and ETCS vehicles.
  • the existing ETCS train control radio connection between ETCS vehicle and RBC is shared.
  • the standardized EURORADIO- Protocol provides that additional data connections can be switched on the existing radio channel and the Da ⁇ th multiple applications are transmitted in the multiplex.
  • ETCS vehicle and RBC next to the EURORADIO protocol another common communication protocol, ie an up ⁇ date protocol that allows the keys to the respective ETCS vehicle at existing radio link are transmitted from the RBC to the ETCS vehicle automatically and with low priority.
  • the update log is not standardized and can be chosen freely by the respective railway operator.
  • the respective ETCS vehicle of the operator is stored online and proprietary with all the ETCS keys present in the national key distribution center KMC of the operator, which are necessary for communication with all RBC trunk stations of the domestic and foreign railway operators.
  • the current RBC determines all potentially required keys for the ETCS vehicle and transmits them to the vehicle.
  • the keys are already stored from a to ⁇ back lying transmission locally unless the ETCS vehicle, be ⁇ the transfer to a review of the timeliness and an update no longer restricts current key. If necessary , the selection of the keys to be transmitted can be restricted on the basis of further criteria, such as an identifier for the intended route.
  • the Keyring ⁇ sel are stored locally in ETCS vehicle. This can be done for example in a preprocessing computer on the ETCS vehicle.
  • the variant of the request by the ETCS vehicle can be utilized loading when the ETCS on-board does not find a needed Keyring ⁇ sel in the local data storage.
  • the request by the ETCS vehicle takes place in one to three stages.
  • the ETCS vehicle requests one or more keys directly from the RBC.
  • an existing radio connection can be used or a new radio connection can be set up.
  • the ETCS vehicle update protocol - RBC access is made to the key memory in the RBC and the transmission of the selected data to the ETCS vehicle. If the key (s) needed are or are not available in the database of the RBC, in the second stage, a connection is established between the RBC and the associated KMC.
  • the RBC accesses the key basis of the KMC. The se ⁇ selected keys are first transmitted from the KMC to the RBC and then ⁇ from the RBC to the ETCS vehicle.
  • the third stage If keys are needed for foreign ETCS connections that are not deposited in the KMC, in the third stage the necessary connections are established between the participating KMCs and the keys are first transferred to the KMC before the keys are sent to and from the RBC be transferred to the ETCS vehicle.
  • the third stage is only applied in the case of online data exchange between KMCs.
  • the ETCS-keys can be advantageously stored in a non-access-protected environment because the key be unencrypted at any time of the ⁇ transmission and storage.
  • the storage of a plurality of key data sets is by means of Mass storage of a communication computer in the ETCS vehicle easily possible.
  • the proposed method of providing keys via RBC is only possible between ETCS vehicles and RBC, which belong to the same railway operator.
  • Each ETCS vehicle distinguishes between cooperative RBCs, which allow key exchange, and non-cooperative RBCs, which can not be key exchanged due to incompatible transmission protocols.
  • ETCS vehicles In order for online key management to be effective in cross-border rail traffic as well, ETCS vehicles must also, in addition to the keys for domestic communication links, download the keys for the foreign communication links during their communication with cooperative RBCs. Downloading the key ER only when the ETCS vehicle is moving in a koopera ⁇ tive route infrastructure follows. The detection of cooperative RBC is done automatically by the update protocol vehicle - RBC. When the ETCS vehicle leaves the cooperative route infrastructure of the operator, it also has the key material to communicate with non-cooperative RBCs of other operators, if already transferred to the ETCS vehicle.
  • Transmission of the key held in the RBC occurs when an ETCS vehicle establishes an ETCS data link to the RBC.
  • the keys are transmitted with a low priority, so that keys are only transmitted if the train control data to be transmitted do not exhaust the available capacity of the radio channel. carrying in the background. Changes the ETCS on-board radio ⁇ connection to RBC, ie at RBC handover, the download of the keys can be canceled. At the next established radio link to the cooperative neighbor RBC, key transmission can continue.
  • the specific communication protocol for key update can be such opti ⁇ mized that only delta information is transferred and broken transmissions will resume automatically.
