Eugene Kaspersky outlines secure operating system plans

Hardened operating system will give industrial control system manufacturers a more secure platform for their software.

BOSTON -- Citing the need to better secure critical infrastructure from cyberattacks, Kaspersky Lab CEO Eugene Kaspersky said he has set aside a dedicated team of engineers to produce a hardened operating system capable of protecting and monitoring industrial control systems.

The right way is to protect the computer that manages SCADA.

Eugene Kaspersky,
CEO, Kaspersky Lab

In October, Kaspersky confirmed in his personal blog that the company was developing a secure operating system designed to protect industrial control systems.

He gave few details about the system during a luncheon with reporters on Tuesday. An engineering team is developing a platform that can be used to protect critical infrastructure facilities, such as power plants and manufacturing facilities that use sophisticated software to manage complicated processes, he said.

"The right way is to protect the computer that manages SCADA," Kaspersky said. "The products must be done by companies that produce industrial control systems. We'll provide the platform … and educate them to build the traditional software for their systems based on the secure platform."

Security experts have been advocating the need for critical infrastructure protection following a wave of what is believed to be nation-state sponsored attacks. Discussion about Industrial control system security was fueled in part by Stuxnet, which was designed to target the sensitive control systems at an Iranian uranium enrichment facility. Kaspersky said the system his team is working on would be designed to prevent custom malware, such as Stuxnet, from hooking into or mirroring system processes.

Kaspersky Lab CEO

Eugene Kaspersky: Enterprises must make hacking costly, difficult:

Companies must get better at making hacking corporate networks complicated and costly for cybercriminals, explains Kaspersky Lab CEO Eugene Kaspersky.

Kaspersky described the platform being produced as a "micro-kernel" system that would isolate processes and tightly control trusted applications, and monitor and restrict their behavior. The security would be managed at the kernel, ensuring applications would not have access to unneeded system processes. "Applications can't connect to system resources without special permission," Kaspersky said.

The project is far from being complete, he said, adding that it won't likely be a product sold commercially, but rather a platform licensed by industrial control system manufacturers. "We want to get this out ASAP," Kaspersky said, refusing to outline a timeline.

The platform will help solve the issue of patching industrial control systems, which is rarely done, Kaspersky said. Monitoring capabilities built into the platform would ensure slight data changes that could impact the performance of an ICS system can't take place, Kaspersky said. The CEO is currently reaching out to its partners as part of the development project, he said.

Dig deeper on Emerging Information Security Threats

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close