Recommendations for Windows 7 based industrial automation system users

At one time, the idea of running an industrial application using Microsoft Windows would not have been entertained. However, when Microsoft introduced their Windows XP operating system more than two decades ago, industry sat up and took notice. Windows 7 as successor of Windows XP provided the stability, flexibility and functionality needed by many industrial users and soon appeared in every imaginable type of application.

Microsoft’s successful and very popular Windows 7 operating system is now well over a decade old. While about 35 percent of Windows users worldwide still rely on Windows 7, an operating system as old as this cannot be supported forever.

Questions raised by the end of Windows 7 support

As all good things come to an end: on January 14th, 2020 the Windows 7 era will conclude when Microsoft support for the product will cease. Of course, Microsoft have given ample notice and companies had been preparing for the switch for some years. Yet many questions had to be answered:

Could a standalone Windows 7 system continue to run unaffected?
What would happen if the Windows 7 system was integrated into another system?
Would new hardware be needed and what would be the cost of this across the entire organization?
What would the budget for the switch likely to be?
Could virtualization fix the problem?
What support would be available to migrate over onto a new system?

The answers to these questions were not always straightforward and easy, and it became clear that there were indeed significant issues raised by the end of Windows 7 support. The most significant issues can be grouped into four major categories, of which, security issues are the most critical.

Microsoft will cease the Windows 7 support on January 14th, 2020. This means there are no new security updates, no new patches and no active support. The effect of this is that Windows 7 will become unsecure, unreliable and incompatible with most newly released IT hardware, such as PCs, PC components, network equipment and printers. In other words, the end of the Windows 7 era is affecting many industrial applications and requires a proactive response from users.

Share this page

Issues requiring proactive response from industrial users

Security

From examples below it is apparent that the industrial automation environment is quite vulnerable enough – and without critical Windows 7 security updates, PCs are wide open to attack by viruses, spyware and other malicious software that can steal or damage business data and information.

Antivirus software no longer provides full protection for Windows 7 systems. Any devices remaining with Windows 7 can be used by attackers as an entry point into IT networks. This means that even computers running supported operating systems can then also be compromised.

Hardware

Most manufacturers of PC hardware, printers and network equipment have already stopped supporting Windows 7 on new hardware. This means that the software drivers required to run Windows 7 on such new hardware are, in most cases, no longer available – ie, there will be no Windows 7 drivers for new hard disks, printers, graphic cards, network equipment, etc.

Buying a replacement Windows 7 computer will not be easy or cheap. Windows 7-based hardware will become obsolete and hard to find. Unplanned shutdowns caused by unavailability of hardware components will become more frequent.

Compliance

Businesses that are governed by regulatory obligations, such as the Health Insurance Portability and Accountability Act (HIPAA) in the United States, may find that they are no longer able to satisfy compliance
requirements if they remain with Windows 7.

With so much personal and private data now stored on servers, data security is a very significant concern.

Lack of independent software vendor support

Many software vendors no longer support their products that run on Windows 7 as they are unable to receive Windows 7 updates.

For example, the new Microsoft Office package takes advantage of the newest Windows and is not released on Windows 7.

Examples of malicious attacks

Stuxnet worm

Watering hole

Remote access trojans (RATs)

Havex malware family

“Energetic bear” virus

In 2010, the Stuxnet worm made headlines around the world. With a size of just 500 kB, this malicious software attacked at least 14 industrial sites in Iran, including a uranium-enrichment plant. Stuxnet attacked in three phases: First, it targeted Microsoft Windows machines and networks, then it sought out software (also Windows-based) used to program industrial control systems and finally it insinuated itself into the programmable logic controllers used to control machinery.

Since Stuxnet, the target-rich landscape of industrial IT has been under a sustained assault that has grown ever more sophisticated. For example, the so-called watering hole strategy has been devised as a way to introduce malware into the target systems.

In this strategy, the malicious party guesses or observes which websites the company often uses, then they infect it and sit back and wait for the victim to visit the site and unwittingly download malware onto their computer. This strategic Web compromise (SWC) tactic catches victims unawares because the infected websites have previously been trusted.

Further, an intruder can manipulate authentic user profiles on a system to allow outsiders access. PC configurations can also be manipulated and PCs can then, for example, become the homes of remote access trojans (RATs) – malware programs that give an intruder administrative control over the target computer. RATs can be infiltrated into a PC via an email attachment.

Once the host system is compromised, the intruder may use it to distribute more RATs to form a botnet – a collection of compromised computers that are manipulated in concert to cause further disruption.

Because a RAT enables administrative control, it allows the intruder to monitor user behavior through keyloggers or other spyware; activate a webcam; access confidential information; format drives; delete or alter files; and so on.

