A hacker hacks into the system of a disabled train to restore it to working order
Sergeyz Bazanski, a member of the hacker group Dragon Sector who investigated the cause of the series of breakdowns of
q3k :blobcatcoffee:: 'I can finally reveal some rese…' - Warsaw Hackerspace Social Club
https://social.hackerspace.pl/@q3k/111528162462505087
Zaufana Trzecia Strona
https://zaufanatrzeciastrona.pl/post/o-trzech-takich-co-zhakowali-prawdziwy-pociag-a-nawet-30-pociagow/
Tajemnicze awarie polskich pociągów. Hakerzy podają przyczyny - Money.pl
https://www.money.pl/gospodarka/tajemnicze-awarie-polskich-pociagow-hakerzy-podaja-przyczyny-6970600372091424a.html
Poland's high-speed urban railway, Koleje Dolnośląskie, has introduced eleven five-car electric-diesel hybrid trains, the 45WE Impuls series manufactured by Newag. In spring 2022, the first train set introduced will exceed 1 million km of mileage and will require regular maintenance, including an overhaul. At that time, after a bidding competition in which Newag also participated, it was decided that Polish Railway Rolling Stock Services (SPS) would be responsible for the maintenance.
SPS carried out the inspection in accordance with the approximately 20,000 pages of related instructions provided by Newag. However, the trains were unable to depart after the overhaul, and inspections and investigations by service engineers did not improve the situation.
Subsequently, six of the eleven 45WE trains became unable to run, and SPS was facing a deadline to pay several thousand zlotys (tens of thousands to hundreds of thousands of yen) per train for 'not completing train maintenance within the deadline.' Meanwhile, Newag explained that 'the trains became unable to run due to a safety system,' but the instructions given to SPS did not mention the 'safety system.' Newag argued that 'the trains became unable to run due to misconduct by SPS's maintenance workshop. In light of this incident, Newag, the manufacturer, has no plans to perform maintenance. SPS should maintain them.'
As tensions grew within SPS that the trains could not run, the company asked the Poland-based hacker group Dragon Sector to investigate. After arriving on the scene, Dragon Sector's Bazanski, Michał Kowalczyk, and Jakub Stopniewicz first reverse-engineered the software installed on the trains.
After about a month and a half of investigation, Dragon Sector discovered that the software contained logic that would prevent the train from starting if it had been parked at a specific location for more than 10 days. They also found code that would send a false error code and prevent the train from starting after November 21, 2022, and that would prevent the train from starting if a part of the train was replaced.
In addition, the option to disable these 'train-disabling' functions by 'pressing the appropriate key combination on the control device in the passenger compartment' was also discovered. However, these codes and options were not included in the instructions provided by Newag.
This option was discovered just one day before the deadline for completing the work. Koleje Dolnośląskie was then scheduled to sign a new contract with Newag to perform maintenance. Despite some problems, such as the PC they were using for the work breaking down just before the start, Dragon Sector managed to start the train. Below is a video of the train Dragon Sector investigated leaving.
To by Impuls - YouTube
Word of SPS's success with maintaining the Newag trains reached various rail service companies, which led to an investigation into the software, resulting in a total of 13 trains being patched to fix the code that was causing the trains to become unable to run.
Newag strongly denies that Dragon Sector discovered the problem or that it intentionally added code to disable the trains, saying: 'In Poland, maintenance of rail vehicles is increasingly being outsourced to operators that do not have the appropriate competence or know-how. Such a policy could one day lead to serious train accidents.'
Poland's Central European Anti-Corruption Bureau reported on the case, saying: 'The case is very complex, but an investigation is already underway.'
According to Dragon Sector, the new software version removes the ability to unlock the train by pressing a key on the control panel in the passenger compartment, but the code that disables the train remains. Dragon Sector also points out that trains that continue to operate under conditions that would normally lock them now have a warning message on their display, and that telemetry units installed on the trains can remotely lock the trains in some cases.
Related Posts:
