西南交通大学学报Issue(3):478-484,503,8.DOI:10.3969/j.issn.0258-2724.2015.03.015
高速铁路信号系统网络安全与统一管控
Analysis of Network Security for Chinese High-Speed Railway Signal Systems and Proposal of Unified Security Control
摘要
Abstract
In order to ensure the network security of China's high-speed railway signal system,the network security issues including the central traffic control (CTC ) system,train control system, centralized signal monitoring system and the GSM-R system were analyzed generally. Subsequently a unified network security control and management strategy was proposed based on the software-defined networking (SDN)architecture. The centralized management and unified security policies are achieved in one physical network,and the original control logics between sub-networks including CTC network, train control network and centralized signal monitoring network are all software-defined in the control plane,which enables the finer and unified control of the whole network. Using the logically centralized controller,the unified device register control,communication control and packet traceability are all achieved,thus improving the network security and reducing the management complexity. According to the analysis,the proposed architecture is centrally managed,network programmable and unified of the security policy. The proposed strategy is better than the distributed control network for the management of China's high-speed railway signal system network security and can solve the complex management of networks' interconnection of different security levels.关键词
高速铁路/信号系统/网络安全/软件定义网络/下一代铁路信号系统网络/CTCS-3Key words
high-speed railway/signal systems/network security/software-defined networking/next generation network of Chinese high-speed railway signal system/CTCS-3分类
交通工程引用本文复制引用
李赛飞,闫连山,郭伟,郭进,陈建译,潘炜,方旭明..高速铁路信号系统网络安全与统一管控[J].西南交通大学学报,2015,(3):478-484,503,8.基金项目
国家自然科学基金资助项目(61401377);铁道部重大项目(2012X004-A);教育部重大项目 ()