In June 2014, the Havex malware family made headlines by attacking control systems in different branches of industry, including the energy sector. A RAT is a main component of Havex. The RAT trojanized websites of industrial control system (ICS) and supervisory control and data acquisition (SCADA) manufacturers. In total, 146 servers were attacked by Havex; 88 variants of the Havex RAT were used; and 1500 IP addresses were traced in an attempt to identify victims. Clearly, Havex represented a serious attack on industry.

In July 2014, the “energetic bear” virus infected over 1,000 energy firms in Europe and the United States. This virus theoretically allows hackers to take control of power plants.

What to do

With so many issues to be overcome, what course of action should be taken? The recommendation made by Microsoft and all cyber security companies is to upgrade to Windows 10. This includes distributed control system vendors with control systems running operating systems with Windows 7 and older.

Remaining with Windows 7 is a high-maintenance undertaking and requires tools and support from experienced cyber security companies.

Windows 7 upgrade strategy for distributed control systems

Windows 7		Controller			Windows 8.1	Windows 10
800xA	<= 5.1	All	=>	800xA	6.0	6.0.3
	6.0				6.1	6.1

Freelance	<= 9.2	All	=>	Freelance		2016 SP1 2019
	2013
	2013 SP1
	2016
	2016 SP1
	2019
Composer Harmony	5.1 - 6.1		=>	S+ Engineering		2.2
Harmony Gateway Software	5.1 - 6.3		=>	Harmony Gateway Software		7.1 embedded with S+ Engineering 2.2
Harmony OPC Server	5.0 - 6.1		=>	Harmnoy OPC Server		7.0 SP1

Third Party DCS System Evolution

DCS Evolution paths

We also recommend

Download and share this article in PDF format

More articles in our corporate technical journal "ABB Review"

Why you should use Whitelisting on your DCS

Select region / language

Europe
Americas
Middle East and Africa
Asia and Oceania

Global - English
Austria - German
Belgium - Dutch | French
Bulgaria - Bulgarian
Croatia - Croatian
Czech Republic - Czech
Denmark - Danish
Estonia - Estonian
Finland - Finnish
France - French
Germany - German
Greece - Greek
Hungary - Hungarian
Ireland - English
Italy - Italian
Latvia - Latvian
Lithuania - Lithuanian
Luxembourg - French
Netherlands - Dutch
Norway - Norwegian
Poland - Polish
Portugal - Portuguese
Romania - Romanian
Russia - Russian
Serbia - Serbian
Slovakia - Slovakian
Slovenia - Slovenian
Spain - Spanish
Sweden - Swedish
Switzerland - French | German | Italian
Turkiye - Turkish
United Kingdom - English

Global - English
Argentina - Spanish
Aruba - Spanish
Bolivia - Spanish
Brazil - Portuguese
Canada - English | French
Chile - Spanish
Colombia - Spanish
Costa Rica - Spanish
Dominican Republic - Spanish
Ecuador - Spanish
El Salvador - Spanish
Guatemala - Spanish
Honduras - Spanish
Mexico - Spanish
Panama - Spanish
Peru - Spanish
Puerto Rico - Spanish
United States of America - English
Uruguay - Spanish

Global - English
Algeria - English | French
Angola - English | French
Bahrain - English | French
Botswana - English | French
Cameroon - English | French
Côte d'Ivoire - English | French
Egypt - English | French
Ghana - English | French
Israel - Hebrew
Jordan - English
Kenya - English | French
Kuwait - English
Lebanon - English
Madagascar - English | French
Mali - English | French
Mauritius - English | French
Morocco - English | French
Namibia - English | French
Nigeria - English | French
Oman - English
Pakistan - English
Palestine - English
Qatar - English
Saudi Arabia - English
Senegal - English | French
South Africa - English
Tanzania - English | French
Tunisia - English | French
Uganda - English | French
United Arab Emirates - English
Zambia - English | French
Zimbabwe - English | French

Global - English
Australia - English
Bangladesh - English
China - Chinese | English
India - English
Indonesia - English
Japan - Japanese
Kazakhstan - Russian
Malaysia - English
Mongolia - Mongolian | English
New Zealand - English
Philippines - English
Singapore - English
South Korea - Korean
Sri Lanka - English
Taiwan (Chinese Taipei) - Chinese - Traditional
Thailand - English
Vietnam - English

abb.com privacy settings

Our website uses cookies which are necessary for running the website and for providing the services you request. We would also like to set the following optional cookies on your device. You can change these settings any time later by clicking "Change cookie settings" at the bottom of any page. For more information, please read our privacy notice.

Analytics

We collect statistics to understand how many visitors we have, how our visitors interact with the site and how we can improve it. The collected data does not directly identify anyone.

Preferences

We store choices you have made so that they are remembered across visits in order to provide you a more personalized experience.

Advertising and tracking

Your browsing behavior is tracked across websites by advertising and social network service providers. You may see tailored advertising and content on other websites based on your browsing profile.

Show details

Hide details

privacy notice.

Accept selected

Refuse all

Accept all