Siemens and McAfee announced today that McAfee’s Application Control whitelisting product has been tested or modified to work with a variety of Siemens PC-based products that were compromised by Stuxnet. (HT: Smart Grid Security Blog) We have been very critical of Siemens response to Stuxnet over numerous blog entries and podcasts. This announcement is a good start, but it still does not appear to provide a solution for the PLC’s – – if I understand the product nomenclature correctly.
The Siemens’ software products that can be protected by McAfee’s Application Control are:
- STEP 7 V5.5
- PCS7 V7.1 + SP2
- WinCC V7.0 + SP1
- WinCC V7.0 + SP2
- WinCC flexible 2008 + SP2
Siemens has attests to the compatibility saying “the compatibility tests included both Engineering and Runtime stations.”