Kaspersky Lab Developing Secure OS for Industrial Control Systems

A secure operating system designed specifically for critical-infrastructure companies will provide a new layer of protection against attacks, the security firm says.

Security firm Kaspersky Lab is working on a secure operating system for critical-infrastructure companies to use to run industrial control systems.

"We’re developing a secure operating system for protecting key information systems (industrial control systems (ICS)) used in industry/infrastructure," company CEO Eugene Kaspersky confirmed in a blog post. "Quite a few rumors about this project have appeared already on the Internet, so I guess it’s time to lift the curtain (a little) on our secret project and let you know (a bit) about what’s really going on."

Attacks on critical infrastructure companies have been in the spotlight in the past few years, particularly after the appearance of malware such as Stuxnet and Duqu, which have cause serious damage to computer systems and are widely believed to have been state-sponsored and developed.

According to a report released this year by the U.S. Industrial Control System Cyber Emergency Response Team (ICS-CERT), there was a dramatic increase in the number of reported cyber-security incidents affecting critical infrastructure companies in the United States between 2009 and 2011. In 2009, ICS-CERT received nine incident reports. By 2011, that number had risen to 198.

It is this situation that Kaspersky Lab hopes to address with a secure operating system aimed at industry, which faces some unique problems as security and productivity concerns collide.

"Though industrial IT systems and, say, typical office computer networks might seem similar in many ways, they are actually completely different beasts–mostly in terms of their priorities between security and usability," Kaspersky asserted.

"In your average company, one of the most important things is confidentiality of data and IT administrators are encouraged to isolate infected systems from non-infected systems to that end, among others. Thus, for example, if on the corporate file server a Trojan is detected, the simplest thing to do is disconnect the infected system from the network and then later start to tackle the problem."

"In industrial systems that can’t be done, since here the highest priority for them is maintaining constant operation come hell or high water," he continued. "Uninterrupted continuity of production is of paramount importance at any industrial object in the world; security is relegated to second place."

Ideally, he added, all ICS software would be rewritten to incorporate all the security technologies available and taking into account the new realities of cyber-attacks. However, that would require a "colossal effort coupled with the huge investments." The solution is to build a secure operating system onto which ICS can be installed that could be built into the existing infrastructure and used to control healthy systems and guarantee receipt of reliable data reports on the systems' operations.

According to the company, such an operating system couldn't be based on existing computer code, and would have to be written from scratch. In addition, it must be vulnerability-free in the kernel, which should contain a bare minimum of code. There also must be a system of protection that supports different models of security.

Since the system is highly tailored for a specific task, as opposed to being used for consumer-related activities such as playing video games, for example, it will be easier for the operating system to be fully secure, according to Kaspersky. In addition, he blogged, the company is working on methods of writing software that by design won’t be able to carry out any behind-the-scenes, undeclared activity.

"This is the important bit: the impossibility of executing third-party code or of breaking into the system or running unauthorized applications on our OS; and this is both provable and testable," he explained.

"Based on existing operating systems, new, fully effective means of protection of key information infrastructure is impossible," he added. "At the same time, creating a new, secure operating system for all ICS components is a task that’s very difficult and will take a lot of time. But the problem of security of industrial and infrastructural facilities needs to be solved now."