article

Railway cyber security

Posted: 2 August 2016 | | 1 comment

For my next blog on Global Railway Review I have chosen a very topical subject to share with you, security but perhaps not in the vein you might expect…

Graham-Ellis-Author-Banner

For my next blog on Global Railway Review I have chosen a very topical subject to share with you, security but perhaps not in the vein you might expect…

At a meeting of the Parliamentary Advisory Council on Transport Safety (PACTS) held in January this year members were briefed on automotive cyber security. Whilst this focussed on cars, as they are early adopters of on-board technology, it can also be relevant to trains as more and more data is received and transmitted to and from them. This may either be data from the train and /or from passengers.

Why should we worry about this? Well, we only need to look at the tragic accident on Italian railways where a single track working used what we would now consider to be an antiquated system which resulted in a head on crash at a closing speed of around 120mph.

Rail collision southern italy

Crash site near Bari, Italy

Identifying railway cyber security vulnerabilities

On most railways throughout the world the signalling systems are becoming ever more sophisticated with in-cab speed permitted displays and trains being able to run closer together as the computerised systems can calculate maximum braking distances in all circumstances rather than relying on a member of staff phoning the other end of the single track working to say that there is a train on its way! The European Rail Train Management System (ERTMS) is mandated for rail operations throughout Europe. What we have not seen, is that there may well be some vulnerabilities is that system, and we need to be sure that those vulnerabilities have been thought about and addressed before someone exploits them.

What am I thinking about? Well first off the control rooms controlling track access, can I access the control room easily as an unauthorised visitor and can I get to the control system. In the Eurotunnel train control that is virtually impossible, the control room is located in a hardened building with various levels of security to gain access. Even Eurotunnel staff cannot gain free access unless they have been pre-authorised, I know this because on a press trip to the control room our guide did not have the correct authority on their access badge and had to request access for each of us individually and we were matched to the pre-arranged visitor list before we could enter.

Railway cyber security

We had been allowed in at a time when the actual train control was being operated from the mirror image control at Calais and so there was no way we could access the control system. Both Folkestone and Calais are bi-lingual with direct video links and so if something “strange” happens the secondary control room can see that and has the ability to stop all trains, they cannot modify the running schedules, just stop trains safely.

Similarly the new South West Trains regional control room is protected by layers of security that prevent any unauthorised access to the actual operating system. I do not know how secure the facility is because they were still installing the systems in the building but, from what I could see it was as secure as could be made possible within a non-military area.

Security questions to ask…

Do we think that this is sufficient, I don’t because in a lot of cases you do not need to access the control room to gain control of systems, what you need to do is gain access to the computer systems either directly or indirectly. Do we know that the systems installed in the rolling stock are secure or can someone just sit in the carriage and hack into the systems? I don’t know but has anyone checked?

In the automotive industry it was found that manufacturers and suppliers both thought that the other was responsible for security of on-board systems and so no-one actually WAS responsible which left a large vulnerability present. Are we sure that the passenger Wi-Fi is also separate from the on-board control systems or are they using the same systems to communicate to the track side, is the trackside infrastructure secure?

These and many other questions need to be asked and answered in a clear and understandable manner before we rush headlong into full computerised control. Whilst a lot of autonomous systems are used around the world, that world has changed with the ever present threat of terrorism and from the hobby hacker who can easily access the Pentagons systems.

Whilst I don’t believe that there is a massive lack of understanding about cyber security I cannot put my hand on my heart and say that everyone is safe and secure. Is this something that the industry should be discussing behind closed doors and should we; as an industry publication; be arranging just such a conference?

I await your views…

One response to “Railway cyber security”

  1. Maurizio Dal Re says:

    Sorry, but your Italian example is not correct, because it is not a vulnerabilities case, but human error: the Officer in one of two end Stations gave the wrong ok to the wrong train.
    It’s an antiquated system where the only control was on phone/human interaction…very sad indeed.

Leave a Reply

Your email address will not be published. Required fields are marked *