Last updated: April 20, 2018
Overview of Vulnerability
Vulnerabilities referred to as Meltdown/Spectre has been discovered in several CPUs, including Intel, AMD and ARM processors (*). In the event of an attack exploiting this vulnerability, there is a risk of the memory content of originally unpermitted programs being read, and leakage of passwords and other confidential information. For more detailed information regarding this vulnerability, please refer to the following site.
"Vulnerability Note VU#584653 CPU hardware vulnerable to side-channel attacks"
https://www.kb.cert.org/vuls/id/584653
*: Common Vulnerabilities and Exposures ID CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
Impact on Yokogawa Products equipped with CPUs
CENTUM VP / CS 3000 Controller FCS
Below table shows the impact on processor modules of FCS which investigation has been completed.
FCS processor modules |
FCS Type |
Result of investigation |
---|---|---|
CP471 |
AFV30S, AFV30D, AFV40S, AFV40D, |
Not Affected |
CP451 |
AFV10S, AFV10D |
Not Affected |
CP401 |
AFF50S, AFF50D, AFF30S, AFF30D |
Not Affected |
CP345 |
AFG30S, AFG30D, AFG40S, AFG40D, AFS30S, AFS30D, AFS40S, AFS40D, AFG10S, AFG10D, AFG20S, AFG20D, AFS10S, AFS10D, AFS20S, AFS20D |
Not Affected |
CP703 |
PFCS-E, PFCD-E |
Not Affected |
CP701 |
PFCS-S, PFCD-S |
Not Affected |
ProSafe-RS Controller SCS
Below table shows the impact on processor modules of SCS which investigation has been completed.
SCS processor modules |
SCS Type |
Result of investigation |
---|---|---|
SCP461 |
SSC60S, SSC60D, S2SC70S, S2SC70D |
Not Affected |
SCP451 |
SSC50S, SSC50D, SSC57S, SSC57D |
Not Affected |
SCP401 |
SSC10S, SSC10D |
Not Affected |
Other Yokogawa Products
Yokogawa is currently in the process of investigating Yokogawa products that are equipped with CPUs affected by this vulnerability.
When it becomes possible to offer countermeasures for products affected by this vulnerability, Yokogawa will provide information regarding such products and countermeasures in the form of a Yokogawa Security Advisory Report (YSAR).
"Yokogawa Security Advisory Report (YSAR)"
https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/
Microsoft Windows Environments
Countermeasures against this Vulnerability
Microsoft has provided the following information with regard to countermeasures for handling this vulnerability. For more details, please refer to the "Reference Site" provided below.
- Apply the latest Microsoft software updates.
- Apply the firmware update programs provided by PC / Server vendor.
- Set registry key to enable countermeasures against this vulnerability (Windows Server only).
Decline in PC / Server Performance
There have been reports of a decline in PC / server performance as a result of implementing the above countermeasures. The degree of performance degradation differs depending on the customer's system environment. For this reason, Yokogawa strongly recommends conducting checks to verify the operational performance in the customer's environment prior to actually applying these countermeasures to all customer's system environment.
Combined Verification of Microsoft Software Updates with Yokogawa Control System Products
Yokogawa carries out combined verification of Microsoft software updates in a standard test environment of Yokogawa control system products. The verification result report is provided via "Security Information Service" in our Endpoint Security Service.
"Endpoint Security Service"
https://www.yokogawa.com/solutions/solutions/plant-security/plant-security-lifecycle-services/#Details_Endpoint-Security-Service
Precautions for Firmware Update Programs for Intel CPU (February 19, 2018)
There have been reports by Intel that the microcode (firmware update programs) that was being provided by Intel via PC / Server vendors has a risk of causing sudden, unexpected reboots.
"Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners"
https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/
<PRECAUTION>
As of January 22, 2018, Intel does not recommend the application of firmware update programs for Intel CPUs that were being provided by PC / Server vendors.
Until a revised microcode is provided, please consider the application of the mitigation measures shown below, under the heading of "Other Mitigation Measures".
Other Mitigation Measures
Attackers cannot directly exploit this vulnerability via a network. To exploit this vulnerability, an attacker must intrude into the target PC / Server. For this reason, it is possible to reduce the risk of attackers exploiting this vulnerability by installing security countermeasures such as antivirus software, whitelisting software on target PC / Server.
Yokogawa provides antivirus software and whitelisting software for Yokogawa control system products based on McAfee's products.
Antivirus Software (AV11000) and Whitelisting Software (SS1WL1) for Yokogawa Control System Products
There have been reports from Microsoft that, in some cases, combining Microsoft software updates designed to mitigate this vulnerability with some security countermeasure software carries the risk of causing "blue screen" errors. For this reason, Microsoft is requesting compatibility testing to validate compatibility of the relevant Microsoft software updates with such security software.
Yokogawa has verified that there are no such risks in the latest versions of antivirus software and whitelisting software for Yokogawa control system products. For more details, please inquire using the following contact information.
Reference Site
For Overall: "Protect your Windows devices against Spectre and Meltdown"
https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown
For Windows Client: "Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities"
https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
For Windows Server: "Windows Server guidance to protect against speculative execution side-channel vulnerabilities"
https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution
Looking for more information on our people, technology and solutions?
Contact Us