网络与信息安全学报 (Jun 2025)
Security scheme for time-critical TRDP message
Abstract
As train communication technology advanced, the environment of train control networks became increasingly complex, with more network bandwidth being demanded by on-board devices and greater complexity emerging in network topology. Consequently, the physical layer carrier for train internet gradually transitioned from serial communication bus networks to Ethernet. To ensure the normal operation of the Ethernet protocol stack in the train internet and meet the unique requirements of the train internet, the TRDP protocol was proposed by the TCN alliance and has now become an essential part of data transmission for on-board devices. However, with the introduction of the Ethernet architecture, traditional computer network security risks were also brought into the train communication network. The TRDP protocol, built upon Ethernet, lacked effective security protection mechanisms and faced a series of risks such as malicious attacks, data leakage, and denial of service. Based on the TRDP protocol, the differences and requirements of its two protocol modes, message data and process data, were analyzed. Suitable encryption protocols in line with the actual situation of the train internet were selected, protocol details were improved, and a security scheme based on encryption protocols was designed. Furthermore, a model system was constructed on this foundation. The system demonstrates how these key security technologies can be combined to build a secure TRDP train information system and proves that it can meet the performance requirements of the train internet for the TRDP protocol while ensuring the security of the protocol.
