There aren’t many days to go until the end of lifecycle and end of support for Microsoft XP, in April 2014. With a third of PCs worldwide still using the popular operating system, I’d like to discuss the effect this will have on mission critical industries from nuclear to automotive.
The obvious risk of an exposed system is that it becomes the target of security breaches. The infamous Stuxnet virus, which affected Iranian nuclear facilities, is a fitting example. It is widely believed to have been an attempt by US and Israeli agencies to impede Iran’s nuclear enrichment. The virus, in the form of a malware worm, initially spread via Microsoft Windows to target SCADA software being used on embargoed Siemens hardware.
The point of entry was most likely through the use of infected USB flash drives and the approach was threefold; to attack the Windows OS, the Siemens S7 programmable logic controllers (PLCs) and the Siemens industrial control software.
Although this was a one off, high level attack, the point here is that the IT layer was compromised, and subsequently brought operations to a standstill. The efficacy of penetration attacks on unsupported software would be equally as damaging.
So what are organisations doing to ensure that security is maintained? Here at Yokogawa we have developed a holistic paradigm which governs systems development. By creating industry standard benchmarks it is hoped that users can move forward with minimal disruption.
To prevent malicious attacks like Stuxnet, many vendors have tried to physically isolate the hardware by using Windows server 2008, which is back mountable. The benefit of this is that the equipment, along with its USB ports, is secured in a locked cabinet.
Although using a server setup physically isolates the hardware, the control network, including the SCADA database and visualisation functionality, is still dependant on Windows server technology. If any part of the IT layer is compromised by a virus or if it simply malfunctions, the entire production process could be disrupted and at worst, come to a halt.
It is for this reason that we have both physically isolated our system and limited our dependency to HMIs running Windows 7 Pro. Although we use server hardware for its ability to be back-mounted, the DCS software consists of a real time operating system, which is used on all workstations, and our SCADA hardware can run on a Red Hat version of Linux.
This allows industrial control systems to maintain continuous production in the event that a Windows based terminal becomes infected or needs replacing. The terminal can be taken offline, replaced by a new one, which is tested and online within an hour. This is not possible with server software, which would need maintenance downtime.
To further ensure that production remains continuous we have added a layer of security between the IT and enterprise layer. This was achieved by developing a dedicated network interface card supporting the Vnet/IP IEC protocol with a guaranteed deterministic response using time synchronised techniques.
Typically used as an expansion port for graphics and network cards, our proprietary PCI card contains two Ethernet ports. In the event that the network is attacked or fails, the Ethernet layer becomes redundant and the connection seamlessly switches to the standby port.
The Canadian cyber security and penetration testing firm Achilles, has developed a platform to root out vulnerabilities in control systems, which has increased the robustness of our systems as a result.
The end of life for Windows XP marks the end of an era. The era, which has until now been characterised by short term adversarial supplier relationships, may finally be replaced with better long term success.