Newag: Difference between revisions

Newag S.A.
Company type	Public (Spółka Akcyjna)
Traded as	WSE: NWG
Industry	Railway rolling stock manufacturer
Founded	1876
Headquarters	Nowy Sącz, Poland
Key people	Zbigniew Konieczek [pl] (President and CEO); Zbigniew Jakubas [pl] (Chairman of the supervisory board)
Products	locomotives; multiple units; trams;
Revenue	1,325,866,000 zł (2020)
Net income	169,139,000 zł (2020)
Number of employees	1,447 (2020)
Website	www.newag.pl

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 17:27, 9 December 2023

Newag S.A. (pronounced: nevag) is a Polish company, based in Nowy Sącz, specialising in the production, maintenance, and modernisation of railway rolling stock. The company's products include the 14WE, 19WE, 35WE types electric multiple units. The company has also developed the Nevelo prototype tram^[2] and formed a consortium with Siemens Mobility for final assembly of Siemens Inspiro metro trains for the Warsaw Metro and Sofia Metro.

History

In 1876 (when Nowy Sącz belonged to Austria-Hungary), the Imperial-Royal Railway Workshops opened, serving the newly built Tarnów–Leluchów railway line [pl]. After the First World War and the establishment of the Second Polish Republic, the company, renamed "1st Class Main Workshop", was redirected to serve Polish State Railways (PKP), employing some 1,800 workers in 1922. In post-World War II communist Poland the workshop was nationalised and later became a separate, though still state-owned, enterprise officially called "Nowy Sacz Railway Rolling Stock Repairs Depot in Nowy Sacz, State Independent Enterprise" (Template:Lang-pl), with a workforce of about 3,500 in 1952. ZNTK Nowy Sącz serviced its last steam locomotive (a TKt48) in 1972.

After the fall of communism and the economic changes of 1989, ZNTK Nowy Sącz was transformed into a State Treasury Joint Stock Company, with the Polish state as the only shareholder. The company went through a period of financial turmoil around 2001 and its shares were acquired by a private domestic investor in 2003. The current name was adopted in 2005.

Current products

Nevelo – three-section low-floor tramcar, currently in service in Kraków
Impuls – electric multiple unit for urban, suburban or regional services
Vulcano – diesel multiple unit, currently in service in Italy
Griffin – four-axle electric or diesel-electric locomotive for express passenger and light-medium freight services
Dragon – six-axle high-power electric or diesel-electric locomotive for heavy freight services

Locomotives and EMU are available with optional last-mile diesel.

Production history

Own production
electric multiple units
14WE Halny	19WE	31WE Impuls	35WE Impuls	36WE Impuls	37WE Impuls	39WE	45WE Impuls	Inspiro
diesel multiple units
36WEhd	220M	221M	222M	226M Vulcano
electric locomotives
E4MSU Griffin	E4DCU-DP Griffin	E6ACT Dragon	E6DCF-DP Dragon
trams
126N Nevelo
Modernization
electric multiple units
EN57	EN71
electric locomotives
EU07 303Eb	EU07 303Ec	EP07P 303Eb	EP09 104Ec	EM10 405Em	3E-100	ET22 201El	ET22 201Ek	ET22 201Em	EL2
diesel locomotives
6Dg	6Dl	15D/16D	18D	311D

Test track

The company has set up an electrified, 245 metre long test track to test the electric rolling stock it manufactures or modernises. The overhead can be supplied with any of the four systems, commonly used on European railways: 1.5 and 3 kV DC, 15 kV 16.7 Hz and 25 kV 50 Hz.^[3]

Controversy

2023 Allegations of software sabotage and anti-competitive practices

In December 2023, software engineers from the Dragon Sector white hat hacker group revealed that they had reverse engineered the embedded software of Newag 45WE Impuls EMUs after operator Koleje Dolnośląskie had experienced a number of mysterious breakdowns when maintenance was performed by their selected contractor Serwis Pojazdów Szynowych (SPS).^[4] Newag alleged the issues were a result of malpractice by SPS and that the trains should instead be serviced by Newag.^[5]

