Polish train manufacturer that lost servicing tender programmed train controller to brick itself after train stays for some time in 6 ISP facilities or in 1 their faculity(for testing?) until undocumented button combination is pressed. Some controller versions brick itself after train is idle for 10 days. After news about this became public, manufacturer removed ability to unlock train by button combination.

Also manufacturer is able to remotely brick train over internet(connected via GSM) at any time.

Full versions: Polish(original), Russian

  • Zippy@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    I would not take this as proof. A third party company was being penalized significant fees because they were not meeting their contractual requirements to keep the trains running. Newag completely denies it suggesting maintenance makes up only 5 percent of their revenue. Also stated was that they controls have no connection to the internet which is a likely design requirement. Negating some of the claims.

    Not suggesting they are not at fault but it appears multiple companies have a stake in this. There likely is no digital fingerprint on the PLC software modifications so if some devious code is found, would be hard to show who did it and when. There is possibilities to check all trains and if for example no faulty code was found on trains that were never maintained by company xyz, then that may create some suspicion on a different company. If code found on every train…

    I wouldn’t discount anything. Even Newag.