ICS industrial control system

Kaspersky Labs plans industrial control OS to fend off Stuxnet-like malware

In light of growing concerns over threats to the industrial control systems that run power and water plants, factories and food processing plants, security company Kaspersky Labs has announced plans to build an operating system specifically for those systems.

In a blog post, company Founder Eugene Kasperky noted that most systems that control critical infrastructure, such as Supervisory Control and Data Acquisition Systems (SCADA), currently run on top of Windows or Linux OSes, which can leave them vulnerable to the same types of exploits regular computer systems are exposed to.

Kaspersky proposes a pared down, secure OS designed to handle only the tasks industrial control systems are designed for. He writes that a such an OS would be better than the alternative of rewriting all industrial control software, instead creating an OS “onto which ICS can be installed, and which could be built into the existing infrastructure – controlling ‘healthy’ existing systems and guaranteeing the receipt of reliable data reports on the systems’ operation.”

The idea is to protect against the likes of Stuxnet, which disrupted Iranian nuclear processing in 2010 and raised fears that similar malware could attack systems in power plants, water treatment plants, manufacturing facilities and even prisons.

The possible hitch in Kaspersky’s plans is that his company is based in Russia, which could give manufacturers of programmable logic controllers and other ICS devices pause about using the OS. One security expert told Wired that the Kasperky OS might succeed in Russia, but that security worries about the supply chain would likely prevent its widespread use elsewhere.

Although a Kaspersky spokesman told Wired the company received no funding from the Russian government, the article noted Congress’s recent concerns about backdoors being installed in equipment made in China. In some recent cases, backdoors weren’t installed during manufacturing but added somewhere along the supply chain.

About the Author

Kevin McCaney is a former editor of Defense Systems and GCN.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected