The Technological Research Institute (IRT) Railenium has for ambition to be amongst the world leaders in research & development, testing and certification in the railway sector. Railenium is at the service of the railway industry to develop collaborative innovation and accelerate the development of new solutions. Railenium relies on the pooling of skills and human, financial and material resources by its 28 members: Infrastructure Managers (SNCF – French National Railways – and Eurotunnel), Railway Companies (equipment / systems manufacturers, engineering companies and manufacturers), research bodies and universities. Its activities cover urban, conventional and high-speed railway transport.
Through the SmartRaCon consortium, composed with the German Research Centre DLR (leader of the consortium), the Spanish Technology Centre CEIT and the British Company NSL, Railenium is an Associate Member on Innovation Programme (IP) 2 (Advanced Traffic Management and Control Systems) of the Joint Undertaking Shift2Rail. SmartRaCon is the only partner coming from academia. The activities on IP2 started on September 2016, through the X2Rail-1 project, which involves 19 partners from the Railway sector coming from 9 countries (France, Germany, Belgium, Austria, Britain, Sweden, Spain, Italy, and the Czech Republic).
This 13 months position is part of the X2Rail-1 project and will be held by Railenium for a work in IMT Lille Douai (in Douai). In this project, WP8 deals with the security aspects applied to the railways networks. Railenium’s contributions concern both low-level attacks (signal) and high-level ones (applications) for the wireless part of the railway communication system. For this position, we will focus on higher level data. Part of the work will be devoted to the development of Threat Detection, Prevention and Response strategies for railway IT and communication systems inside an Open Pluggable Framework.
In the context of the WP8 of X2Rail-1 project, the selected candidate will be in charge of the followings:
The work to be done is to investigate the use of adaptive classification algorithms for the detection and identifications of attacks in a railway data network.
It would allow to: (1) Detect unknown (new) internal and external threats and intrusions, (2) Build models with incomplete knowledge about the normal and safe modes, (3) Adapt the built models to changing behaviours of the attackers to break the security rules.
In such a system, some basic rules are coded in the first initialisation of the system and then the attack detection system will monitor and analyse any kind of possible drift in the behaviour of the operator to detect and localize further attacks more precisely.
In this work, the decision part will be based on extracted features from the signal/data. First work is to determine, by safety specialists, important parameters in them (statistics, linear/non-linear parameters, frequency or time-frequency parameters, evolution from one frame of time to another, etc.). Once defined, models will be built using these attributes (or parts of them if some are too correlated or identified by data analysis as irrelevant) and by taking into account their temporal evolutions or change dynamics. From these models, from the data streams, our adaptive algorithms can then classify quickly a time frame as normal or as one of the identified or searched attack.
For this data analysis part, some simulations data acquired in various platforms of the Railenium partners could be used to work on some specific use cases (specific attacks).
The postdoc is expected to start on May 1st, 2017.
(c) GdR 720 ISIS - CNRS - 2011-2015.