‘XP Everywhere in Plants’

Wednesday, June 18, 2014 @ 06:06 PM gHale


By Gregory Hale
While Microsoft ended support for Windows XP in April, manufacturing automation users continue to operate using the unsupported software — and opening themselves up to vulnerabilities.

It is perhaps not widely known, but “Windows XP is everywhere in today’s industrial plants and factories,” said Frank Williams, senior product manager for security at Belden Inc.

RELATED STORIES
Extreme Risk: SMBs Still Using XP
Warning over XP Update Trap
How to Mitigate Potential XP Vulnerabilities
Microsoft Extends Update Deadline

“Numerous industrial control and SCADA systems use Windows XP in their operator displays (Human Machine Interface, or HMI), engineering laptops, and programming stations, Williams said. “Many plants use specialized application software which in many cases can’t natively run, or hasn’t been thoroughly tested on any operating system but Windows XP.

Windows XP also shows up in another form called “Windows XP Embedded.” This is a light-weight version of Windows XP developed by Microsoft specifically for use in branded OEM devices and systems such as machine tools, instrumentation and operator interface terminals.

“Since these devices are not ‘computers’ in the traditional sense of the word, their owners may not even be aware that Windows XP is running inside them and they present the same security risk as an XP desktop or laptop computer,” Williams said. “Even if he is aware that they are based on Windows XP, there is typically no practical way to upgrade or patch them without completely replacing them.”

“Consider this fact: 70 percent of Microsoft’s security bulletins in 2013 affected XP, and there is no reason to assume that this will change (unless it increases) in the near future,” he said.

The Windows XP end of life places industrial users in a very uncomfortable position.

“The risk of security issues and resultant down time will steadily increase over time after the end of support, and yet the cost of upgrading or replacing XP-based systems (particularly the cost of the associated plant shutdown) is often prohibitive,” Williams said.



Leave a Reply

You must be logged in to post a comment.