CTCS-3级列控系统RBC报文安全传输的研究
|
摘要
CTCS-3级列控系统中车地间无线报文的安全传输对列车的行车安全有着至关重要的作用。论文以EuroRadio(?)办议为蓝本,按照EN50159-2标准模拟研究设计了CTCS-3级列控系统中RBC与列车间无线报文安全传输的过程,在EuroRadio协议的基础上运用了AES算法来计算MAC码,并运用了双序列号机制,更好的确保了信息安全高效地传输。
论文对CTCS-3级列控系统中无线闭塞中心与车载设备之间无线报文安全传输的重要意义进行了阐述,并介绍了无线报文安全传输的标准及协议,对安全认证机制的原理和过程作了详细介绍。
其次,根据《CTCS-3级列控系统总体技术方案》及《CTCS-3级列控系统无线报文的应用》分析了主要运营场景中报文及消息的基本格式,包括各个信息包的构成,和每个发送消息所包含的信息包和字段长度等。
论文还对EurRadio协议中MAC的算法作了改进,采用安全系数更高的AES算法,并对此算法的原理进行了介绍。论文还采用了双序列号机制来防止报文传输过程中的延时及乱序错误,描述了双序列号相对于时间戳的优点,详细介绍了所采用的双序列号机制的原理。
论文最后对列车与RBC间无线报文安全传输的详细过程及系统的组成,实现的界面、MAC的生成过程做了详细的介绍,并对RBC中心数据库进行了设计,RBC中的数据量很大,每块数据都对RBC生成行车许可和控制列车的命令有着重要作用,所以设计合理的数据库,对无线报文的安全传输过程有着重要的意义。
In CTCS-3 level train control system, the safety wireless transmission of train-wayside messages plays a vital role. In thesis, EuroRadio protocol was used as the original version, and the RBC and train-wayside wireless messages safety transmission process in CTCS-3 was designed according to EN50159-2 standard. Based on the EuroRadio protocol, AES algorithm was used to calculate MAC yards, besides, dual serial number mechanism was applied, which makes the information more securely and the transportation more efficiently.
Firstly, The thesis stated the significance of the safety wireless transmission between RBC and on-board equipment in CTCS-3. Also it introduced the standards and protocols of safety wireless transmission, the principle and the process of safety authentication mechanism in detail.
Secondly, according to the overall technical scheme of CTCS-3 level train control system and the application of message wireless transmission in CTCS-3 level train control system, the paper analysed the basic format of main operation scene's messages and news, including the composition of each packet, and packets and fields length in each sending news, etc
In this thesis, AES algorithm, which has higher safety coefficient, was used to improve the algorithm of calculating the MAC, and the principle of this algorithm was introduced. What's more, dual serial number mechanism was adopted to prevent delay and disorderly sequence errors in message transmission. Compared with the timestamp, the author also described the advantages and principles of the dual serial number mechanism.
At last, the thesis focused on the detailed process, system composition and interface of message safety wireless transmission between train and RBC. And MAC generative process were described in detail, besides, the RBC center database was designed, in which each data was used to calculate and produce MA and commands for train control. So how to design the database in a reasonable way has a significant influence on the security of wireless packet transmission.
论文对CTCS-3级列控系统中无线闭塞中心与车载设备之间无线报文安全传输的重要意义进行了阐述,并介绍了无线报文安全传输的标准及协议,对安全认证机制的原理和过程作了详细介绍。
其次,根据《CTCS-3级列控系统总体技术方案》及《CTCS-3级列控系统无线报文的应用》分析了主要运营场景中报文及消息的基本格式,包括各个信息包的构成,和每个发送消息所包含的信息包和字段长度等。
论文还对EurRadio协议中MAC的算法作了改进,采用安全系数更高的AES算法,并对此算法的原理进行了介绍。论文还采用了双序列号机制来防止报文传输过程中的延时及乱序错误,描述了双序列号相对于时间戳的优点,详细介绍了所采用的双序列号机制的原理。
论文最后对列车与RBC间无线报文安全传输的详细过程及系统的组成,实现的界面、MAC的生成过程做了详细的介绍,并对RBC中心数据库进行了设计,RBC中的数据量很大,每块数据都对RBC生成行车许可和控制列车的命令有着重要作用,所以设计合理的数据库,对无线报文的安全传输过程有着重要的意义。
In CTCS-3 level train control system, the safety wireless transmission of train-wayside messages plays a vital role. In thesis, EuroRadio protocol was used as the original version, and the RBC and train-wayside wireless messages safety transmission process in CTCS-3 was designed according to EN50159-2 standard. Based on the EuroRadio protocol, AES algorithm was used to calculate MAC yards, besides, dual serial number mechanism was applied, which makes the information more securely and the transportation more efficiently.
