Security Information: CPU Vulnerability Meltdown / Spectre

Last updated: April 20, 2018

Overview of Vulnerability

Vulnerabilities referred to as Meltdown/Spectre has been discovered in several CPUs, including Intel, AMD and ARM processors (*). In the event of an attack exploiting this vulnerability, there is a risk of the memory content of originally unpermitted programs being read, and leakage of passwords and other confidential information. For more detailed information regarding this vulnerability, please refer to the following site.
"Vulnerability Note VU#584653 CPU hardware vulnerable to side-channel attacks"
https://www.kb.cert.org/vuls/id/584653

*: Common Vulnerabilities and Exposures ID CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

 

Impact on Yokogawa Products equipped with CPUs

CENTUM VP / CS 3000 Controller FCS

Below table shows the impact on processor modules of FCS which investigation has been completed.

FCS processor modules

FCS Type

Result of investigation

CP471

AFV30S, AFV30D, AFV40S, AFV40D,
A2FV50S, A2FV50D, A2FV70S, A2FV70D

Not Affected

CP451

AFV10S, AFV10D

Not Affected

CP401

AFF50S, AFF50D, AFF30S, AFF30D

Not Affected

CP345

AFG30S, AFG30D, AFG40S, AFG40D,
AFS30S, AFS30D, AFS40S, AFS40D,
AFG10S, AFG10D, AFG20S, AFG20D,
AFS10S, AFS10D, AFS20S, AFS20D

Not Affected

CP703

PFCS-E, PFCD-E

Not Affected

CP701

PFCS-S, PFCD-S

Not Affected

ProSafe-RS Controller SCS

Below table shows the impact on processor modules of SCS which investigation has been completed.

SCS processor modules

SCS Type

Result of investigation

SCP461

SSC60S, SSC60D, S2SC70S, S2SC70D

Not Affected

SCP451

SSC50S, SSC50D, SSC57S, SSC57D

Not Affected

SCP401

SSC10S, SSC10D

Not Affected

Other Yokogawa Products

Yokogawa is currently in the process of investigating Yokogawa products that are equipped with CPUs affected by this vulnerability.
When it becomes possible to offer countermeasures for products affected by this vulnerability, Yokogawa will provide information regarding such products and countermeasures in the form of a Yokogawa Security Advisory Report (YSAR).
"Yokogawa Security Advisory Report (YSAR)"
https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/

 

Microsoft Windows Environments

Countermeasures against this Vulnerability

Microsoft has provided the following information with regard to countermeasures for handling this vulnerability. For more details, please refer to the "Reference Site" provided below.

  • Apply the latest Microsoft software updates.
  • Apply the firmware update programs provided by PC / Server vendor.
  • Set registry key to enable countermeasures against this vulnerability (Windows Server only).

Decline in PC / Server Performance

There have been reports of a decline in PC / server performance as a result of implementing the above countermeasures. The degree of performance degradation differs depending on the customer's system environment. For this reason, Yokogawa strongly recommends conducting checks to verify the operational performance in the customer's environment prior to actually applying these countermeasures to all customer's system environment.

Combined Verification of Microsoft Software Updates with Yokogawa Control System Products

Yokogawa carries out combined verification of Microsoft software updates in a standard test environment of Yokogawa control system products. The verification result report is provided via "Security Information Service" in our Endpoint Security Service.
"Endpoint Security Service"
https://www.yokogawa.com/solutions/solutions/plant-security/plant-security-lifecycle-services/#Details_Endpoint-Security-Service

Precautions for Firmware Update Programs for Intel CPU (February 19, 2018)

There have been reports by Intel that the microcode (firmware update programs) that was being provided by Intel via PC / Server vendors has a risk of causing sudden, unexpected reboots.
"Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners"
https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/

<PRECAUTION>
As of January 22, 2018, Intel does not recommend the application of firmware update programs for Intel CPUs that were being provided by PC / Server vendors.

Until a revised microcode is provided, please consider the application of the mitigation measures shown below, under the heading of "Other Mitigation Measures".

Other Mitigation Measures

Attackers cannot directly exploit this vulnerability via a network. To exploit this vulnerability, an attacker must intrude into the target PC / Server. For this reason, it is possible to reduce the risk of attackers exploiting this vulnerability by installing security countermeasures such as antivirus software, whitelisting software on target PC / Server.
Yokogawa provides antivirus software and whitelisting software for Yokogawa control system products based on McAfee's products.

Antivirus Software (AV11000) and Whitelisting Software (SS1WL1) for Yokogawa Control System Products

There have been reports from Microsoft that, in some cases, combining Microsoft software updates designed to mitigate this vulnerability with some security countermeasure software carries the risk of causing "blue screen" errors. For this reason, Microsoft is requesting compatibility testing to validate compatibility of the relevant Microsoft software updates with such security software.
Yokogawa has verified that there are no such risks in the latest versions of antivirus software and whitelisting software for Yokogawa control system products. For more details, please inquire using the following contact information.

Reference Site

For Overall: "Protect your Windows devices against Spectre and Meltdown"
https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown

For Windows Client: "Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities"
https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

For Windows Server: "Windows Server guidance to protect against speculative execution side-channel vulnerabilities"
https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution

Looking for more information on our people, technology and solutions?


Contact Us
Top