>>Because the trains use a radio system that lacks encryption or authentication for those commands, Olejnik says, anyone with as little as $30 of off-the-shelf radio equipment can broadcast the command to a Polish train—sending a series of three acoustic tones at a 150.100 megahertz frequency—and trigger their emergency stop function.
Goes without saying here that this needs to be fixed ASAP.
>>The railway agency wrote that “there is no threat to rail passengers. The result of this event is only difficulties in the running of trains.”
There is no threat to rail passengers, unless a passenger train does not know about a stopped train ahead of it on the tracks, e.g., a cargo train go stopped by the hack, but the passenger train 10min behind it did not and continues to rush onward towards the stopped cargo train. IDK if Poland's control system would reliably detects these conditions, but if it does not with 100% reliability, this is a real threat.
> There is no threat to rail passengers, unless a passenger train does not know about a stopped train ahead of it on the tracks, e.g., a cargo train go stopped by the hack, but the passenger train 10min behind it did not and continues to rush onward towards the stopped cargo train.
Almost everywhere in Europe uses actual signalling blocks backed by axle counters and DC detection circuits between the rails of a track, or by physical key/token based interlocks to detect if a train can safely enter the block. The way the US does it (especially detecting if a train has not been separated along the way by using a caboose/end-of-train beacon) may cost less money, but would be viable to such issues.
> The way the US does it (especially detecting if a train has not been separated along the way by using a caboose/end-of-train beacon) may cost less money, but would be viable to such issues.
Detecting separation doesn't rely on the end-of-train device. The EOTD only helps with this by 1/ helping activate the brakes twice as fast by detecting loss of pressure on its end and opening the brake valve, and 2/ sending periodic status indication via radio signal to the locomotive so the crew has more visibility into what the pressure is and whether the tail of the train is moving.
That's why you should be doing a brake continuity check before departing… (Of course that's not entirely foolproof, either, and there have been accidents caused e.g. by a lack of braking power because the brake pipe wasn't fully connected throughout the full train.)
Yeah, on Polish railways there's always brake check on the last carriage.
> (Of course that's not entirely foolproof, either, and there have been accidents caused e.g. by a lack of braking power because the brake pipe wasn't fully connected throughout the full train.)
Can you specify what you mean? If the pipe wasn't properly connected, it shouldn't start at all, because the system needs pressure to release the brakes.
> Can you specify what you mean? If the pipe wasn't properly connected, it shouldn't start at all, because the system needs pressure to release the brakes.
These pneumatic systems leak. You're not allowed to park a train for longer than 24h in Germany if it is purely secured with air pressure for that reason - if it's a particularly bad composition, you seriously risk having no pressure anywhere in the system by that time, and thus no brakes being applied.
Railway signaling works based on whether something is there, not based on whether it should be there. If the freight train stops, then the signals for the passenger train will tell it that it cannot proceed.
I don't know anything specific about Poland's rail signaling, but they can't have messed that up. It's written in blood.
Wow, that's a lot of places where human error was able to make things worse.
Particularly the fact that it's possible to use a "subsidiary signal" to just override the problem. The equivalent British scenario calls for the signaller to vocally inform the driver (e.g. today over GSM-R) something akin to "Pass the danger signal at caution, obeying all other signals". This may mean if there are a multiple related failures, you need to "caution" drivers the same way repeatedly - but without that final sentence the driver may ignore signals that are not related to the failure you understood, and passing those really will kill somebody.
The requirement to move "at caution" meaning with the ability to stop on sight means trains under these conditions don't go very fast - they can't, even on straight lines in broad daylight you can't see far enough to go full speed on a passenger train under those rules, but it also means if you screwed up and there is a serious problem the driver under caution can see the problem with enough time to stop. It further ensures there's an incentive not to allow such situations to persist as they presumably must have for Poland to deliberately fit the "subsidiary" lamps.
Goes without saying here that this needs to be fixed ASAP.
>>The railway agency wrote that “there is no threat to rail passengers. The result of this event is only difficulties in the running of trains.”
There is no threat to rail passengers, unless a passenger train does not know about a stopped train ahead of it on the tracks, e.g., a cargo train go stopped by the hack, but the passenger train 10min behind it did not and continues to rush onward towards the stopped cargo train. IDK if Poland's control system would reliably detects these conditions, but if it does not with 100% reliability, this is a real threat.