Responsible for IT-Security of the operational technologies at DB Netz AG
The development of a new security architecture for signalling at DB Netz AG
Safety and Security are important domains in current industrial control systems. While safety protects the human and the system from failures of the system itself, security protects the system from elements outside of the system. One is static, admissed, and is not allowed to change over years, the other has to adopt dynamically to changes in the threat landscape. Due to digitalisation and the need for more performance and a better maintainability isolated systems, responsible for controlling signals in the railway domain, are connected to large networks, using standard protocols and commercial-off-the-shelf components. Because of this change suddenly IT-Security becomes an important topic and it has to be integrated in safety components, which due to the contradicting requirements of the domains can be challenging.
The talk will show which challenges DB had during the development of their new security architecture for signalling and show how these challenges were solved. In the end lessons learned from the former development and future work will be shown.
Christian Schlehuber studied informatics and IT-Security at the TU Darmstadt with a specialization in critical infrastructures. After receiving his master degree he started to research at the Security Engineering Group of TU Darmstadt on the topic Critical Infrastructure Protection in 2013. In 2015 he got the opportunity to apply his researches in the interlocking technologies of DB Netz AG and switched to DB Netz AG. He currently is responsible for the IT-Security of the operational technologies of DB Netz AG. Besides this he is active in the European research projects Shift2Rail and CIPSEC, which aim at improving the IT-Security of Critical Infrastructures. He is also member of the CENELEC WG 26 and currently working on a European standard on IT-Security for Railways.