Analysis of the software revealed the trains embedded computers were programmed to lock up and display bogus fault messages and prevent the train from running if certain predefined conditions were met including: if the train was at the coordinates of either PESA Bydgoszcz plants, SPS Mieczkowski in Bydgoszcz and Inowrocław, and ZNTK Mińsk Mazowiecki, was stationary for more than 10 days, if a component was replaced with one of a different serial number, after a predefined distance travelled, after a predefined date or if commanded remotely via a hidden GSM modem.^[6]

It was also discovered the software locks could be bypassed by pressing a sequence of buttons in the cab of the train, but a later software update removed this ability.^[7] In total the Dragon Sector group analysed the software of 29 trains belonging to Koleje Dolnośląskie as well as other affected operators such as Koleje Mazowieckie, SKM Warszawa, WKD and Polregio, 24 of which had software locks which were removed using tools developed by the group. After those findings were made public the former Minister of Digital Affairs Janusz Cieszyński confirmed the Polish government had known since May.

Newag responded by strongly denying the claims they intentionally introduced deliberate failures in their software and instead alleged SPS was propagating a conspiracy theory to avoid contractual penalties for being unable to service the trains. Newag also claimed there is no proof they are the author of the software and that claiming they are constitutes slander. Newag stated it would take legal action against SPS and the Dragon Sector group for their slander and defamation.^[8]

References

^ ^a ^b ^c "Newag Annual Reports" (in Polish).
^ "Newag tram rolls onto the streets of Kraków". Railway Gazette International. Retrieved 1 July 2013.
^ "New test track at NEWAG". Newag. 26 November 2020.
^ "O trzech takich, co zhakowali prawdziwy pociąg – a nawet 30 pociągów". Zaufana Trzecia Strona (in Polish). 2023-12-05. Retrieved 2023-12-05.
^ "q3k :blobcatcoffee:: "I can finally reveal some rese…" - Warsaw Hackerspace Social Club".
^ "Skandal na polskiej kolei. Hakerzy ujawniają, kto stoi za tajemniczymi awariami pociągów". Onet Wiadomości (in Polish). 2023-12-05. Retrieved 2023-12-05.
^ "q3k :blobcatcoffee:: "The key unlock was deleted in …" - Warsaw Hackerspace Social Club".
^ "Newag comes out fighting in claims over foul play". International Railway Journal. 2023-12-05. Retrieved 2023-12-08.

External links

Official website

[AnnualReports-1] "Newag Annual Reports" (in Polish).

[2] "Newag tram rolls onto the streets of Kraków". Railway Gazette International. Retrieved 1 July 2013.

[3] "New test track at NEWAG". Newag. 26 November 2020.

[4] "O trzech takich, co zhakowali prawdziwy pociąg – a nawet 30 pociągów". Zaufana Trzecia Strona (in Polish). 2023-12-05. Retrieved 2023-12-05.

[5] "q3k :blobcatcoffee:: "I can finally reveal some rese…" - Warsaw Hackerspace Social Club".

[6] "Skandal na polskiej kolei. Hakerzy ujawniają, kto stoi za tajemniczymi awariami pociągów". Onet Wiadomości (in Polish). 2023-12-05. Retrieved 2023-12-05.

[7] "q3k :blobcatcoffee:: "The key unlock was deleted in …" - Warsaw Hackerspace Social Club".

