Recent reader comments in Network World Magazine (April 23, 2012) caught my attention. With the challenges of a global financial crisis, high unemployment and a lagging educational system, can our commercial and industrial infrastructure truly keep up with the ever faster technology advances? In addition, can we keep the existing technology used in our infrastructure working?
The comments under the heading, “The End of Windows XP Support: A Security Nightmare,” were posing the question about the numerous computer systems still running Microsoft Windows XP operating system. One commenter, by the name of “Greenman” notes:
“XP is also embedded in many POS [point of sale], registers, kiosks, ATMs and other devices. All told there are more XP systems out there than desktop statistics reflect. This is going to by a huge global IT community problem, and it is not in Microsoft’s financial interest to do anything about it except push Windows 7 upgrades.”
According to Microsoft, support for Windows XP will end on April 8, 2014. To get a sense of the impact of this support cutoff, I researched the extent of XP use. There were an estimated 400 million copies of Windows XP in use as of 2006. As of April, 2011, it was estimated that Windows 7 had a market share of 31% while XP held an estimated 46% share (www.Networkmarketshare.com).
I looked up Kiosk usage. These commercial machines are in many malls and airports and provide services, products and information. It is estimated that there are 700 companies engaged in the kiosk business with approximately 1,200,000 installed units (www.summit-res.com).
SCADA control systems are another significant concern with respect to reduction of support by older operating systems such as XP. These industrial systems use embedded chips along with the operating system to control manufacturing, water and wastewater systems and food processing systems, to name a few.
According to a blog post entitled “Six ways to improve SCADA security (3/19/2012, https://community.qualys.com/blogs/securitylabs/amolsarware):
“In many SCADA systems, the underlying OS or applications are not patched for years … because there is little guidance from SCADA vendors regarding whether or not an OS patch is safe for SCADA software.”
Further:
“Finally the Achilles heel of SCADA systems is their long lifespan, which is often measured in decades. These systems are built to last, and unlike PCs, which are easy to replace, it’s difficult and costly to replace even a part of a SCADA infrastructure.”
Another good example is the components in our water treatment systems. Many of these systems use chips in control valves, and other equipment to control, monitor and treat the water we need to survive. If these control components depend upon an operating system such as XP, what are the options? Can the OS be upgraded without impact on the processing and delivery of this critical resource?
The support for a major hospital system supplier uses XP on their technical platforms. They use this OS because it is stable and the underlying system was written in code that works with the OS. This integrated system runs everything from billing to dispensing medicine to individual patients. The entire system would need to be recoded if the OS were upgraded from XP.
Given a very difficult economy and very tight financial conditions, many companies, utilities and other users of these legacy based systems using XT, can’t afford to upgrade. In many cases, along with the software upgrade, a hardware upgrade would also be needed, resulting in additional expense.
For general business application software and hardware, Microsoft estimates that migration to Windows 7 and Office 2010 can take between 18 and 32 months. Think of the time it would take to upgrade a system with integrated chips and other controls in an industrial, manufacturing or healthcare system.
So where does the withdrawal of support for older computer operating systems such as Microsoft’s XP leave these users? Without support, these systems are more susceptible to hacking, viruses and other malware.
I don’t begrudge Microsoft pushing Windows 7. It is an excellent platform, in my opinion. I am also an avid user of the new Windows 8, which is out for consumer review. I have it on several of my laptops which I use daily. I have had no problems with any of the software which I typically use and I think it will be ideal for the new tablet and smart phones which will be introduced in the next few years.
The deeper issue is how we keep legacy systems operating when the financial emphasis is on pushing new operating systems out the door. This is not as big a challenge for consumer products as it is for manufacturing, industrial and commercial products. It is also a much easier process with an expanding economy.
Most Americans don’t think about, or even realize, these manufacturing, industrial and commercial computer systems exist. These systems, unlike the newest IPod, are critical to keeping this country functioning as a society. It was this computer technology that helped America become the industrial and commercial leader that it was. If we are going to continue to be a force in the global economy, can we allow our industrial and commercial infrastructure not to keep up with technology?
By H. Court Young
