| Recurring |
multiple_organization |
(a) In the provided articles, it is mentioned that the software failure incident involving security vulnerabilities in industrial control systems, specifically related to the Tridium Niagara AX platform, occurred at Google's Wharf 7 office in Sydney, Australia [18686]. The incident involved researchers easily hacking into Google's building management system due to serious security vulnerabilities in the Tridium platform, which had not been patched by Google despite Tridium releasing a patch for the system. This incident highlights the importance of patching vulnerabilities in control systems to prevent unauthorized access and potential exploitation.
(b) The articles also mention that the researchers found more than 25,000 Tridium systems connected to the internet, indicating that similar vulnerabilities and risks exist in other organizations using the Tridium Niagara AX platform [18686]. The incident at Google's office serves as a warning that other organizations with similar setups may also be at risk of unauthorized access and potential security breaches if vulnerabilities are not addressed and systems remain unpatched. |
| Phase (Design/Operation) |
design |
(a) The software failure incident described in the articles is primarily related to the design phase. The incident involved serious security vulnerabilities in the Tridium Niagara AX platform used in Google's building management system at the Wharf 7 office in Sydney, Australia. The vulnerabilities allowed security researchers to easily hack into the system, obtain administrative passwords, access control panels, view sensitive information like blueprints and water pipe locations, and potentially install a rootkit on the system [18686].
The incident highlighted issues with the design and implementation of the control systems, including hardcoded passwords, backdoors embedded by vendors, lack of patching, and insecure configurations that allowed remote access and control of critical building facilities. The vulnerabilities in the system design, such as the unchangeable administrative password ("anyonesguess") and the ability to remotely access and control the system, contributed to the security breach [18686].
(b) While the incident involved operation aspects such as the system running off a DSL line and the potential consequences of exploiting the vulnerabilities (e.g., taking over the operating system and accessing other control systems on the same network), the root cause of the failure can be traced back to design flaws and vulnerabilities in the system itself rather than operational misuse [18686]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident at Google's Wharf 7 office in Sydney, Australia, was primarily within the system. The incident involved serious security vulnerabilities in the building management system based on the Tridium Niagara AX platform. The system had hardcoded passwords that couldn't be changed, backdoors embedded by vendors, and unpatched vulnerabilities that allowed researchers to easily hack into the system and access sensitive information. The incident highlighted the lack of proper security measures within the system itself, leading to unauthorized access and potential risks ([18686]).
(b) outside_system: The software failure incident also had elements originating from outside the system. The incident was discovered by external security researchers, Billy Rios and Terry McCorkle from Cylance, who found the vulnerabilities in the Tridium Niagara AX platform used by Google. Additionally, the researchers accessed the system remotely over the internet, indicating that external access played a role in the breach. The incident highlighted the risks associated with connecting control systems to the internet and the potential for external threats to exploit vulnerabilities in the system ([18686]). |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
The software failure incident at Google's Wharf 7 office in Sydney, Australia, was primarily due to serious security vulnerabilities in the Tridium Niagara AX platform, which allowed researchers to easily hack into the building management system. The vulnerabilities included hardcoded passwords, backdoors embedded by vendors, and unpatched systems, which enabled unauthorized access to control panels and sensitive information without any direct human involvement [18686].
(b) The software failure incident occurring due to human actions:
The incident also involved human actions, particularly the actions of the security researchers Billy Rios and Terry McCorkle who discovered and exploited the vulnerabilities in the system. They intentionally accessed the control panel, obtained sensitive information, and could have potentially installed a rootkit or taken over the operating system if their intent was malicious. Additionally, the incident highlighted the role of integrators who set up systems insecurely and connect them to the internet without implementing necessary patches, thereby contributing to the vulnerability of the system [18686]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident related to hardware:
- The incident involved a security vulnerability in the building management system for Google's Wharf 7 office in Sydney, Australia, which was built on the Tridium Niagara AX platform [18686].
- The system was running off a DSL line and had control only over heating and air conditioning in the building, not other critical building facilities like electricity, elevators, or door access [18686].
(b) The software failure incident related to software:
- The software failure incident was primarily due to serious security vulnerabilities in the Tridium Niagara AX platform, which was used as the foundation for Google's building management system [18686].
- The researchers were able to exploit unpatched vulnerabilities in the system to obtain administrative passwords, access control panels, and potentially install a rootkit on the system [18686].