  • All keys are encrypted using a vehicle-specific transport ⁇ ⁇ key and use only vehicle internally Be decrypted. Both in the KMC, as well as in the RBC, the keys are only encrypted. Each key has a unique ETCS ID, to which this one belongs
  • the key needed for the current communication connection can be selected from the large number of keys.
  • the ETCS ID for ETCS key can still Gültmaschinesda- growth, such as the date of the first validation belong, with the recognition of the relevance of a key mög ⁇ Lich.
  • the ETCS IDs of the keys are unencrypted and form a data record together with the validity date and the corresponding key.
  • the key management method is applicable not only to the distribution of keys of the route infrastructure, but also to updates of keys of the RBC, as illustrated in FIG.
  • the keys of the ETCS vehicles required in the RBC can be kept up to date automatically.
  • the key base in the KMC is updated.
  • the up ⁇ date protocol RBC - KMC be at the initiative of the KMC Key data is distributed to all assigned RBCs and stored there locally.
  • the update of the key data in the RBC can also take place at the request of the RBC, as FIG. 5 shows.
  • the key to the known vehicles that are used locally in the RBC in this case in addition to the keys of the RBC which are übertra ⁇ gen in demand for ETCS vehicles, stored.
  • the ETCS vehicle While driving, the ETCS vehicle communicates with several locally responsible RBCs in turn. This requires the specific authentication keys for this RBC.
  • an ETCS vehicle requires a key for a secure connection to an RBC
  • access is first made to the local key memory in the ETCS vehicle.
  • the required ETCS key is stored in the local database of the ETCS vehicle in the store of stored keys.
  • the selection is based on the transferred RBC ID.
  • the selected key is transferred from the key memory , which may be located in a non-access-protected environment, to the secure vehicle computer and decrypted there by means of the transport key.
  • the secure connection can be established according to the security protocol of the EURORADIO method.
  • the ETCS on-board After the establishment of the ETCS connection is initiated by the update protocol vehicle - ver ⁇ examined RBC by the ETCS on-board to build an additional virtual connection between RBC and ETCS vehicle in the existing radio channel. This is only possible with a cooperative RBC. If the ETCS vehicle communicates with a non-cooperative RBC, the connection establishment for the additional virtual connection for the key exchange fails. The existing ETCS connection is unaffected.
  • the connection to the key exchange is established. It automatically transfers all relevant for this ETCS vehicle key ⁇ data as update information from the cooperative RBC to the ETCS vehicle and its local Why Schemeba- sis updated. If the dataset on the ETCS vehicle is up to date, the virtual connection to the key update is terminated.
  • the key exchange protocol can time-repeat the request to the RBC for current key data.
  • a required key may not be present in the local keystore of the ETCS vehicle. This applies, for example, to ETCS vehicles whose local database has been exchanged for a repair abroad and which, during their journey in the
  • the ETCS vehicle takes an unsecured connection to the RBC and requests the transmission of the required key to the RBC. This alternative is only possible if the ETCS vehicle is in communication with a cooperative RBC.
  • the detection of cooperative RBC is done automatically by the update protocol of the ETCS vehicle. If it is a non-cooperative RBC, the key request is terminated with an error message.
  • the request of the ETCS vehicle to connect to Keyring comes ⁇ selator with cooperative RBC. If the requested key is available in the RBC's local key database, it will be immediately sent to the ETCS vehicle. Is the required
  • Keys not available on RBC are made by the RBC via a landline connection to the competent KMC.
  • the cooperative RBC responsible KMC transmits the key to the RBC, which forwards the key to the ETCS vehicle.
  • the KMC can request foreign authentication keys via inter-KMC connections. Keys selected by the ETCS vehicle or all keys valid for the ETCS vehicle may be requested from the RBC. After transmission of the key or the keys to the ETCS vehicle, the existing radio connection can be expanded immediately with the help of the key to a secure ETCS connection.
  • the ETCS vehicle will establish a direct connection to the KMC responsible for the ETCS vehicle.
  • the required keys possibly selected by means of inter-KMC connection and transmitted to the ETCS vehicle. Since this variant c) high connection ⁇ effort requires, they should be used only as a fallback the on ⁇ line key management.

