At The Register, John Leyden offers a bit of doubt that Professor David Stupples can really be said to be an impartial observer:
The rollout of a next generation train signalling system across the UK could leave the network at greater risk of hack attacks, a university professor has claimed.
Prof David Stupples warns that plans to replace the existing (aging) signalling system with the new European Rail Traffic Management System (ERTMS) could open up the network to potential attacks, particularly from disgruntled employees or other rogue insiders.
ERTMS will manage how fast trains travel, so a hack attack might potentially cause trains to move too quickly. UK tests of the European Rail Traffic Management System have already begun ahead of the expected rollout.
By the 2020s the system will be in full control of trains on mainline routes. Other countries have already successfully rolled out the system and there are no reports, at least, of any meaningful cyber-attack to date.
Nonetheless, Prof Stupples is concerned that hacks against the system could cause “major disruption” or even a “nasty accident”.
ERTMS is designed to make networks safer by safeguarding against driver mistakes, a significant factor historically in rail accidents. Yet these benefits are offset by the risk of hackers manipulating control systems, Prof Stupples, of City University London, warned.