Firstly, The thesis stated the significance of the safety wireless transmission between RBC and on-board equipment in CTCS-3. Also it introduced the standards and protocols of safety wireless transmission, the principle and the process of safety authentication mechanism in detail.
Secondly, according to the overall technical scheme of CTCS-3 level train control system and the application of message wireless transmission in CTCS-3 level train control system, the paper analysed the basic format of main operation scene's messages and news, including the composition of each packet, and packets and fields length in each sending news, etc
In this thesis, AES algorithm, which has higher safety coefficient, was used to improve the algorithm of calculating the MAC, and the principle of this algorithm was introduced. What's more, dual serial number mechanism was adopted to prevent delay and disorderly sequence errors in message transmission. Compared with the timestamp, the author also described the advantages and principles of the dual serial number mechanism.
At last, the thesis focused on the detailed process, system composition and interface of message safety wireless transmission between train and RBC. And MAC generative process were described in detail, besides, the RBC center database was designed, in which each data was used to calculate and produce MA and commands for train control. So how to design the database in a reasonable way has a significant influence on the security of wireless packet transmission.
引文
[1]范丽君ETCS技术在列控系统中应用的探讨[J].中国铁道科学.2003年24卷第3期.98-103.
[2]王长林.列车运行控制技术[M].西南交通大学.2009.9
[3]韩胤,张勇CTCS-3级仿真系统中无线闭塞中心的仿真[J].铁路计算机应用.2007年16期.43-45
[4]徐丽,张勇CTCS-3级列控系统车载设备仿真子系统的设计与实现[J].铁路计算机应用.2008年17卷第5期.8-10
[5]铁道论坛.华为进入铁路信号领域推出列控核心设备RBC[EB/OL]. http://bbs.railcn.net/viewthread.php?tid=345394,2009
[6]中国通号网CTCS-3列控ATP及RBC硬件国产化通过部审[EB/OL]. http://www.crsc.cn/xwzx/kjcx/101029d.html,2010
[7]CENELEC.EN 50159-2 Railway applications Communication,signalling and processing systems-Part 2:Safety-relatedcommunication in open transmission systems [S],2001(3)
[8]Unisig:SUBSET-0372.2.0 EURORADIOFIS.2005.11.13
[9]ALSTOM.FSFB/2 Safety Protocol Requirements Spscification.22/07/99.10-15
[10]ANSALDO.SIGNAL-CESS Transport,BDU-CC Interface Definition[S],2006.1-10.
[11]杨霓霏,段武,卢佩玲.铁路信号系统安全相关通信标准与安全协议研究[J].中国铁路.2008年6月.48-51.
[12]于宏博.钟章队ETCS中安全通信的研究与探讨[J].铁道通信信号2005年第1期.30-33.
[13]中华人民共和国铁道部科技司.CTCS-3级列控系统GSM-R网络需求规范(V1.0)铁道部科技运[2008]168号.2008
[14]唐涛.郜春海ETCS系统分析及CTCS的研究[J].机车电转动.2004年11月第6期1-2
[15]ERTMS/ETCS-Class 1.System Requirement Specification Preface to the Version 2.2.2.SUBSET-026-preface v222.ISSUE 2.2.2.1.2.2002
[16]ERTMS/ETCS-ClasslGSM-R Interfaees Class 1 Requirements Subset-093-V230, 2005.10.10
[17]GSM-R欧洲铁路控制系统(ERTMS/ETCS)的基础[J].中国铁路.2001年6月第第12期.45-46.
