Could a Railway Operations SME Please Explain

[whole diary]

[Bob_Blakey]

Came across the following in Hansard (21/11/11 Columns 122/3):

The impact on our society of the internet and of the digital age is, I would argue, bigger than the invention of the wheel or more significant than the printing press, such is the effect on the world and our lives. If knowledge is power, the internet means power now has no boundaries.
The ability to simplify our lives through online banking and shopping is positive, of course, but the internet can be terrifying because of the risk of identity theft or, indeed, sabotage, which could lead to disasters such as a head-on rail collision.

A possibility, unnecessary scaremongering or complete tosh? Seems pretty unlikely to me but I would be interested in an expert opinion.

[Electric train]

Railway systems have traditionally operated on a "private wire" system there are moves afoot to use IP based systems although the railways have used multiplexed systems for decades these have largely been in house networks.  NR^» (Network Rail - home page) have been talking to the banking industry and the MoD about secure systems, the reason for this is to avoid a "head-on rail collision..

Needless to say I cannot say if, when, where or what systems are IP based

[eightf48544]

I would suggest the rail industry should look at IP based systems with care, particularly for control systems as they could be hacked. Although whether you could actually alter the software to set a confliciting route without the signalman noticing or an alarm being raised is an interesting question. You would need an intimate knowledge of the interlocking and signal control language to do such a thing.

Don't forget the last head on collsion was caused by a SPAD^▸ (Signal Passed At Danger) coupled with the failure to provide flank protection. The software worked as programmed.

Currently using private wires it is difficult to hack but as we have seen they are vunerable to cable theft, although I suppose that will still be the case as each signal, point and track circuit is not going to have it's own broadband connection to off the railway, unless we go wireless.

[Electric train]

I would suggest the rail industry should look at IP based systems with care, particularly for control systems as they could be hacked. Although whether you could actually alter the software to set a confliciting route without the signalman noticing or an alarm being raised is an interesting question. You would need an intimate knowledge of the interlocking and signal control language to do such a thing.

Don't forget the last head on collsion was caused by a SPAD^▸ (Signal Passed At Danger) coupled with the failure to provide flank protection. The software worked as programmed.

Currently using private wires it is difficult to hack but as we have seen they are vunerable to cable theft, although I suppose that will still be the case as each signal, point and track circuit is not going to have it's own broadband connection to off the railway, unless we go wireless.

With ETCS^▸ (European Train Control System) level 2 there are not fixed signals and no track circuits (other than in the UK^▸ (United Kingdom) we will use track circuits at junctions) axle counters are used these can have individual IP addresses and even at level 1 IP addressed equipment is possible.

Most of this comms will still be on internal systems with several layers of firewalls to the outside world