Abstract

L'invention concerne un procédé de gestion en ligne de clés ETCS visant à télécommander des trains. Selon le procédé de l'invention, des clés d'authentification spécifiques à des entités sont utilisées pour établir chaque nouvelle liaison radio entre le centre de blocs radio (RBC) et un véhicule ETCS, lesquelles clés d'authentification étant transmises aux entités par un centre de gestion de clés (KMC) via un réseau de transmission. Afin de conserver les ressources de communication pour une distribution de clés, les clés d'authentification sont codées au moyen d'une clé de transfert destinée à la transmission.
PCT/EP2008/061102 2007-08-27 2008-08-26 Procédé de gestion en ligne de clés etcs WO2009027380A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102007041177A DE102007041177B4 (de) 2007-08-27 2007-08-27 Verfahren zum ETCS-Online-Schlüsselmanagement
DE102007041177.6 2007-08-27

Publications (1)

Publication Number Publication Date
WO2009027380A1 true WO2009027380A1 (fr) 2009-03-05

Family

ID=40029597

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2008/061102 WO2009027380A1 (fr) 2007-08-27 2008-08-26 Procédé de gestion en ligne de clés etcs

Country Status (2)

Country Link
DE (1) DE102007041177B4 (fr)
WO (1) WO2009027380A1 (fr)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009018167A1 (de) * 2009-04-20 2010-05-12 Siemens Aktiengesellschaft Einrichtung und Verfahren zur Datenübertragung
US20150239481A1 (en) * 2012-09-14 2015-08-27 Siemens Aktiengesellschaft Operation of a rail vehicle by means of an ETCS device
DE102016204630A1 (de) 2016-03-21 2017-09-21 Siemens Aktiengesellschaft Verfahren zum Übertragen von Nachrichten in einem Eisenbahnsystem sowie Eisenbahnsystem
CN108146468A (zh) * 2017-12-22 2018-06-12 交控科技股份有限公司 兼容c2ato及cbtc的人机交互信息处理方法
US20180239564A1 (en) * 2017-02-17 2018-08-23 Seiko Epson Corporation Printing apparatus and method for controlling printing apparatus
DE102017211201A1 (de) 2017-06-30 2019-01-03 Siemens Aktiengesellschaft Verfahren zum asymmetrischen Schlüsselmanagement und sicherheitsrelevante Anlage
WO2019076032A1 (fr) * 2017-10-20 2019-04-25 北京全路通信信号研究设计院集团有限公司 Procédé et système de mémorisation classifiée de clés
US20210114635A1 (en) * 2016-11-25 2021-04-22 Siemens Mobility GmbH Method For Operating A Railway System, And Vehicle Of A Railway System
CN114554486A (zh) * 2022-01-06 2022-05-27 北京全路通信信号研究设计院集团有限公司 一种信息安全传输的密钥管理方法及系统
EP4016918A1 (fr) 2020-12-18 2022-06-22 Siemens Mobility GmbH Procédé de distribution initiale des données de protection dans un système de protection des trains etcs
CN114834506A (zh) * 2022-04-13 2022-08-02 湖南中车时代通信信号有限公司 一种适用于重载铁路的无线闭塞中心设备
TWI790215B (zh) * 2016-11-17 2023-01-21 義大利商日立軌道信號和交通系統有限公司 用於鐵路環境下重要通信的安全管理的設備和方法

