Russian antivirus firm Kaspersky has unveiled its plans to build an operating system designed to thwart cyber attacks on industrial control systems (ICS) that are employed in critical infrastructure operations.
The company on Tuesday gave a lengthy explanation of the conditions -- including highly publicised malware such as Stuxnet, Duqu, Flame - which have demanded the creation of a “written from scratch” secure operating system.
Although Kaspersky does not share any details about the system itself, the main feature of its in-development OS is that it has the “categorical impossibility of running on it undeclared functionality”.
Critical infrastructure providers supposedly need this because all software inevitably contains vulnerabilities, which can be exploited, meaning that any components of ICS can be infected, according to Kaspersky. This could lead to a system malfunction of the type Iran’s Natanz nuclear facility is said to have experienced.
Engineers need visibility into background processes and the power to shut systems down when the time calls for it, according to Kaspersky.
“For the secure operation of industrial/infrastructural installations it is vitally important for an engineer to be able to obtain reliable information from the operation/process management system - so as to be able to control the operational processes based on that information. This permits avoiding mistakes in controlling the processes, and helps – where necessary – to shut them down in time and avert disaster.”
Until now, Kaspersky has only described the product in development as a “solution” for ICS. In August, after it was reported the company was recruiting engineers to build its ICS product, it issued the following statement to media:
"The recent Stuxnet, Duqu and Flame attacks raise the stakes still higher. These incidents demonstrate the existence of well-funded and perfectly organized cyberwarfare units. Not only can they steal sensitive data from businesses and governments, they can also cause physical damage to this infrastructure – with alarmingly unpredictable consequences.
"Kaspersky Lab confirms it is developing a dedicated security solution for industrial control systems. Due to the specifics of this project, we are not ready to reveal further details yet."
Today, Kaspersky says that a new security system is needed to oversee all aspects of ICS software without necessarily replacing them.
“It’s a security system that takes into account the whole complex of performance indicators of industrial operations/ processes, or of an overall industrial system, and prevents major malfunctions resulting from incorrect actions of an engineer, from mistakes in ICS software, or from cyber-attacks. Besides, such a system can complement traditional industrial safety systems, adding the ability to monitor more complex incidents.”