[8] "Newag comes out fighting in claims over foul play". International Railway Journal. 2023-12-05. Retrieved 2023-12-08.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

@@ Line 118: / Line 118: @@
 In December 2023, software engineers from the Dragon Sector [[White hat (computer security)|white hat]] [[hacker group]] revealed that they had [[Reverse engineering|reverse engineered]] the [[embedded software]] of [[Newag Impuls|Newag 45WE Impuls]] EMUs after operator [[Koleje Dolnośląskie]] had experienced a number of mysterious breakdowns when maintenance was performed by their selected contractor Serwis Pojazdów Szynowych (SPS).<ref>{{cite web |url=https://zaufanatrzeciastrona.pl/post/o-trzech-takich-co-zhakowali-prawdziwy-pociag-a-nawet-30-pociagow|title=O trzech takich, co zhakowali prawdziwy pociąg – a nawet 30 pociągów|access-date=2023-12-05|date=2023-12-05|website=Zaufana Trzecia Strona|language=pl}}</ref> Newag alleged the issues were a result of [[malpractice]] by SPS and that the trains should instead be serviced by Newag.<ref>{{cite web |title=q3k :blobcatcoffee:: "I can finally reveal some rese…" - Warsaw Hackerspace Social Club |url=https://social.hackerspace.pl/@q3k/111528162462505087}}</ref>
-Analysis of the software revealed the trains embedded computers were programmed to lock up and display bogus fault messages and prevent the train from running if certain predefined conditions were met including: if the train was at the coordinates of either [[Pesa (rolling stock manufacturer)|PESA Bydgoszcz]] plants, SPS Mieczkowski in Bydgoszcz and Inowrocław, and ZNTK Mińsk Mazowiecki, was stationary for more than 10 days, if a component was replaced with one of a different serial number, after a predefined distance travelled, after a predefined date or if commanded remotely via a [[GSM]] [[modem]].<ref>{{Cite web |date=2023-12-05 |title=Skandal na polskiej kolei. Hakerzy ujawniają, kto stoi za tajemniczymi awariami pociągów |url=https://wiadomosci.onet.pl/kraj/awarie-pociagow-newagu-hakerzy-ujawniaja-kto-stoi-za-celowymi-usterkami/g4hymmg |access-date=2023-12-05 |website=Onet Wiadomości |language=pl}}</ref>
+Analysis of the software revealed the trains embedded computers were programmed to lock up and display bogus fault messages and prevent the train from running if certain predefined conditions were met including: if the train was at the coordinates of either [[Pesa (rolling stock manufacturer)|PESA Bydgoszcz]] plants, SPS Mieczkowski in Bydgoszcz and Inowrocław, and ZNTK Mińsk Mazowiecki, was stationary for more than 10 days, if a component was replaced with one of a different serial number, after a predefined distance travelled, after a predefined date or if commanded remotely via a hidden [[GSM]] [[modem]].<ref>{{Cite web |date=2023-12-05 |title=Skandal na polskiej kolei. Hakerzy ujawniają, kto stoi za tajemniczymi awariami pociągów |url=https://wiadomosci.onet.pl/kraj/awarie-pociagow-newagu-hakerzy-ujawniaja-kto-stoi-za-celowymi-usterkami/g4hymmg |access-date=2023-12-05 |website=Onet Wiadomości |language=pl}}</ref>
 It was also discovered the software locks could be bypassed by pressing a sequence of buttons in the cab of the train, but a later [[Patch (computing)|software update]] removed this ability.<ref>{{cite web |title=q3k :blobcatcoffee:: "The key unlock was deleted in …" - Warsaw Hackerspace Social Club |url=https://social.hackerspace.pl/@q3k/111528169261508544}}</ref> In total the Dragon Sector group analysed the software of 29 trains belonging to Koleje Dolnośląskie as well as other affected operators such as [[Masovian Railways|Koleje Mazowieckie]], [[Fast Urban Railway (Warsaw)|SKM Warszawa]], [[Warsaw Commuter Railway|WKD]] and [[Polregio]], 24 of which had software locks which were removed using tools developed by the group. After those findings were made public the former [[Ministry of Digital Affairs|Minister of Digital Affairs]] [[Janusz Cieszyński]] confirmed the Polish government had known since May.