UK's new rail signalling system at risk from malicious insider, expert says

ERTMS hack could cause disruption or serious accident, says David Stupples


The UK’s new railway traffic management system could expose the passenger network to a real possibility of hacking or malevolence, a rail computing expert has told the BBC.

Due to be be in use by 2020, the European Rail Traffic Management System (ERTMS) is currently being tested by Network Rail, something that Professor David Stupples of City University’s Department of Electrical and Electronic Engineering told the BBC he has reservations about.

ERTMS sets limits on how fast trains should go in certain situations through signals and transfers of this information to the train itself. It forms a major European standard and is seen as having major benefits for train networks such as reduced costs and better use of capacity But it still a computer based system and represents a huge change from the old, manual systems in use today.

The risk, according to Stupples, is that an internal employee could either inadvertently or deliberately cause major disruption or even a serious accident.

"It's the clever malware that actually alters the way the train will respond," he told the BBC, outlining how the system could be attacked. "So, it will perhaps tell the system the train is slowing down, when it's speeding up."

"Governments aren't complacent. Certain ministers know this is absolutely possible and they are worried about it. Safeguards are going in, in secret, but it's always possible to get around them," said Stupples.

Most of the risk would come from insiders rather than an external hack, he said.

A Network Rail spokesperson acknowledged the possibility of attack to the BBC and said it was working closely with the security services to model and cope with the issue.

“The challenge will be spotting that the attack has actually happened before the effects in the real world are apparent,” commented Piers Wilson of Tier-3 subsidiary, Huntsman Security.

“With insider threats, there may be very little evidence beyond some small changes in system behaviour that security has been breached until it is too late.

“Similarly, attackers are always becoming more sophisticated and  developing new ways to penetrate defences. As a result, there is every chance that an attack will be completely new, and its effects and warning signs completely unknown, before it actually affects the signalling network.”

The real threat from new systems like ERTMS remains theoretical although it’s worth pointing out that the system is being used abroad without any issues so far.  Clearly the security agencies are aware of the issue and are planning for a system that will be essential to manage Britain’s notoriously inefficient railways 21st-century. Doing without it won't be an option.

"Recommended For You"

Network Rail to enable more trains on tracks with new control system Network Rail to cut 4,000 jobs and save £250m a year by centralising operations