As our manufacturing and control systems become more sophisticated, security has begun to take a position in the forefront of everyone’s mind. At the start of 2018, this was no different. On January 3rd researches announced a new set of identified vulnerabilities that affect all modern-day microprocessors; these vulnerabilities are known as “Meltdown” and “Spectre.”
This vulnerability is not industry specific, nor Rockwell or PLC specific, but affects generations of processors and CPUs. Since hundreds of articles are already available on the details of how the vulnerability can be exploited; instead of detailing that, we wanted to provide you with some quick links on just what to do about it.
For those concerned, we would like to refer you to several articles and/or knowledge documents.
Specific to Rockwell Automation Control Products this is Rockwell’s statement on the issue:
If you have already patched or are considering patching, you should know that potential impact to the performance of Industrial Control System Software has also been reported post patch. This too is larger than Rockwell but RA has detailed the anomalies experienced after patching in the following article:
Knowledge Base Article #1071234: “Microsoft Updates for Meltdown/Spectre Vulnerabilities Impact” – Anomalous Behavior after updates
Julia Santogatta is the Director of Networking, Automation, & Information Solutions at Rumsey. She has spent almost 20 years working with customers in industrial manufacturing, system integration and machine building industries. Prior to joining Rumsey, she spent 10 years with Rockwell Automation and 5 years with other Industrial Networking & Cabling companies.