For years Eben Moglen has been warning about potential dangers of proprietary software in embedded computers, from trusted computing to chips running software nobody can access. Moglen’s warnings are more relevant, as builders and architects are racing to implement intelligent buildings and smart grids, which are widely heralded as a boon in terms of both energy efficiency and facilities management.
According to an article in the the journal Intelligent Buildings International, building owners and architects are overlooking the potential risk of malicious attacks on these highly networked control systems. The author looks at recent threats like the Stuxnet virus, which demonstrated the wide-ranging havoc that could be caused by malicious software infecting plant controllers. This section also explains how such attacks now present a threat to the ‘smart grid’ and other open systems.
The author says:
“In 2010, a PC in Iran began to repeatedly reboot itself. That would sound familiar to PC owners who have suffered a virus attack. The virus, now labelled Stuxnet, represented a large coding commitment by an unknown agent (Weinberg 2011). It had around 15,000 lines of code. But what would have been at once conspicuous if inserted into an early DDC BMS (with something like 64-k RAM) was easily lost at modern download speeds and disk storage space. Once it had infected a host, it sought to communicate on a Windows platform with other devices that were running Step 7 the Siemens systems used in their programmable logic controllers. Siemens are of course one of the world’s largest manufacturers of controls and control systems. Their devices are everywhere. They dominate much of the Smart Grid market. Industrial controllers are not themselves usually connected to the internet (or so their operators think!), just to keep them quarantined.
How did Stuxnet achieve the first step? It installed itself on any USB drive inserted in the infected system and then went wherever the drive went next. Inserting the drive inserted the virus as the drive was installed. Such drives are routinely used to transfer data between standalone networks. Stuxnet transfer was activated simply by inserting the drive. It then was ready to insert itself in any clean USB stick inserted later. A flavour of the power of engineered malware is given by how Stuxnet hid from site operators that programmable logic controllers were under attack. Siemens had designed the input process image to the controller as read–write instead of read. Usually a harmless extended flexibility it enabled Stuxnet to play back to the main system recorded process data as if the device was working normally and not under attack. In once sense Stuxnet is exceptional because it was a bespoke virus carefully designed to frustrate a specific plant in Iran.”
Stuxnet may not be the best example in which to build new cyber-fears, as it is considered to be a spook operation. But the lessons must be there for those who believe in the implementation of smart grids and highly-networked buildings.
In Battlestar Galactica, the Cylons manage to nearly wipe out humanity by gaining access to defence grids. Only the non-networked Galactica survives the attack. Perhaps it is time to consider security and openness into embedded chips and smart buildings.
Beware the fracking toasters.