[18]Muxiang Zhang and Yuguang Fang "Security Analysis and Enhancements of 3GPP Authentication and key Agrement Protocol" IEEE Transaction Wireless Communications.Vol.4.Issue2.March 2005
[19]Merritt Maxim and David Pollino.Wireless Security.McGraw-Hill Publishing.ISBN: 0-07-222832-6.2002
[20]ERTMS/ETCSFulietionalStatements.V2.0Jan.2004
[21]EuroradioFIS. Subset — 037.Version2.3.0.
[22]Safety Requirements for the Technical Interoperability of ETCS in Levels 1&2 SUBSET-091.ISSUE 1.2.2.20.03.2003
[23]胡东源GSM-R/CTCS在中国铁路的应用与发展战略[J].中国铁路.2003年1月第2期.11-14
[24]唐涛,郜春海,李开成,燕飞.基于通信的列车运行控制技术发展战略探讨[J].都市快轨交通.2005年12月.第18卷第6期.21-25.
[25]李春雨,徐洪泽.开放空间无线CBTC地车通信系统[J].铁路通信信号工程技术.2006年6月.第3卷第3期.46-48.
[26]铁道部科学技术司.CTCS-3级列控系统总体技术方案.2008年5月14
[27]CTCS-3级列控系统无线报文定义及运用原则(V0.84)
[28]FIS for the RBC/RBC Handover SUBSET-039.ISSUE 2.0.0,30.03.2000
[29]郭岳峰.刘继得.赵建国.无线闭塞中心切换问题分析[J].铁道通信信号.2009年.145卷第3期.41-42
[30]彭传贤.RBC控制能力及其布置方案探讨[J].铁道工程学报.2009年12月第12期(总135).72-76
[31]铁道部CTCS-3技术攻关组RBC-CTC接口规范(V0.13)[Z].铁道部科技司.2009
[32]临时限速服务器与TCC、RBC接口协议.V0.7.2009年2月
[33]邹少文.列控系统临时限速设计方案探讨[J].铁道工程学报.2008年第二期(总第113期).9-12
[34]ISO/IEC 9797Information technology-Security techniques-Message Authentication Codes (MAC)-Part 1:Mechanisms using a block cipher.2007.
[35]谷利泽,郑世慧,杨义先.现代密码学[M]。北京邮电大学出版社
[36]Joan Daemen and Vincent Rijmen.AES Proposal:Rijndael[EB/OL].https: //www.nist.gov/aes.
[37]Biham E.Shamir A.Power Analysis of the Key Scheduling of the AES Candidates[EB/OL].http://www.nist.gov/aes.
[38]Gorski Michael, Lucks Stefan.New related-key boomerang attacks on AES[J]. Lecture Notes in Computer Science,2008, v 5365 LNCS, p 266-278
[39]Post Hendrik, Sinz Carsten. Proving functional equivalence of two AES implementations using bounded model checking. Proceedings-2nd International Conference on Software Testing. Verification, and Validation, ICST 2009,2009, p 31-40
[40]Zhao Xinjie, Wang Tao, Mi Dong, Zheng Yuanyuan, Lun Zhaoyang.Robust first two rounds access driven cache timing attack on AES. Proceedings-International Conference on Computer Science and Software Engineering, CSSE 2008,2008, v 3. p 785-788
[41]CTCS-3级列控系统GSM-R网络需求规范(V1.0)-铁道部科技运[2008]168号
[42]陈通.基于3_DES算法的列控系统车地安全通信研究与实现[硕士学位论文].北方交通大学.2009年
[43]刘雨CBTC系统通信协议设计[硕士学位论文].北京.北京交通大学2008年1月.
[44]余鑫,吴文麒.安全信息传输系统.铁道通信信号.2003年.第39卷第1期.12-13
[45]邱仲潘,柯渝等编著Visual C++6.0从入门到精通[M].电子工业出版社,2005,9.1
[46]尹力民,王兴东等编著.Visual C++6.0应用编程150例[M].北京:电子工业出版社,2004
[47]北京博彦.MFC Windows程序设计[M].北京:清华大学出版社,2007.
