Positive Train Controller (PTC) is a communication based system designed to enforce PTC safety objectives for trains such as train-to-train collisions, train derailments, and ensure railroad worker safety. Existing PTC designs consider risks due to operational environment such as location of other trains, switches, and speed limits.
We propose to enhance PTC by using a multi-tiered cognitive radio network that considers multiple risks such as those due to bandwidth congestion, packet length limitations, propagation losses, detectable exploitation of Software Defined Radio vulnerabilities, and protocol vulnerabilities. Radios operating at PTC nodes (such as train, WIU and Base station) is equipped with a cognitive layer, which communicates with other nodes to create a cognitive radio network. The proposed network as a whole strives to provide spectrum management and security for the radio communication system, which can enhance the PTC functionality.
Each cognitive radio in our proposed network consists of multiple tiers. The upper tier consists of a master cognitive engine that holistically evaluates the operational risks of the network and acts to mitigate them using the lower tiers. The lower tier (immediate slave tier to the master) consists of sub cognitive engines for cryptographic operations and spectrum management. The traditional PTC protocol is implemented at a lower tier module that interface with the master Cognitive Engine (CE). The master-slave communications within one radio is implemented using middleware.
The proposed cognitive radio network can be modeled as a cyber-physical system by incorporating train movement dynamics, radio transmission characteristics and cryptographical computations, thereby constituting a distributed system of communicating hybrid automatons. This design enables us to verify safety and the security of the system using formal methods, which constitutes our ongoing work. We also discuss potential issues such as FRA mandated safety cases that needs to be addressed if the proposed features are to be added to the PTC systems.