Industrial systems scrambling to catch up with Meltdown, Spectre

Some confessions, but 'watch this space' is the more common reaction - when there is one

Vendors of industrial systems have joined the long list of vendors responding responses to the Meltdown and Spectre processor vulnerabilities.

So far, a dozen vendors have told ICS-CERT they use vulnerable processors, and The Register imagines there will be plenty more to come.

Gold stars go to just two vendors: Smiths Medical, which has determined that none of its products are vulnerable; and OSISoft, whose PI System is vulnerable, and whose advisory includes anticipated performance impacts.

Emerson Process and General Electric treat their responses as customer information only, and keep them hidden behind a regwall. So does Rockwell, for what it's worth, but the latter company at least spoke to The Register about the impact on its systems).

Another seven vendors in the market said they are “investigating” the impact – ABB, Abbott, Johnson & Johnson (added points for giving the advisory a 2017 timestamp), Philips, Schneider Electric, and Siemens.

As readers know, the bugs arose out of how processors implement speculative execution. Patches are a giant headache for vendors and users alike, causing both performance and stability issues. ®




Biting the hand that feeds IT © 1998–2018