This application note describes how to use the Tofino Industrial Security Solution to prevent the spread of the Stuxnet worm in both Siemens and non-Siemens network environments.
What is Stuxnet?
Stuxnet is a computer worm designed to target one or more industrial systems that use Siemens PLCs. The objective of this malware appears to be to destroy specific industrial processes.
Stuxnet will infect Windows-based computers on any control or SCADA system, regardless of whether or not it is a Siemens system. The worm only attempts to make modifications to controllers that are model S7-300 or S7-400 PLCs. However, it is aggressive on all networks and can negatively affect any control system. Infected computers may also be used as a launch point for future attacks.
How Stuxnet Spreads
Stuxnet is one of the most complex and carefully engineered worms ever seen. It takes advantage of at least four previously unknown vulnerabilities, has multiple propagation processes and shows considerable sophistication in its exploitation of Siemens control systems.
A key challenge in preventing Stuxnet infections is the large variety of techniques it uses for infecting other computers. It has three primary pathways for spreading to new victims:
- via infected removable USB drives;
- via Local Area Network communications
- via infected Siemens project files
Within these pathways, it takes advantage of seven independent mechanisms to spread to other computers.
Stuxnet also has a P2P (peer-to-peer) networking system that automatically updates all installations of the Stuxnet worm in the wild, even if they cannot connect back to the Internet. Finally, it has an Internet-based command and control mechanism that is currently disabled, but could be reactivated in the future.11/30/2010
Registration Evaluation Authorization and Restriction of Chemical Substances
It is certainly no secret to anyone that the past decade has placed a renewed focus on the environment and how all members of the world community, to include business organizations, affect it. Concerns about protecting the world in which we live have been the impetus behind such worldwide movements as recycling and renewable energy. From a manufacturing standpoint, RoHS (Reduction of Hazardous Substances) has impacted businesses as well as REACH, a more recent set of regulations that are becoming more significant to North American based manufacturing operations that are part of a supply chain that directly or indirectly supplies products into the European Union.
As with any new regulatory requirements, the initial exposure to the documentation can create a degree of uncertainty among those who will be asked to comply. From this perspective, REACH is no different from any of its predecessors. In an attempt to offer some understanding of the REACH regulations and some clarification of the requirements it places on manufacturers, C&M Corporation gathered Michael Karg, Director of Product Development, along with Randy Elliott, Regulatory Compliance Engineer, and Ariann Griffin, Regulatory Compliance Technician, to discuss some of the particulars of REACH and respond to some of the questions C&M has been discussing with members of its client base.
What is the purpose of REACH?12/13/2010
Some engineers think it is science. Others contend it is some type of black magic.
Many have no idea of exactly how the process works.
Regardless of what is known or unknown about the submission and evaluation process, there are few that will disagree with the premise that agency certifications, such as those offered by organizations like Underwriters Laboratories (UL), Canadian Standards Association (CSA), or Intertek, formerly known as Edison Testing Laboratories (ETL), to name only a few, are an important part of any product offering in the wire and cable industry. With todays focus on product safety, there has been an increased need for wire and cable products to carry either a listed or recognized mark signifying they have been independently evaluated and have met the appropriate safety guidelines that have been established based on their intended use.
In an attempt to help bring some clarity to the agency certification process for bulk cable, I have posed a series of related questions to Randy Elliott, C&M Corporations Regulatory Compliance Engineer. Randy has been a practicing engineer in the wire and cable industry for over 20 years. His background in R&D and design engineering has brought him into contact with regulatory agencies and their requirements on a regular basis throughout his career. For the past three years, his focus has been completely on regulatory issues for C&M.
Who is responsible for testing and what do their results mean?12/13/2010
NFPA-79 is the electrical standard that has been developed by the National Fire Protection Association (NFPA) and is "intended to minimize the potential hazard of electrical shock and electrical fire hazards of industrial metalworking machine tools, woodworking machinery, plastics machinery and mass produced equipment, not portable by hand."
The National Fire Protection Association is also responsible for the National Electric Code (NEC)/ (NFPA-70).
The scope of NFPA-79 is summarized as follows: "The standard shall apply to the electrical/electronic equipment, apparatus, or systems of industrial machines operating from a nominal voltage of 600 volts or less, and commencing at the point of connection of the supply to the electrical equipment to the machine."
One of the focuses of the latest edition is to improve product safety by ensuring that appropriate types of wire and cable are used in the application with regard to current carrying capacity, temperature rating, or flammability.
As such, the guidelines for NFPA-79 compliant products are more stringent than those cables allowed by past editions.
The NFPA-79 provisions make specific reference to only two types of cable.12/13/2010
This initiative is the first step in filling a noticeable void in industry - the lack of independent competency training in the Operations Management (MES/MOM) arena. This lack of wide-scale competency is recognized as a major barrier to plant and supply chain optimization and global operations excellence.
With members in 85 countries globally, MESA is an independent, objective community of like-minded people and enterprises working to make Operations more reliable, capable and profitable. Some of the foremost experts across the Operations Management landscape are leading the knowledge sharing within the MESA community by offering programs across 4 continents by mid-2011.
MESA Certificate of Competency (CoC) for MES/MOM* Methodologies: A 4-day, comprehensive program of MES/MOM Methodologies courses aimed at Systems Analysts, Architects, Programmers, Project Managers and Consultants.
MESA Certificate of Awareness (CoA) for MES/MOM Business Awareness: A 2-day, high-level program of MES/MOM Business Functions courses geared for executives, manufacturing/operations and IT personnel and sales professionals. The CoA courses are higher level, short versions of the CoC program.