[48]Hong Guan, Bo Yi Yong.A new hot standby control system for single and communication transmit to protect high speed (350 km/h) of railway safety.2010 International Conference on E-Product E-Service and E-Entertainment, ICEEE2010, 2010, p 206-212
[49]Short Roger.Safety-related data transmission for railway signalling and control[J]. Measurement and Control, December 2007, v 40, n 10, p 310-313
[50]王瑞丰.铁路信号运营基础[M].中国铁道出版社.2008
[51]秦玲.基于STATEMATE的无线闭塞中心数据流生成及形式化验证.[硕士学位论文].北方交通大学.2009年
[52]张维维,张勇.CTCS3级车载设备仿真测试平台的研究[J].铁路计算机应用,2007年1月:4-7.
[53]沈志凌.高速铁路CTCS-3列控系统无线闭塞中心设备数量计算原则和方法的研究[J].铁道标准设计,2009(增刊):136-137.
[54]郭荣.高速铁路无线闭塞中心软件设计与实现.[硕士学位论文].北方交通大学.2009
[2]王长林.列车运行控制技术[M].西南交通大学.2009.9
[3]韩胤,张勇CTCS-3级仿真系统中无线闭塞中心的仿真[J].铁路计算机应用.2007年16期.43-45
[4]徐丽,张勇CTCS-3级列控系统车载设备仿真子系统的设计与实现[J].铁路计算机应用.2008年17卷第5期.8-10
[5]铁道论坛.华为进入铁路信号领域推出列控核心设备RBC[EB/OL]. http://bbs.railcn.net/viewthread.php?tid=345394,2009
[6]中国通号网CTCS-3列控ATP及RBC硬件国产化通过部审[EB/OL]. http://www.crsc.cn/xwzx/kjcx/101029d.html,2010
[7]CENELEC.EN 50159-2 Railway applications Communication,signalling and processing systems-Part 2:Safety-relatedcommunication in open transmission systems [S],2001(3)
[8]Unisig:SUBSET-0372.2.0 EURORADIOFIS.2005.11.13
[9]ALSTOM.FSFB/2 Safety Protocol Requirements Spscification.22/07/99.10-15
[10]ANSALDO.SIGNAL-CESS Transport,BDU-CC Interface Definition[S],2006.1-10.
[11]杨霓霏,段武,卢佩玲.铁路信号系统安全相关通信标准与安全协议研究[J].中国铁路.2008年6月.48-51.
[12]于宏博.钟章队ETCS中安全通信的研究与探讨[J].铁道通信信号2005年第1期.30-33.
[13]中华人民共和国铁道部科技司.CTCS-3级列控系统GSM-R网络需求规范(V1.0)铁道部科技运[2008]168号.2008
[14]唐涛.郜春海ETCS系统分析及CTCS的研究[J].机车电转动.2004年11月第6期1-2
[15]ERTMS/ETCS-Class 1.System Requirement Specification Preface to the Version 2.2.2.SUBSET-026-preface v222.ISSUE 2.2.2.1.2.2002
[16]ERTMS/ETCS-ClasslGSM-R Interfaees Class 1 Requirements Subset-093-V230, 2005.10.10
[17]GSM-R欧洲铁路控制系统(ERTMS/ETCS)的基础[J].中国铁路.2001年6月第第12期.45-46.
[18]Muxiang Zhang and Yuguang Fang "Security Analysis and Enhancements of 3GPP Authentication and key Agrement Protocol" IEEE Transaction Wireless Communications.Vol.4.Issue2.March 2005
[19]Merritt Maxim and David Pollino.Wireless Security.McGraw-Hill Publishing.ISBN: 0-07-222832-6.2002
[20]ERTMS/ETCSFulietionalStatements.V2.0Jan.2004
[21]EuroradioFIS. Subset — 037.Version2.3.0.
[22]Safety Requirements for the Technical Interoperability of ETCS in Levels 1&2 SUBSET-091.ISSUE 1.2.2.20.03.2003
[23]胡东源GSM-R/CTCS在中国铁路的应用与发展战略[J].中国铁路.2003年1月第2期.11-14
[24]唐涛,郜春海,李开成,燕飞.基于通信的列车运行控制技术发展战略探讨[J].都市快轨交通.2005年12月.第18卷第6期.21-25.
