OT: Stuxnet worm hit industrial PLC systems

No, that was mucking out horse stalls in Cincinnati. Then he was sent back to the Minor Leagues.

--
Politicians should only get paid if the budget is balanced, and there is
enough left over to pay them.

I blamed bad teachers for my gray hair. :)

--
Politicians should only get paid if the budget is balanced, and there is
enough left over to pay them.

Must have been when they let you in then. The SI unit of military intelligence is the "short plank" and you measure up to two of them.

Not if they are smart. It is a fatal error to underestimate your enemy.

The US hosted IRA terrorists and turned a blind eye to gun running and fund raising for decades. Because of the "special relationship" we seemed unable to do much about it. And our computers are better secured.

The guy was in way past any honey pots. That is why the US military are so upset. He highlighted what was gross incompetence on a monumental scale.

Regards, Martin Brown

Yawn. You have no clue of when I served, but that doesn't stop your streak of playing the fool.

Yet 'you' do it all the time.

You keep posting this bullshit. It was immigrants from the British Isles that did it, not the US.

I suppose you're a world renowned expert in computer security, along with your daily walks on water.

--
Politicians should only get paid if the budget is balanced, and there is
enough left over to pay them.

Well, wasn't that a good call !!

h

How can you expect to beleive this when the MSWin PC can and does _reprogram_ the PLCs.

Because I was taking John's comment primarily to mean that using Windows in a real-time loop is crazy, not that the security risks of Windows inherently make it crazy.

I've used Windows for real-time control of production machines... but they were machines folding/marking/gluing paper products together; a software or Windows crash would generally just stop the machine, and worst case it might, spit out some hundreds of sheets of paperboard onto the floor or something. The use of Windows (rather than a dedicated PLC) is likely what made the bid our company made for the contract the winner, too (...note that this is 15 years ago, BTW).

I wouldn't use Windows for real-time control of anything where failure was likely to compromise health or safety. Heck, I wouldn't use *NIX for such control either -- in those situations you usually want something that's much "closer to the metal" without a few million lines of code between you and the hardware.

---Joel

I have used both Windows NT/2000/XT and Linux based control systems with cycle times in the 10..100 ms range for a decade.

Windows/Linux 2.6/Linux 2.4 with RT+preempt patches have quite similar (soft) real time performance with a response time within a few milliseconds on a _dedicated_ system.

My most serious objection against Windows XXX is that it requires weekly or monthly security updates, which are so stupidly implemented that they require a reboot to install.

In industrial control systems. the next (scheduled) reboot might be in June 2015.

If you want to install weekly or monthly security upgrades, you will need double or triple redundant hardware, so that each mode cam be booted after each update.

Cool, thanks for the information Paul.

At least on desktop Linux (Ubuntu in my case), there seem to be just as many updates these days as with Windows... although fewer of them require reboots.

It sounds like you prefer Linux a bit over Windows when given the choice?

---Joel

A lot of Windows updates don't require reboots. My computer gets shut down when I'm going to be gone more than a couple hours, so that's when I install updates, anyway.

--
Politicians should only get paid if the budget is balanced, and there is
enough left over to pay them.

On Linux, you should be able to get few-milliseconds latency without any RT patches; with patches, latency under a millisecond is achievable.

The real-time audio folks aim for 8-sample frames at 48Khz, which is 6K frames/second. And that needs to be reliable; one missed frame and it's "sorry guys, we need to do that one again".

Standard 2.4 Linux with standard HZ (kernel timer) settings is much worse than WinNT systems. Patched up 2.4 kernels with higher HZ or current 2.6 kernels behave much better.

Data acquisition with proper hardware (interrupts/DMA), proper kernel mode drivers and sufficient buffer space should not be a problem on any OS.

Things gets nasty, when the computer is a part of a control loop, since many algorithms, such as the basic PID assumes equidistant sampling. You can not rely on large buffers i.e. accept variable processing delays, thus the task switching times are critical.

Understood.

Salt and pepper by 16, mostly salt by 20.

The photos of me at that age show very little color. What I find odd is whenever I'm on antibiotics for more than a week, the new hair is brown.

--
Politicians should only get paid if the budget is balanced, and there is
enough left over to pay them.

Note that I'm talking about live audio, with 2 frames of latency.

3 frames in total: one frame being read, one being processed, one being written out. This precludes any delays beyond a fraction of a frame.

Today on BugTraq:

Netbiter® webSCADA ? multiple vulnerabilities

Yes, there's a product called "webSCADA":

If you think that the state of current OSes is bad, the state of "web applications" is much, much worse.

FWIW, the reported vulnerabilities are relatively small-time, and don't directly related to the SCADA side of things. OTOH, that may just mean that the reporter only found the low-hanging fruit (i.e. the usual bugs which can be found in many web apps).