The alternative, which he described as "fully realizable," would be a secure operating system, one onto which ICS can be installed, and which could be built into the existing infrastructure. It would control existing systems and guarantee the receipt of reliable data reports on the systems' operation, he added.
Currently most SCADA servers are managed by Linux or Windows database servers.
Kaspersky Lab, which plans to build the operating system with the help of vendors and users of industrial control systems, aims to start with entirely new code. To be fully secure, the core must be fully verified to not permit vulnerabilities or dual-purpose code. The kernel also needs to contain a very bare minimum of code, and that means that the maximum possible quantity of code, including drivers, need to be controlled by the core and be executed with low-level access rights, according to the analysis by the Lab.
"We can't reveal many details of the project now because of the confidentiality of such cooperation. And we don't want to talk about some stuff so competitors won't jump on our ideas and nick the know-how." Kaspersky wrote in his blog post.
