Experimental Physics and Industrial Control System
On Wednesday 15 July 2015 14:24:17 you wrote:
> On 07/15/2015 07:56 AM, Benjamin Franksen wrote:
> > On Tuesday 14 July 2015 12:16:38 Pete Jemian wrote:
> > It may also be a potential security risk, given that the amount of
> > readily available tools for an attack is much larger on Linux (or
> > any
> > other general purpose OS like Windows or MacOSX), compared to
> > VxWorks
> > or RTEMS.
>
> You are right: The amount of malware targeted on Linux is bigger than
> the amount of malware targeted on RTOS. However, the number of attacks
> on industrial devices has been grown dramatically within the last
> years. Also note that security issues affecting a Linux base
> installation are usually fixed much faster and can be deployed much
> easier/faster using tools like share libraries and software packages.
>
> > And cutting something like Linux down to the essentials
> > needed for running one or more soft IOCs (in order to avoid these
> > risks) is not something I'd take on lightly.
>
> On the other hand most VxWorks/RTEMS machines I've seen so far were
> using technology like telnet (instead of SSH), NFS (no encryption,
> single point of failure) and did not provide any useful IT monitoring
> (fan speed? temperature? free disk space? ECC errors?)... RTEMS is
> also lacking support for time synchronization using PTP which will be
> the default for FRIB.
>
> Our answer is a combination of real time tasks in PLCs/motor
> controllers/FPGAs + high-level processes on Linux leveraging the
> latest tools to help the administrator maintain it.
I don't plan to insist on my point (which is a bit weak, granted).
Nevertheless, let me clarify what I meant with "the amount of readily
available tools for an attack": it was not to say that RTOSes like
VxWorks or RTEMS are more secure than Linux. That would be a ridiculous
statement as indeed they are certainly much easier to subvert than
Linux. Neither did I mean that the amount of tools available to subvert
them is smaller (even though that is probably the case, as you
admitted).
What I meant to say is that once they have been subverted, it is easier
to spread the subversion to the rest of the network with Linux machine,
due to much larger amount of available tooling, and also the typically
much larger processing power of the underlying machine.
The attack scenario I imagine here is that the IOC (whether it runs a
traditional RTOS or Linux or whatever) is not of primary interest to the
attacker, but rather a convenient entry point to subvert other machines
that contain more interesting information (personal files and
communications, e-mail addresses, access keys, etc etc).
Cheers
Ben
--
"Make it so they have to reboot after every typo." ― Scott Adams
________________________________
Helmholtz-Zentrum Berlin für Materialien und Energie GmbH
Mitglied der Hermann von Helmholtz-Gemeinschaft Deutscher Forschungszentren e.V.
Aufsichtsrat: Vorsitzender Prof. Dr. Dr. h.c. mult. Joachim Treusch, stv. Vorsitzende Dr. Beatrix Vierkorn-Rudolph
Geschäftsführung: Prof. Dr. Anke Rita Kaysser-Pyzalla, Thomas Frederking
Sitz Berlin, AG Charlottenburg, 89 HRB 5583
Postadresse:
Hahn-Meitner-Platz 1
D-14109 Berlin
http://www.helmholtz-berlin.de
- References:
- Stepper Motor Controllers Mark Davis
- Linux vs. RTOS: cost and security; was: Stepper Motor Controllers Konrad, Martin
- Navigate by Date:
- Prev:
Re: record to record ... Ralph Lange
- Next:
Re: Stepper Motor Controllers Mark Davis
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
<2015>
2016
2017
2018
2019
2020
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
Linux vs. RTOS: cost and security; was: Stepper Motor Controllers Konrad, Martin
- Next:
Re: Stepper Motor Controllers Torsten Bögershausen
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
<2015>
2016
2017
2018
2019
2020
2021
2022
2023
2024