Sergey Gordeychik, Aleksandr Timorin and repdet
For years SCADA StrangeLove team speaks about vulnerabilities in Industrial Control Systems. Now we want to show by example of railway the link between information security and industrial safety and demonstrate how a root access gained in a few minutes can bring to naught all the years of efforts that were devoted to the improvement of fail-safety and reliability of the ICS system. Railroads is a complex systems and process automation is used in different areas: to control power, switches, signals and locomotives. At this talk we will analyze threats and vulnerabilities of fundamental rail-road automation systems such as computer based interlocking, automatic train control and automatic train protection. No vendor names and vulnerabilities details will be released, for obvious reasons. By the way, all research based on hands-on security exercises and most of issues are confirmed and processed by vendors.
This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them.
Please look for "audio tracks" in your desktop video player.