Machinedesign 1118 Elisabeth Eitel 0 0

More on Stuxnet: The search for preventives

April 1, 2011
Stuxnet the sophisticated computer worm that struck Iranian nuclear facilities last year has ushered in a new era of industrial cybercrime. As we discussed

Stuxnet — the sophisticated computer worm that struck Iranian nuclear facilities last year — has ushered in a new era of industrial cybercrime. As we discussed last month, the worm targeted VFDs slaved to PLCs by Profibus, whipping them through frequency changes to destroy attached motors.

In contrast with traditional malware, Stuxnet exploits multiple vulnerabilities to pass its payload and wreak havoc in a very specific way. It is also the first automated malware using a modular, framework-based approach. Even so, Stuxnet derivatives may not pose an immediate threat to the average automated manufacturing line. Why? Though there's no certainty of its origins (and speculation has earned journalistic disdain for many media outlets) evidence suggests that the U.S. and Israeli governments are Stuxnet's authors. Ironically, a government-created computer virus may buy some time for manufacturers to strengthen automation-network security: Such a tailored weapon is narrowly targeted, and the virus is quite difficult to reverse engineer for repurposing.

According to Brad Hegrat, certified information security manager and senior principle security consultant for Rockwell Automation, “A Stuxnet-type virus is highly damaging if it affects your system — but the level of expertise, engineering, and funding required to develop such a virus make that unlikely, unless your system is a very high-value target.” What a relief.

That said, there's no crime in being proactively cautious. To reduce vulnerability to industrial security risks, manufacturers are advised to take these five actionable steps right now: Control (or even restrict) personnel access, manage passwords, keep systems updated, employ firewalls and intrusion detection, and ensure that processor keys are in Run mode to prevent unauthorized changes. According to Hegrat, these steps will prevent accidental and malicious control changes and protect IP; help manufacturers comply with emerging global standards such as ISA S99 and IEC 62443; and meet the guidelines of government offices (such as the U.S. Department of Homeland Security) and industry consortia (NERC, for example) that regulate standards of operation for critical infrastructure processes — in oil and gas, energy and power, water, and transportation, for example.

Another option is a new breed of dedicated security appliances that monitor system control functions. One such DIN-mount mGuard module from Innominate of Phoenix Contact Inc., Middletown, Pa., is a mouse-sized unit loaded with software that goes beyond the typical pattern recognition of commercial software, to block all unsolicited connections — in and outbound. Legitimate controller communication is verified with node-specific identification. It's an interesting approach, and its designers have demonstrated that the unit stops Stuxnet in its tracks.

Sponsored Recommendations

Precision Motion Control for Robotics Systems

April 8, 2024
Learn more about Precision Motion Control for your Robotic Systems through Harmonic Drive's latest Webinar!

KNF Pumps Revolutionize Desert Dust Tracking

April 3, 2024
The Sahara Desert is one of the biggest sources of dust worldwide. KNF air sampling pumps help tracing this particulate matter air pollution.

Introducing the Mass Flow Rate Calculator

April 3, 2024
The KNF Mass Flow Rate Calculator makes it easy to convert volume flow rate to mass flow rate. Simply enter the volume flow and the gas or gas mixture.

Explore KNF's Cutting-Edge DC-BI Pump Drive Technology

April 3, 2024
With six new DC-BI pump series, KNF launches an entirely new pump drive technology relying on advanced BLDC motors and achieving unprecedented advantages.

Voice your opinion!

To join the conversation, and become an exclusive member of Machine Design, create an account today!