Kaspersky never specifically claims a recent or Stuxnet infection of the ISS, just of a power plant, so he's probably referring to the above as an example of air gap not being enough to prevent attacks.
The commercial laptops (originally running Win98, then NT, then XP, now moving to Debian 6) are used for normal computing and interfacing with segment control. The segment computers (60+) which actually run the station are heterogeneous and bespoke aerospace-heritage hardware and software. The Russian side and American side especially are very different and almost entirely independent. Pretty darn sure there's no Siemens systems running up there, so Stuxnet wouldn't be a problem.
The embedded systems are probably not all that hardened, but they are not widely-distributed (to say the least) and are hard to get to, so it would be awful hard to target them. Possible, but mostly through attacking the developers on the ground, I should think.
http://www.extremetech.com/extreme/155392-international-spac...
Kaspersky never specifically claims a recent or Stuxnet infection of the ISS, just of a power plant, so he's probably referring to the above as an example of air gap not being enough to prevent attacks.
The commercial laptops (originally running Win98, then NT, then XP, now moving to Debian 6) are used for normal computing and interfacing with segment control. The segment computers (60+) which actually run the station are heterogeneous and bespoke aerospace-heritage hardware and software. The Russian side and American side especially are very different and almost entirely independent. Pretty darn sure there's no Siemens systems running up there, so Stuxnet wouldn't be a problem.
The embedded systems are probably not all that hardened, but they are not widely-distributed (to say the least) and are hard to get to, so it would be awful hard to target them. Possible, but mostly through attacking the developers on the ground, I should think.