Recognising that as industrial control systems become a more integral part of a nation’s factories, power systems and other important machinery and communication platforms, Kaspersky Labs has committed to building its own secure operating system to provide another layer of protection from major exploits, disgruntled employees and attackers.
The operating system will be designed to block sophisticated pieces of malware like Stuxnet, an exploit that would spread via Windows machines and targeted Siemens industrial software and equipment, many of which affected Iranian organisations that were also linked with the country’s uranium enrichment infrastructure.
It won’t be a fully-featured operating system, like the Windows or Mac OS software you see today, but it will run on top of existing platforms, “controlling ‘healthy’ existing systems and guaranteeing the receipt of reliable data reports on the systems’ operation,” Kaspersky Labs’ founder Eugene Kaspersky says.
Our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media.
We’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity. This is the important bit: the impossibility of executing third-party code, or of breaking into the system or running unauthorized applications on our OS; and this is both provable and testable.
Where machinery, systems and important databases need to remain online and operational, if a threat is discovered, it’s not a simple case of removing affected machines from the network, diagnosing them and removing the infected files.
Kaspersky recognises that instead of rewriting the software from the ground up, it can provide a secure environment that lies in-between the important parts of industrial systems, isolating malware and ensuring they don’t reach the critical areas of systems that maintain sewage levels, route phone calls or control power levels.
The company says it has multiple industrial control system operators and vendors on board, working to ensure the project can operate on existing platforms and remain completely secure.
Details are scarce, mainly because Kaspersky is intent on keeping the real nuts and bolts of the system limited to those working on the project, thus protecting it from industrial espionage and keeping it one step ahead of its rivals in the space.
While such a project doesn’t particularly affect the Average Joe, it helps protect the services and infrastructure that he/she has become reliant on. Kaspersky believes it can use its security expertise to build and deploy an effective protection platform for important control systems, making sure the public at large isn’t notified of a high-profile attack.
Image Credit: ericconstantineau/Flickr