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101890971B (zh) * 2009-05-18 2013-01-23 华为技术有限公司 一种列车运行控制方法、设备和系统
DE102011006772A1 (de) * 2011-04-05 2012-10-11 Siemens Aktiengesellschaft System und Verfahren für ein Schlüsselmanagement eines Zugsicherungssystems
DE102015220224A1 (de) 2015-10-16 2017-04-20 Volkswagen Aktiengesellschaft Verfahren zur geschützten Kommunikation eines Fahrzeugs
DE102016217997A1 (de) * 2016-09-20 2018-03-22 Siemens Aktiengesellschaft Verfahren zur Kapselung der Ansteuerung von Mobilfunkgeräten in ETCS-Bahnfahrzeugen und ETCS-Bahnfahrzeug
DE102017211153A1 (de) * 2017-06-30 2019-01-03 Siemens Aktiengesellschaft Verfahren und Vorrichtung zum Übertragen von Daten zwischen einem ersten Kommunikationsnetz einer ersten spurgebundenen Fahrzeugeinheit und einem zweiten Kommunikationsnetz einer zweiten spurgebundenen Fahrzeugeinheit
CN107985348B (zh) * 2017-10-20 2021-01-26 北京全路通信信号研究设计院集团有限公司 一种控制方法和列车运行控制系统
DE102021202528A1 (de) 2021-03-16 2022-09-22 Siemens Mobility GmbH Bahntechnikgerät für eine bahntechnische Anlage und Verfahren zu deren Betrieb

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10225547B4 (de) * 2002-06-06 2004-10-28 Siemens Ag Verfahren zur Datenübertragung

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ERTMS/ETCS - CLASS 1: "Euroradio FIS, SUBSET-037, ISSUE 2.3.0", 14 October 2005 (2005-10-14), pages 1 - 100, XP002506070, Retrieved from the Internet <URL:http://www.era.europa.eu/public/Documents/ERTMS%20Documentation/Mandatory%20Specifications/Subset-037%20v230.pdf> [retrieved on 20080828] *
ERTMS/ETCS - CLASS 1: "Off-line Key Management FIS, SUBSET-038, ISSUE 2.1.9", 12 September 2005 (2005-09-12), pages 1 - 50, XP002506071, Retrieved from the Internet <URL:http://www.era.europa.eu/public/Documents/ERTMS%20Documentation/Informative%20specifications/Subset-038-v219.pdf> [retrieved on 20080828] *

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009018167A1 (de) * 2009-04-20 2010-05-12 Siemens Aktiengesellschaft Einrichtung und Verfahren zur Datenübertragung
US20150239481A1 (en) * 2012-09-14 2015-08-27 Siemens Aktiengesellschaft Operation of a rail vehicle by means of an ETCS device
US10046780B2 (en) * 2012-09-14 2018-08-14 Siemens Aktiengesellschaft Operation of a rail vehicle by means of an ETCS device
DE102016204630A1 (de) 2016-03-21 2017-09-21 Siemens Aktiengesellschaft Verfahren zum Übertragen von Nachrichten in einem Eisenbahnsystem sowie Eisenbahnsystem
WO2017162386A1 (fr) 2016-03-21 2017-09-28 Siemens Aktiengesellschaft Procédé de transmission de messages dans un système ferroviaire ainsi qu'un tel système ferroviaire
TWI790215B (zh) * 2016-11-17 2023-01-21 義大利商日立軌道信號和交通系統有限公司 用於鐵路環境下重要通信的安全管理的設備和方法
US11958519B2 (en) * 2016-11-25 2024-04-16 Siemens Mobility GmbH Method for operating a railway system, and vehicle of a railway system
US20210114635A1 (en) * 2016-11-25 2021-04-22 Siemens Mobility GmbH Method For Operating A Railway System, And Vehicle Of A Railway System
US20180239564A1 (en) * 2017-02-17 2018-08-23 Seiko Epson Corporation Printing apparatus and method for controlling printing apparatus
DE102017211201A1 (de) 2017-06-30 2019-01-03 Siemens Aktiengesellschaft Verfahren zum asymmetrischen Schlüsselmanagement und sicherheitsrelevante Anlage
WO2019001923A1 (fr) 2017-06-30 2019-01-03 Siemens Aktiengesellschaft Procédé de gestion de clés asymétrique, basé sur une chaîne de blocs et installation relative à la sécurité
WO2019076032A1 (fr) * 2017-10-20 2019-04-25 北京全路通信信号研究设计院集团有限公司 Procédé et système de mémorisation classifiée de clés
CN108146468B (zh) * 2017-12-22 2020-09-18 交控科技股份有限公司 兼容c2ato及cbtc的人机交互信息处理方法
CN108146468A (zh) * 2017-12-22 2018-06-12 交控科技股份有限公司 兼容c2ato及cbtc的人机交互信息处理方法
EP4016918A1 (fr) 2020-12-18 2022-06-22 Siemens Mobility GmbH Procédé de distribution initiale des données de protection dans un système de protection des trains etcs
DE102020216277A1 (de) 2020-12-18 2022-06-23 Siemens Mobility GmbH Verfahren zur initialen Verteilung von schützenswerten Daten in einem ETCS-Zugsicherungssystem
CN114554486A (zh) * 2022-01-06 2022-05-27 北京全路通信信号研究设计院集团有限公司 一种信息安全传输的密钥管理方法及系统
CN114554486B (zh) * 2022-01-06 2024-04-30 北京全路通信信号研究设计院集团有限公司 一种信息安全传输的密钥管理方法及系统
CN114834506A (zh) * 2022-04-13 2022-08-02 湖南中车时代通信信号有限公司 一种适用于重载铁路的无线闭塞中心设备
CN114834506B (zh) * 2022-04-13 2023-11-21 湖南中车时代通信信号有限公司 一种适用于重载铁路的无线闭塞中心设备

