Stuxnet Mitigation Matrix

Stuxnet is a computer worm designed to take advantage of a number of previously unknown vulnerabilities present in the Windows operating system and Siemens SIMATIC WinCC, PCS7 and S7 PLS systems.

It takes advantage of numerous vulnerabilities in the Windows operating system and the Siemens product line.  As a result, full mitigation requires multiple actions.

The Stuxnet Mitigation Matrix shows mitigation measures by Windows operating system and it includes dynamic links to detailed information on each of the patches and mitigations.

Downloadable PDF Data sheet for the Modbus TCP Enforcer - describes features and benefits for modbus securityStuxnet Mitigation Matrix Application Note (41kb)

Revisions:

  • updated Oct 25, 2010 to version 1.1.  This version addresses the need to test and confirm all mitigations and some improvements and corrections on Microsoft patches.

More Stuxnet information

Analysis of the Siemens WinCC/PCS7 'Stuxnet' Malware for Industrial Control System Professionals” is the White Paper behind the Stuxnet Mitigation Matrix and it should be consulted for more details.

Stuxnet Central  is a hub for the information that Byres Security has created regarding Stuxnet, along with links to key industry Stuxnet information.