Striving to tackle the country’s rail capacity problem, companies are making a sustained push to digitise the railway. Stewart Thorpe reports from the Digital Rail Summit to find out what progress is being made.
Would anyone hack a railway? That was the leading question in an investigation carried out by Koramis to discover just how vulnerable the railway network is. The German IT specialist partnered with security firm Sophos in 2015 to create a real control system for what appeared to be a real rail network somewhere in the world – it was in fact simulated.
The results from Project HoneyTrain, says SNC-Lavalin Rail and Transit principal consultant David Robson, were ‘a little scary’. Complete with real CCTV feeds, in-cab driver videos and a fully operating customer-facing website, over a six- week period the control system was attacked 2,745,267 times.
‘I think the sheer volume of attacks shows that people don’t care if it’s a railway, they’ll happily have a go at hacking because it’s fun,’ says David, who has a background in developing control systems.
‘During an interview with the chief research officer, he stated that HoneyTrain was a great experiment to analyse the adversary’s moral limits. He went on to say that they had attackers derailing trains and running them at full speed into a dead end. These hackers did not know this was a pretend railway, as far as they were concerned they’d found a railway and thought they’d have some fun.
Held at international law firm Bird & Bird’s London office, David’s talk at the Digital Rail Summit focused on overcoming two common misconceptions: that no one would hack the railway and that its systems are too sophisticated to infiltrate. The HoneyTrain report was the most startling of a dozen presentations held at the summit on 26 April, which examined the major initiatives to digitise the railway.
Referring to an incident which saw Devon County Council held to ransom for £3,000 for the safe return of its allotment waiting list, David says that hackers will hack anything and that this needs addressing on the railway network. But it is not a case of a one-off change, cyber security is an evolving subject that needs constantly reassessing. Legacy equipment needs protecting as well as new technology and staff need training to prevent them giving system access to malicious software.
‘We need to accept that the world is getting more and more connected. Cyber security is not going away. Cyber security incidents are only likely to increase. Do we really need to wait for a major incident before we start taking this as seriously as other safety issues?’ David concluded.
The digital railway may have its challenges but there are great opportunities to seize as well. The Rail Delivery Group (RDG) is trying to create a ‘frictionless’ customer experience with the introduction of smart ticketing across the country. Demanding that all train operating companies (TOCs) make Oyster-style cards available to customers by 2018, Secretary of State Chris Grayling is a driving force behind the change.
Smart tickets will allow for great information management, to be able to accurately calculate peak load and to figure out how many passengers are coming through and ways to influence that traffic, as well as making it a better user experience.
RDG’s managing director of technology services Dennis Rocks says that they’re working to connect disparate ticketing systems to break down the virtual barriers.
‘What we’re saying is that, some time between 2020 and 2022, magstripe will be the least used ticket fulfilment, but it will still be there,’ says Dennis.
‘The challenge to us is how we move from what is a fairly analogue age into a digital age and eventually how we also move away from card and into using phones. It’s all about the customer and doing the right thing.’
The fact that there are currently 600,000 smart cards in circulation, compared to 920 million magnetic stripe cards used across 2,500 stations every year, helps to put the size of the transformation into perspective.
A central part of the digital railway programme is the implementation of European Rail Traffic Management System (ERTMS) and Hanne Nybo Johansen of Atkins has been leading the rolling out of ERTMS level 2 in Denmark since 2014.
‘The traditional railway has a lot of signals, ERTMS level 2 is a detailed radio-based system which continuously transmits the data to the cab on the train,’ explains Hanne, who says that the project’s implementation will reduce the number of traffic control centres from 60 to two. ‘It will enable us to double the number of passengers travelling on the rail by 2030.
‘We are looking forward to having about 80 per cent of the delays caused by the signalling system disappear after introducing the new system. We are also looking into the reduced cost of maintenance and operation cost.
‘It might not be an overnight big bang but it is a big bang done in a very short time. It is also the first time it is being done nationwide and it is a chance to get to this whole solution approach rather than people managing their own systems. This is all about getting a more attractive railway.’
Representatives from Siemens, Alstom, EAMS Group, ESP Group, Huber+Suhner and Nexus Alpha spoke about ‘visible’ and ‘invisible’ aspects of digitising the railway.
Figures from Bird & Bird spoke about the respective legal perspectives on a number of topics and members of the audience were given the opportunity to ask questions too.
Above all else, the Digital Rail Summit showcased the opportunities that are available to the rail industry to overcome its capacity conundrum without the need for expensive infrastructure projects.
Britain was at the forefront of developments in the railway and, if events such as the summit continue to provide the platform to share and discuss experiences, there is every hope that Britain can be at the forefront of the digital railway revolution too.
Thanks to event sponsors ADComms, Amey and Costain, lanyard sponsors Westermo Data Communications and Bird & Bird for hosting the Digital Rail Summit. The next event is the Rail Safety Summit which is taking place on September 13, followed by the Rail Sustainability Summit on September 14. For more information go to www.railsummits.com.