Automatic fare collection system (AFC) is a comprehensive application of computer, statistics, finance and other professional knowledge. It is an automatic system to realize the whole process of ticket selling, ticket checking, billing, charging, statistics, clearing and settlement and operation management of rail transit. It is the guarantee of rail transit economic source. AFC system transmits the signals collected by terminal equipment to computer center for clearing through Ethernet, and finally to ACC system of rail transit for clearing through core network.

     1  Industry background

     Urban rail transit system is a very important infrastructure for a city, especially a large city. The operation safety, operation speed, transportation capacity and operation efficiency of urban rail transit system are closely related to each system of rail transit, and the information security of rail transit AFC system has gradually been attached great importance by rail transit builders and relevant management departments.

    In the field of information security of rail transit AFC system, there is no systematic and mature solution at present. We should immediately consider to carry out this work, slow down and eliminate the hidden dangers of information security loopholes to AFC system as soon as possible, and study the best practice scheme combined with specific projects. However, the increase of information security related protection is bound to affect the efficiency, availability and maintainability of the system. AFC system is based on computer, communication, network, automatic control and other technologies. It uses contactless IC card as the medium to realize the functions of ticketing, checking, billing, charging, statistics and management of rail transit in a highly safe, reliable and confidential way.

    2  Design objectives

    Through the implementation of “rail transit AFC system detection and protection design”, the potential information security risks caused by system connection can be completely eliminated from three aspects of information security management, operation and maintenance and technology, so as to ensure the safe and stable operation of rail transit and prevent information security incidents.

1. Overall protection

We should plan and implement information security protection for rail transit AFC system as a whole, and build up a comprehensive, advanced and advanced information security system for rail transit AFC system from the angles of management, technology, operation, physical, network, host, application and data security.

2. Regional segregation

     The AFC system network of rail transit is divided according to the importance, category, function and other factors of business. It is implemented according to the principle of “vertical stratification and horizontal partition”. Then necessary safety isolation and protection measures are adopted between different systems, different layers and different partitions to detect, control and protect the data flow and business operation between them.

3. Real time monitoring

     A comprehensive information security system cannot do without the real-time control of the information security status. The implementation of “prevention in advance, control of the incident and improvement after the incident” is one of the core contents of the system information security assurance system.

4. Host control

     Centralized security configuration and monitoring audit are implemented for the important hosts and terminals in the central control part of the rail transit AFC system to detect and contain the security hazards from the source.

5. Operation and maintenance guarantee

     The implementation of system information security policies, strategies, systems and protection means depends on the effective operation of management and technical measures. Operation and maintenance is not only the key activity of linking management and technology, but also the effective support for their implementation.

3  Solutions

    In this scheme, the line center network is composed of server, core layer 3 switch and working group layer 2 switch, which are connected by main and standby redundancy to form a dual network. Each terminal equipment in the line center is gathered on the core layer 3 switch through star connection, and then cascaded to the backbone ring network. The backbone network between stations is connected by 1000Mbps optical fiber ring network redundancy.

    Station terminal system: grouping according to the left and right of the hall, connecting the station terminal equipment with the Feichang series network management Industrial Ethernet switch respectively, and then connecting its optical fiber interface with the optical port on the core switch to form a redundant ring network.

    Station computer system: an industrial switch is used to gather all equipment in the system in star connection mode, and then cascade with the core switch. The data can communicate with the line center system through the backbone ring network of the station.

    Line center computer system: this system is the center system of the whole line, responsible for unified supervision of the information of each station, and uploaded to the rail transit clearing center. Therefore, two industrial Ethernet switches are used in the computer system of the line center to redundantly interconnect the server, memory and communication server in the network structure of one main and one standby.

    Maintenance center and training simulation system: the maintenance work area system is responsible for the equipment maintenance and training of the whole station. We use three Feichang 100m Industrial Ethernet switches to cascade the equipment of maintenance center, training and simulation system and maintenance work area to the station core ring network, so as to communicate with the line center.

    4 System structure diagram

    5  Related products

    Well, the above content is the detailed introduction of the solution of AFC system of urban rail transit by Feichang technology. I hope it can help you! Feichang technology optical communication and access solution expert! Long term commitment to provide customers with optical mulitiplexer, industrial switches, fiber media converter and other industrial communication equipment, deep ploughing in the intelligent transportation industry for several years, based on railway, subway, highway, waterway, aviation, urban public transport and other diversified application scenarios, launched customized solutions, first served more than 100 transportation industry customers, has been widely trusted and recognized. Welcome to come to understand and exchange.

Web: www.fctele.com
Email: ethan@fctel.com.cn