Hackers, Worms & Signalling

You are here: Home > Forum > Miscellaneous > The real thing (signalling) > Hackers, Worms & Signalling

Page 1 of 1

Hackers, Worms & Signalling 29/09/2010 at 19:17 #1835
UKTrainMan
Avatar
1803 posts
I read this news article earlier today and along with everything else it mentioned the following;

Quote:
Or a railway's signals system thrown into chaos.
Surely if hackers or a worm/worms got into the signalling systems then some form of fail-safe would kick-in?

Just made me wonder....

As always, thanks in-advance for replies.

Any views and / or opinions expressed by myself are from me personally and do not represent those of any company I either work for or am a consultant for.
Log in to reply
Hackers, Worms & Signalling 29/09/2010 at 19:17 #11770
UKTrainMan
Avatar
1803 posts
I read this news article earlier today and along with everything else it mentioned the following;

Quote:
Or a railway's signals system thrown into chaos.
Surely if hackers or a worm/worms got into the signalling systems then some form of fail-safe would kick-in?

Just made me wonder....

As always, thanks in-advance for replies.

Any views and / or opinions expressed by myself are from me personally and do not represent those of any company I either work for or am a consultant for.
Log in to reply
Hackers, Worms & Signalling 29/09/2010 at 19:50 #11772
Albert
Avatar
1313 posts
If only 1 computer is hacked, fail-safe will kick-in as you said. If more are hacked (safety computers are provided double), you can't be sure about that, but it is almost impossible to hack a signalling computer. That's how it is here in Holland.
AJP in games
Log in to reply
Hackers, Worms & Signalling 29/09/2010 at 22:20 #11779
GeoffM
Avatar
6274 posts
No UK interlocking is "on the net", even via any firewalls. Most computer-based interlockings are triplicated, not duplicated, for safety reasons. Without going into too much detail, for obvious reasons, you'd have to have direct physical access to the signalling equipment (even the workstations) to be able to affect anything, and even then the worst it would be is operationally undesirable rather than unsafe.

Other countries may vary - particularly the US where I note a virus a few years ago caused a control failure - NOT a safety failure - of remote interlockings.

As usual, media speculation without real world reality.

SimSig Boss
Log in to reply
Hackers, Worms & Signalling 30/09/2010 at 13:36 #11790
postal
Avatar
5189 posts
As I understand it (and as the Sky News link refers), the Stuxnet malware is transmitted by infected USB flash memories and not through an internet connection. Presumably the UK interlockings have to include some ability to receive software upgrades and patches which I assume would involve some sort of local network connection or the ability to use a disk or external memory source. This is the sort of weak link that has been compromised by Stuxnet rather than by the normal infection by click and I would be surprised if we could categorically state it could never happen here.

Obviously the Sky story is written from a technically uninformed position and with the aim of extracting the maximum panic factor from the story, but then again, why would the writers of something like this necessarily want to create an unsafe situation? Just bringing the system to a standstill until the whole of the software over the system is re-loaded and re-booted may be a satisfactory outcome for them. For example, at its silliest level it could save Bob Crow a lot of strike pay!

JG

“In life, there is always someone out there, who won’t like you, for whatever reason, don’t let the insecurities in their lives affect yours.” – Rashida Rowe
Log in to reply
Hackers, Worms & Signalling 30/09/2010 at 17:16 #11796
GeoffM
Avatar
6274 posts
postal said:
Presumably the UK interlockings have to include some ability to receive software upgrades and patches which I assume would involve some sort of local network connection or the ability to use a disk or external memory source. This is the sort of weak link that has been compromised by Stuxnet rather than by the normal infection by click and I would be surprised if we could categorically state it could never happen here.
EPROMs for SSIs. I can't quote other interlocking types but for a hacker to succeed they would need physical access to the equipment, not to mention writing code for custom hardware. Maybe one cannot cetagorically state it would never happen but one can say it would be so unlikely as to be virtually impossible.

SimSig Boss
Log in to reply