Considering your company’s area of activity, what was your motivation to participate in H2020 project ADMORPH?
QMA focuses on developing technology and security management systems in the Railway segment, including Metro. The railway is an extensive system with variable topology, and the control system must adequately respond to all changes that could affect the availability or quality of the services provided. We are therefore looking for technologies, tools and procedures that would enable the adaptation of the control system to influences that cannot be predicted during the system development phase. An example of such an influence is threats from cyberspace.
The ADMORPH project foresees the following three use cases: autonomous aerospace systems, radar surveillance systems and subway transportation systems. Can you explain in more detail the use case that you contributed to the project or in which you are more involved? Which challenges does it raise?
In the project, we apply ADMORPH tools to the control and supervision system, which is a superstructure on top of the track and train systems for the safe movement of trains.
For operation on the metro route to run smoothly, it is necessary for the supervision and control system to continuously receive relevant information about the status of the individual parts of the system that are in the stations and on the trains. If the flow of information is disrupted, the affected part or the entire system goes into a safe state. A safe state means reducing traffic or even stopping it. Therefore, such a situation needs to be prevented or its effects minimized.
In the UseCase, we use ADMORH tools to create a system that, after identifying a threat to the quality of services provided, reconfigures the system to a state that ensures the continuity of service provision. At the same time, it will transmit information about the situation to the centre responsible for the system’s operation. After receiving the patch, the system can perform ourselves update without downtime.
The requirement for robustness, safety and the ability to adapt to new situations during the system’s operation was essential.
The project started just before the COVID-19 pandemic and is now nearing completion. How do you feel the pandemic affected the project development (if at all)?
The pandemic initially affected our ability to communicate F2F experiences and knowledge with project partners, but we managed to eliminate this with tools for team collaboration. What we could not eliminate, however, was the limited possibility of disseminating our own outputs to the segment in which we operate. Our cooperation with the metro operator was affected by the COV-19 restrictions, and we failed to prepare the environment for the operational verification of the developed platform on the metro train.
As the project comes to an end, how would you describe the state of integration of ADMORPH technologies in the use case you are working on?
We have managed to integrate technologies that are important for us in terms of future use. For example, in the UseCase, we have verified them to the extent that it will be possible to perform operational verification in a real environment. Although it won’t be directly on the train, the involvement in cyberspace will undoubtedly provide enough opportunities to verify the concept.
Looking ahead, which of the ADMORPH results you see with more potential for exploitation? Do you plan to exploit any of them?
In the project, we managed to integrate the CECILE toolchain with the PikeOS hypervisor and create a platform for control and surveillance systems used in an environment with an increased risk of cyber attacks. Furthermore, the tools and procedures we apply will enable quick adaptation of the system to identified vulnerability threats, which is one of the basic requirements of patch management control systems.
Although operational deployment still requires a lot of effort, especially in certification to railway and security standards, the platform we have designed is robust and flexible enough to meet current and future security requirements.