The U.S. operations of the Class I railroads are closer to reaching full compliance with the federal mandate to implement positive train control (PTC) by the end of December 2020, according to data from the Federal Railroad Administration (FRA). The data shows that Class I railroads are in 100% compliance in most of the areas as of June 30, 2020, except for two areas, that is the PTC system certification and interoperability. LILEE Systems has the experience, technical expertise, and resources to bring rail companies to full compliance and is currently helping ‘at-risk’ commuter railroads meet the deadline.
Interoperability with other trains – compliance and challenges
What is interoperability? Interoperability occurs when PTC system on the locomotives of a “host” railroad and “tenant” railroad operating on the same PTC-equipped line can successfully communicate, even when trains are moving over property boundaries. The last step of work is to achieve interoperability with other railroads’ individual PTC systems, which is viewed as the last piece in fulfilling the statutory mandate.
Looking back, allowing multiple PTC systems created several obstacles to viable interoperability. Reports indicate that 1/3 of railroad lines subject to the PTC mandate have enabled PTC, are on the interoperable systems, or are in the initial stages of interoperability testing. Railroads aside, many PTC suppliers are struggling to keep up with the demand for PTC systems and are facing very compressed schedules to meet the 2020 deadline. Taking into consideration the ongoing COVID-19 pandemic and other unforeseen circumstances, some railroads have been able to use staff and track availability resulting from reduced operations and ridership to make progress on PTC implementation and testing. Others have raised concerns about potential challenges arising due to the pandemic, software, availability of vendor expertise, and resources.
LILEE’s security and interoperability solution diagram
NEC (Northeast Corridor) security and interoperability challenges
NEC implementation of PTC still lacks two major requirements–wireless link security and interoperability. Compliance with requirements for wireless security as defined in 49 CFR 236.1033 is the pressing issue. This regulation requires that all wireless communications between the office, wayside, and onboard components in a PTC system provide cryptographic message integrity and authentication. The problem, however, was that no commercial system was available to meet this requirement for NEC operators.
The current design of the ACSES wireless communication protocol does not provide for message authentication and integrity check mechanisms. An attacker can easily forge a message to grant a train authority to enter a rail, while another train is still on it causing a collision due to operational error. Currently, the onboard computer does not have a way to distinguish whether the message is coming from a legitimate source or an attacker, it can only blindly accept the message and allow the train to enter the station. The disruption of the proper operation poses a potentially serious hazard to human health, security, and safety.
A system can only be as secure as its cryptographic keys. Therefore, in addition to a wireless security protocol that protects against unauthorized disclosure, modification, and substitution, the system must also include the means to distribute the cryptographic keys securely and efficiently.
Consider the scenario when keys for both the wayside and onboard systems are expired and need to be rotated. The process typically starts with key generation at the back office. Once the keys are securely generated, the keys then must be securely handed over to field technicians for installation. The technicians then need to connect to the wayside and onboard systems either physically or via the network to update the keys. This is not only error-prone but also time-consuming.
Key management server (KMS) software is an integral part of the wireless security system which provides simple and efficient management of keys for both the wayside and onboard assets. A KMS system provides a centralized management console from which operators in the back office can provision and rotate keys on both the wayside and onboard systems via the touch of a button.
How to secure shared tracks?
Rail tracks in the NEC are shared among not only the passenger rails in the corridor but also some of the freight rail operators. Therefore, the interoperability to support trains moving between host and tenant territories securely and efficiently is also very important. This poses additional challenges and requires that the KMS system provide an inter-KMS key exchange interface to allow the KMS hosted by one rail operator to interoperate with the KMS hosted by the other rail operators in the corridor. The cryptographic keys must be delivered to the wayside systems of a host operator before the trains from the tenant operator enter the territory so that the wireless rail base station at the wayside can validate the messages sent by the incoming train.
The other challenge is when keys from any of the rail operators in the corridor need to be updated or rotated. The inter-KMS interface must also allow real-time key updates to any operators in the corridor to avoid downtime. A KMS system must be able to dynamically accept key updates from any KMS tenant rail operators and distribute the keys to the wayside systems accordingly, so the rail operators in the corridor won’t need to coordinate a common track downtime for key updates.
LILEE is a trusted partner from day one of PTC implementation to the end and beyond
With extraordinarily little time left to achieve full compliance, LILEE is the vendor that is best equipped to assist in this last mile of the PTC implementation marathon. LILEE is not stopping here. Safety does not end with the current PTC compliance as we are ready to assist rail companies in protecting Maintenance of Way (MOW) workers and assets with our new MOW Collision Avoidance solution. See how we can help you protect your MOW employees and assets.
To learn more, please contact firstname.lastname@example.org.
About the author
Yale Lee is the Co-founder and Vice President of Technology at LILEE Systems. He has over twenty years of product development experience in the networking and security industry. For the past ten years, Yale has led the LILEE engineering and professional services teams to develop and deliver wireless communications solutions to North American Class I railroads to meet Positive Train Control (PTC) requirements.
Yale has authored several patents and is a member of the IEEE 802.15.4 and JCP JSR-289 committee. He received his BS degree in Electrical Engineering and MS degree in Computer Engineering both from the University of Massachusetts, Lowell.