Thursday, July 22, 2010

Why industrial control and machinery needs open source

I was going to write up a blog about how to use the Beagle Board gadget with the new wifi module that will, chris, and I have gotten up and running. But then I started browsing around the web for open source industrial design projects (aka ISC's) to demonstrate on it, and ran into something quite interesting...

Dun dun dun....

So just to get this straight... I'm looking for open source industrial design control systems, and within minutes, I find an article that is the perfect example of why industrial control systems need more open source? Yup.

What is Stuxnet?

It's a pretty ridiculous virus that someone wrote to infect engineering systems and control systems designed by Siemens. This is no joke, and I'm not trying to be coy, but every once in a while, I can appreciate well written code. stuxnet finds a way to bootstrap into the auto-read-from-USB code of Siemens' engineering terminals, and then spreads. Brilliant!

Here's a little chart from technet that shows how quickly stuxnet spread:


There's one problem, though...

Anyone who ever programmed an open source project would have known that this is a ridiculous thing to do. I mean, you can't seriously expect to just run the contents of an inserted USB drive - you have to at least do some kind of checks on it.

Alas, Siemens' SCADA, or "supervisory control and data acquisition" is still under threat, and so I figured I'd so some research on what SCADA does.

Here's my best attempt, after wading through a bunch of marketing hoopla:

It's a visualization system. Like this:

Connected to a bunch of pressure sensors that measure water pressure. Like these:


With an occasional GPS sensor thrown in the mix. Like this:



Ummm.... ok. I can make one of those Open Source pretty easily... in fact, here's a writeup of connecting the BeagleBoard to a GPS visualization system.

http://gpspp.sakura.ne.jp/rtklib/rtklib_beagleboard.htm

And here are some of the cool interfaces you can run in the Linux environment using that tool:

It's not quite there, but over the next couple weeks, I'm going to try my best to recreate a fully Open Source pressure and gps monitoring visualization system :-)

That's not vulnerable to USB host snooping attacks... ha!

2 comments:

Madrang said...

Hi,

First i can say that never any company will use a controller that is based on any OS, not that it can't work or anything.

Actually it is like this because this is what they teach at school.
I got a formation in Electromechanical engineering for indutrial automated process.
And they make a big deal about what we use as a controller. And the problem is, the more complex the system is the more complicated it is to Repair/Build/Use and will crash more. I don't say Linux crash a lot, i say i would want to see it run for 10 years no reboot or reinstall. As most of the device used today have pretty much the same specs as an arduino but cost 100 time it's price.

BUT IT CAN WORK !!!

1. Make everything simple.
No os, driver, or PC based code.
Use a firmware that will control only functions of the cpu.
After that people can load libraries to add feature but must not be needed to use the device.

2. Compiling/Running code must be easy. I mean REALLY easy as the main people that build code for that kind of machine got no formation in programming but are electrician. (cost less and can also plug in the controller) They use Ladder Logic Programming based on what they know about electricity. (Look at http://en.wikipedia.org/wiki/Ladder_logic )

3. And last it must be built strong, fool proof and look nothing like a little fancy computer board.
Those thing may cost a lot today but are treated like any other tools in the toolbox.

I did one year in college in computer science but left because i didn't like the idea to work behind a desk all day but love building stuff and computers. So i took a class with a private institute of technology in Electromechanical engineering.

Till that day i still read book about computers and try to know more as i am sure that one day these 2 different areas of work will be more used together. Until then i will be happy to help develop what could one day replace those old "shoebox".

PS: One day i actually took control of a fanuc industrial robot as a bet with one of the teacher to show how bad was security on those thing (was on lan in an other room and took control over the deviceNet controller. no password needed only a ip and port ouch).

Madrang

Matt said...

@madrang - interesting! so basically, you're proposing that it might work if there wasn't even an os to hack to begin with.... hmmm. well, i could definitely agree with that - if the entire control system were embedded, and all it did was control something, it probably would be a lot harder to hack, instead of having all the different levels of the OS stack available to hack...