Kaspersky thinks it can protect the control systems for power plants and other critical infrastructure.
Eugene Kaspersky, founder of the Russian company Kaspersky, which has led discovery and analysis of state-backed malware such as Stuxnet, wrote in a blog post today that the project was needed to protect “defenseless” industrial control software.
“Ideally, all ICS [industrial control system] software would need to be rewritten, incorporating all the security technologies available and taking into account the new realities of cyber-attacks. Alas, such a colossal effort coupled with the huge investments that would be required in testing and fine-tuning would still not guarantee sufficiently stable operation of systems.”
Creating a secure operating system onto which industrial control systems can be installed is feasible, claims Kaspersky, who added that his company’s researchers are on the road to completing it. However, while those motivations seems reasonable, one of Kaspersky’s claims for the as-yet-unfinished OS will be difficult to meet:
«To achieve a guarantee of security it must contain no mistakes or vulnerabilities whatsoever in the kernel, which controls the rest of the modules of the system. As a result, the core must be 100% verified as not permitting vulnerabilities or dual-purpose code.»
That will be challenging. Techniques exist that can prove code is without vulnerabilities or bugs, but they are impractical on more than just small chunks of code (see “Crash-Proof Code”). Even a limited operating system designed only for a small range of software to be installed will take considerable efforts to exhaustively check out.