Spectre and Meltdown – What to Do?
As our manufacturing and control systems become more sophisticated, security has begun to take a position in the forefront of everyone’s mind. At the start of 2018, this was no different. On January 3rd researches announced a new set of identified vulnerabilities that affect all modern-day microprocessors; these vulnerabilities are known as “Meltdown” and “Spectre.”
This vulnerability is not industry specific, nor Rockwell or PLC specific, but affects generations of processors and CPUs. Since hundreds of articles are already available on the details of how the vulnerability can be exploited; instead of detailing that, we wanted to provide you with some quick links on just what to do about it.
For those concerned, we would like to refer you to several articles and/or knowledge documents.
Specific to Rockwell Automation Control Products this is Rockwell’s statement on the issue:
- Knowledge Base Article #1070884: “RA Briefing on Meltdown and Spectre Vulnerabilities”
If you have already patched or are considering patching, you should know that potential impact to the performance of Industrial Control System Software has also been reported post patch. This too is larger than Rockwell but RA has detailed the anomalies experienced after patching in the following article:
- Knowledge Base Article #1071234: “Microsoft Updates for Meltdown/Spectre Vulnerabilities Impact” – Anomalous Behavior after updates
Much is still unknown about the best remediation action and the RA Patch Qualification team is working expeditiously on their validation process for all security updates relative to these vulnerabilities. Given this, we anticipate these articles to be updated numerous times in the coming weeks. The easiest way to stay in tune with this and on top of it is to subscribe to updates for those specific articles. Here is a link on just how to do that: Article #1068584
In addition, ICS-Cert, the government agency that works specifically on industrial control systems cyber emergency response has also released the following alert that provides details relevant to most major ICS system suppliers:
- ICS-Alert-18-001-01B Meltdown and Spectre Vulnerabilities (Update B).
Finally, protecting your manufacturing systems starts with having a security strategy and taking the initial steps of implementation. You may have often hear me say– “some action today is better than no action,” and I continue to stand by that. Please let the team at Rumsey know if we can be of any assistance with defining a strategy for your facility and those first few steps. We have teamed with industry leading Cybersecurity solution providers like Tripwire, Cisco and Rockwell to ensure we have the solutions and expertise to help you build your defense-in-depth strategy.
- ICS-Cert “Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies”
- Tripwire “White Paper: Defending Industrial Control Systems with Tripwire”
- Rumsey Blog “Layering Network Security Solutions on an Industrial Network”
- NIST “Guide to Industrial Control Systems (ICS) Security”
All information provided is for informational purposes only.