Russian security firm Kaspersky Lab is developing a secure operating system for industrial control systems, its chairman and CEO Eugene Kaspersky said yesterday.
"Quite a few rumors about this project have appeared already on the internet, so I guess it's time to lift the curtain (a little) on our secret project and let you know (a bit) about what's really going on," Kaspersky said.
The new operating system aims to protect complex industrial systems that have become the target of a variety of high-profile cyberweapons such as Stuxnet, Duqu, Flame and Gauss. Governments are also concerned that the systems that keep critical infrastructure running could be compromised.
US Secretary of Defense Leon Panetta said last week at a meeting of the Business Executives for National Security (BENS) in New York that aggressor nations or extremist groups could use cybertools to derail passenger trains, or even more dangerously trains loaded with lethal chemicals. "They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country," he added.
In running industrial systems the priority so far has been to maintain operation under any circumstances and not to secure the systems, and very often this leads to industrial control system (ICS) software not being updated at all, just to make sure it stays running, Kaspersky said. Manufacturers of specialised software are also not interested in constant source code analysis and patching holes, and typically respond after an exploit is found and exposed on the internet, he added.
Most automated control systems were not created with security in mind, which is the reason for example that most protocols used for the exchange of information used in SCADA (Supervisory Control and Data Acquisition) and PLCs (Programmable Logic Controllers) don't require any user identification or authorisation, according to a separate analysis by Kaspersky Lab.
The vulnerability of control software, programmed controllers, and industrial communication networks leads to operators of industrial and infrastructure systems not being able to receive information on the system's total operation, Kaspersky said.
While ideally all ICS software would need to be rewritten, incorporating all the security technologies available and taking into account the new realities of cyberattacks, the costly effort would still not guarantee the stable operation of systems, Kaspersky said.
The alternative, which he described as "fully realisable," would be a secure operating system, one onto which ICS can be installed, and which could be built into the existing infrastructure. It would control existing systems and guarantee the receipt of reliable data reports on the systems' operation, he added.
Currently most SCADA servers are managed by Linux or Windows database servers.
Kaspersky Lab, which plans to build the operating system with the help of vendors and users of industrial control systems, aims to start with entirely new code. To be fully secure, the core must be fully verified to not permit vulnerabilities or dual-purpose code. The kernel also needs to contain a very bare minimum of code, and that means that the maximum possible quantity of code, including drivers, need to be controlled by the core and be executed with low-level access rights, according to the analysis by the Lab.
"We can't reveal many details of the project now because of the confidentiality of such cooperation. And we don't want to talk about some stuff so competitors won't jump on our ideas and nick the know-how," Kaspersky said.