Also Published As

Publication number Publication date
DE102007041177A1 (de) 2009-03-05
DE102007041177B4 (de) 2009-04-30

Similar Documents

Publication Publication Date Title
DE102007041177B4 (de) Verfahren zum ETCS-Online-Schlüsselmanagement
EP3157281B1 (fr) Procédé de communication protégée dans un véhicule
DE19823666B4 (de) Verschlüsselungs-Kommunikationssystem
DE102020109246B4 (de) Nutzung quantensicherer Schlüssel mit Endgeräteeinrichtungen
DE19723659A1 (de) Datenkommunikationssystem und Verfahren zur Chiffrierung zu übertragender Daten
DE102012224421A1 (de) Fahrzeuggebundenes system und kommunikationsverfahren
WO2019175006A1 (fr) Procédé pour échanger des données avec un appareil de commande de véhicule
DE102008008970A1 (de) Bordnetz-System eines Kraftfahrzeugs mit austauschbarem kryptografischen Schlüssel und/oder Zertifikat
WO2012136525A1 (fr) Système et procédé de gestion de clés d&#39;un système de protection des trains
WO2017162386A1 (fr) Procédé de transmission de messages dans un système ferroviaire ainsi qu&#39;un tel système ferroviaire
WO2023274678A1 (fr) Gestion de clés pour une communication sécurisée entre des abonnés de communication par l&#39;intermédiaire d&#39;un canal de communication séparé
DE102006046017A1 (de) Verfahren zum Bereitstellen eines symmetrischen Schlüssels zum Sichern eines Schlüssel-Management-Protokolls
EP0067340A1 (fr) Procédé pour la transmission de clés
DE102007041959B4 (de) Verfahren zur Kommunikationsadressierung mobiler Teilnehmer bei Verwendung von paketorientierter Datenübertragung für Bahnanwendungen
DE10140446A1 (de) Verfahren und Datenverarbeitungsvorrichtung zum Übertragen von Daten über verschiedene Schnittstellen
EP3676991B1 (fr) Réseau d&#39;automatisation de voie et procédé de communication de messages dans un réseau d&#39;automatisation de voie
DE60225721T2 (de) Verfahren zur zugriffskontrolle über spezifischen dienste via einem verteiler
DE102015107745A1 (de) Verfahren zur Bereitstellung von Kommunikationsressourcen in intelligenten Transportsysteme
DE102018102608A1 (de) Verfahren zur Benutzerverwaltung eines Feldgeräts
DE102010029929A1 (de) Verfahren zur Übertragung von Daten sowie Fahrzeug
EP1376940B1 (fr) Procédé pour la transmission de données
EP2134055B1 (fr) Procédé pour la configuration de transmissions sécurisées de données entre des réseaux sécurisés
WO2000021243A2 (fr) Systeme de communication destine a un mode de fonctionnement
DE102020123413B4 (de) Verfahren zur Datenübertragung in einem Ad-hoc-Netzwerk
DE102021001919A1 (de) Verfahren zum sicheren Verteilen eines Softwareupdates

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08787454

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08787454

Country of ref document: EP

Kind code of ref document: A1