[25]李春雨,徐洪泽.开放空间无线CBTC地车通信系统[J].铁路通信信号工程技术.2006年6月.第3卷第3期.46-48.
[26]铁道部科学技术司.CTCS-3级列控系统总体技术方案.2008年5月14
[27]CTCS-3级列控系统无线报文定义及运用原则(V0.84)
[28]FIS for the RBC/RBC Handover SUBSET-039.ISSUE 2.0.0,30.03.2000
[29]郭岳峰.刘继得.赵建国.无线闭塞中心切换问题分析[J].铁道通信信号.2009年.145卷第3期.41-42
[30]彭传贤.RBC控制能力及其布置方案探讨[J].铁道工程学报.2009年12月第12期(总135).72-76
[31]铁道部CTCS-3技术攻关组RBC-CTC接口规范(V0.13)[Z].铁道部科技司.2009
[32]临时限速服务器与TCC、RBC接口协议.V0.7.2009年2月
[33]邹少文.列控系统临时限速设计方案探讨[J].铁道工程学报.2008年第二期(总第113期).9-12
[34]ISO/IEC 9797Information technology-Security techniques-Message Authentication Codes (MAC)-Part 1:Mechanisms using a block cipher.2007.
[35]谷利泽,郑世慧,杨义先.现代密码学[M]。北京邮电大学出版社
[36]Joan Daemen and Vincent Rijmen.AES Proposal:Rijndael[EB/OL].https: //www.nist.gov/aes.
[37]Biham E.Shamir A.Power Analysis of the Key Scheduling of the AES Candidates[EB/OL].http://www.nist.gov/aes.
[38]Gorski Michael, Lucks Stefan.New related-key boomerang attacks on AES[J]. Lecture Notes in Computer Science,2008, v 5365 LNCS, p 266-278
[39]Post Hendrik, Sinz Carsten. Proving functional equivalence of two AES implementations using bounded model checking. Proceedings-2nd International Conference on Software Testing. Verification, and Validation, ICST 2009,2009, p 31-40
[40]Zhao Xinjie, Wang Tao, Mi Dong, Zheng Yuanyuan, Lun Zhaoyang.Robust first two rounds access driven cache timing attack on AES. Proceedings-International Conference on Computer Science and Software Engineering, CSSE 2008,2008, v 3. p 785-788
[41]CTCS-3级列控系统GSM-R网络需求规范(V1.0)-铁道部科技运[2008]168号
[42]陈通.基于3_DES算法的列控系统车地安全通信研究与实现[硕士学位论文].北方交通大学.2009年
[43]刘雨CBTC系统通信协议设计[硕士学位论文].北京.北京交通大学2008年1月.
[44]余鑫,吴文麒.安全信息传输系统.铁道通信信号.2003年.第39卷第1期.12-13
[45]邱仲潘,柯渝等编著Visual C++6.0从入门到精通[M].电子工业出版社,2005,9.1
[46]尹力民,王兴东等编著.Visual C++6.0应用编程150例[M].北京:电子工业出版社,2004
[47]北京博彦.MFC Windows程序设计[M].北京:清华大学出版社,2007.
[48]Hong Guan, Bo Yi Yong.A new hot standby control system for single and communication transmit to protect high speed (350 km/h) of railway safety.2010 International Conference on E-Product E-Service and E-Entertainment, ICEEE2010, 2010, p 206-212
[49]Short Roger.Safety-related data transmission for railway signalling and control[J]. Measurement and Control, December 2007, v 40, n 10, p 310-313
[50]王瑞丰.铁路信号运营基础[M].中国铁道出版社.2008
[51]秦玲.基于STATEMATE的无线闭塞中心数据流生成及形式化验证.[硕士学位论文].北方交通大学.2009年
[52]张维维,张勇.CTCS3级车载设备仿真测试平台的研究[J].铁路计算机应用,2007年1月:4-7.
[53]沈志凌.高速铁路CTCS-3列控系统无线闭塞中心设备数量计算原则和方法的研究[J].铁道标准设计,2009(增刊):136-137.
[54]郭荣.高速铁路无线闭塞中心软件设计与实现.[硕士学位论文].北方交通大学.2009