- Tridium had released a patch for the vulnerability, but Google's control system was not patched, leaving it vulnerable to exploitation [18686]. |
| Objective (Malicious/Non-malicious) |
malicious, non-malicious |
(a) The software failure incident related to the Google building management system at Wharf 7 in Sydney, Australia, can be categorized as malicious. Security researchers were able to easily hack into the system due to serious security vulnerabilities in the Tridium Niagara AX platform, which was not patched by Google despite a patch being available. The researchers were able to obtain administrative passwords, access control panels, view sensitive information like blueprints and water pipe locations, and potentially could have installed a rootkit or taken over the operating system. The incident highlighted the risks posed by unpatched vulnerabilities and insecure configurations, which could have been exploited by attackers with malicious intent [18686].
(b) On the other hand, the software failure incident can also be considered non-malicious in the sense that the security researchers did not actually disrupt the system or exercise any management functionality on the device itself. Their intent was to identify vulnerabilities and report them to Google for appropriate action. Additionally, the Google spokesman confirmed that the control system accessed by the researchers could only control heating and air conditioning in the building and was not connected to other critical building automation systems like electricity, elevators, or door access. Google took action to disconnect the control system from the internet after being informed of the breach, indicating a non-malicious response to the incident [18686]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident:
The software failure incident involving Google's building management system at Wharf 7 in Sydney, Australia, was primarily due to poor decisions made in the setup and management of the system. The incident was a result of various factors such as the system being built on the Tridium Niagara AX platform known for serious security vulnerabilities, the system not being patched despite a patch being available, and the system being connected to the internet without adequate security measures in place. Additionally, the incident highlighted the risks associated with integrators setting up systems insecurely and failing to install necessary patches, leading to vulnerabilities that could be exploited by hackers [18686]. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The software failure incident related to development incompetence can be seen in the case of the Google building management system at Wharf 7 in Sydney, Australia. The incident occurred because the system was not patched despite known security vulnerabilities in the Tridium Niagara AX platform it was built on. The researchers were able to easily hack into the system, obtain administrative passwords, access control panels, and potentially install a rootkit due to unpatched vulnerabilities. This highlights a lack of professional competence in ensuring the security of the system ([18686]).
(b) The accidental aspect of the software failure incident is evident in the unintentional access gained by the security researchers into Google's building management system. The researchers, Billy Rios and Terry McCorkle, discovered the vulnerabilities in the system while exploring Tridium-based control systems connected to the internet. They did not intend to disrupt the system or exercise management functionality but reported the issue to Google after accessing sensitive information like blueprints and control panel details ([18686]). |
| Duration |
temporary |
(a) The software failure incident in the article appears to be temporary. The incident involved security researchers easily hacking into Google's building management system for the Wharf 7 office in Sydney, Australia, due to serious security vulnerabilities in the Tridium Niagara AX platform. The researchers were able to obtain administrative passwords and access control panels, including sensitive information like blueprints and water pipe locations. Google confirmed the breach and took appropriate action by disconnecting the control system from the internet [18686]. This indicates that the failure was temporary as it was resolved by disconnecting the system from the internet to prevent further unauthorized access. |
| Behaviour |
other |
(a) crash: The software failure incident described in the articles does not involve a crash where the system loses state and does not perform any of its intended functions. The incident involved security vulnerabilities in the building management system for Google's Wharf 7 office in Sydney, Australia, which allowed researchers to access control panels and sensitive information, but they did not disrupt the system or take it down [18686].
(b) omission: The software failure incident does not involve omission where the system omits to perform its intended functions at an instance(s). The incident primarily revolves around security vulnerabilities that allowed unauthorized access to the building management system, rather than the system omitting its functions [18686].
(c) timing: The software failure incident does not involve timing issues where the system performs its intended functions correctly, but too late or too early. The incident is centered around security vulnerabilities and unauthorized access to the building management system, rather than timing-related failures [18686].
(d) value: The software failure incident does not involve the system performing its intended functions incorrectly. The incident primarily focuses on security vulnerabilities that allowed unauthorized access to the building management system, rather than the system performing its functions incorrectly [18686].
(e) byzantine: The software failure incident does not involve the system behaving erroneously with inconsistent responses and interactions. The incident primarily revolves around security vulnerabilities that allowed unauthorized access to the building management system, rather than exhibiting inconsistent behavior [18686].
(f) other: The behavior of the software failure incident can be categorized as a security breach due to vulnerabilities in the building management system that allowed unauthorized access to control panels and sensitive information. The incident highlights the importance of patching systems to prevent such breaches [18686]. |