Integrity Checking of Railway Interlocking Firmware

While uses of trusted computing have concentrated on the boot process, system integrity and remote attestation of systems, little has been made on the higher use cases - particularly safety related domains - where integrity failures can have devastating consequences, eg: StuxNet and Triton. Understanding trusted systems and exploring their operation is complicated by the need for a core and hardware roots of trust, such as TPM module. This can be problematical, if not impossible to work with in some domains, such as Rail and Medicine, where such hardware is still unfamiliar. We construct a simulation environment to quickly prototype and explore trusted systems, as well as provide a safe means for exploring trust and integrity attacks in these vertical domains.