Industrial-control systems run operations in facilities such as factories, nuclear-power generation stations, and utility plants. Given the importance of these facilities and the potential hazards they represent, the safety of their operations are critical. The complex Stuxnet worm gained worldwide attention recently because it was the first malware to target industrial-control systems and because it was so effectively designed. Researchers have been analyzing how Stuxnet works and what it means for the future. Security expert Gary McGraw, chief technology officer with software-security consulting firm Cigital, explains how Stuxnet works and what its long-term ramifications are. George Washington University associate professor David Alan Grier’s article discusses the importance of the potential organized engineering effort behind Stuxnet’s design. And a Computer magazine news brief takes an early look at Stuxnet, before experts uncovered many of its details.
The idea that an organized team of computer scientists might have created a major worm comes at an uneasy time for engineers.