Possibilties of Virus from Windows to Haas control

[fattybean]

Is it possible to upload a virus from my laptop - which has had internet access and MAY have been exposed to a virus- to our Haas controls(VF0 and VF2)?

I would assume it would be like a human getting Dutch Elm Disease. Aren't viruses that a Windows PC gets made to attack Windows operating systems and would not be compatible with a CNC control.

My boss will only allow uploads from a PC that has never been connected to another PC or the internet, so for any new programs I make on my laptop I have to punch them in manually at the machine. This is a big, time consuming pain in thee A.

I am very computer literate, I have built several PCs and am pretty sure I would know if there is a virus on any of my computers. I am however not an expert on computer viruses so I am not 100% sure a Windows based virus couldn't transfer I wouldn't want to risk very expensive machines.

This has never been an issue at the 4 other shops I have worked, the CAD/CAM PCs have all had internet access, I have never heard of such a thing, it sounds ridiculous.

[mactec54]

Hi fattybean

If you don't have good virus protection on your laptop that would be a no no to down load from it your machine control is dos so it can get a virus just like any computer & it does not have virus protection in the control your Boss is right

[KIMFAB]

Don't know what operating system Haas uses, probably very rudimentary, however if it is not Windows based probably no problem.
Most viruses are written to disrupt the operation of a computer and to do so utilize some weakness in its operating system.
Someone would have to write code specific to the Haas, put it out on the net, somehow get you to download it and hope it would be transferred to a machine.

Since most nuisance viruses are written by pimply faced 14 yr olds looking to finally be noticed they want to do as much damage as possible with the least effort. Ergo, write your virus for Windoze. This is one reason why apple is more virus free. The chances of a virus being written to attack the Haas, while within the realm of possibility is about as likely as you going to the door and meeting Ed Mcmahon with his million dollar check.

[mactec54]

Hi Kimfab

Totallty incorrect Haas & most CNC controls run a Dos based system its just as easy to be infected as your computer at home/ work by the transfer of programs if the computor is not protected with a good updated virus software it should not be used for any CNC machine controls if it does not have updated virus protection

The controls don't usually get the virus but they will become corrupted & have to have a software reload or sometimes a new computer board installed

[Loose Nut]

Older Haas controls are dos. New controls are Linux based.


Should be safe.


Loose Nut

[wildwestpat]

Originally Posted by fattybean Is it possible to upload a virus from my laptop - which has had internet access and MAY have been exposed to a virus- to our Haas controls(VF0 and VF2)? ------------------------My boss will only allow uploads from a PC that has never been connected to another PC or the internet, so for any new programs I make on my laptop I have to punch them in manually at the machine. This is a big, time consuming pain in thee A. ---.

Hi fattybean

Sorry but your Boss is well upto speed on this one. There are several ways a virus can attack a microprocessor based system. Even if you can be absolutely confident that there is no operating system virus lurking on your internet connected computer there are viruses that attack the BIOS. In simple terms this means that no microprocessor sytem is imune from attack and the type of operating system is only the means of delivery and confers no immunity regardless be it Windows - Linux - Unix or Apple's OS. Yes the majority of viruses are propogated via Windows but there are others.

Suggest you have a quiet read of the following link or have a Google for "BIOS Virus" before pasting yourself into a corner with your employer.

http://www.tomshardware.com/news/bio...door,7400.html

Added as a post script:-

In my opinion all CNC machines should have their BIOS locked - preferably by having the BIOS reside in a PROM that cannot be rewritten or at the very least have the BIOS reload capability removed. Some Motherboards have a link that can be made / removed for BIOS flash and some have a protected mode where the settings cannot be changed. But please note there are other attack mechanisms which make the use of a 'sandbox' (a set up that can be used to trial software prior to loading onto the final production machine) to catch any unwanted behavior.

With the cost of a 'special non networked no internet laptop being so small compared to the potential to damage an expensive machine I don't understand why you are using an internet or network connected machine.

Sorry that the above is probably not what you wanted to hear but if disaster strikes what is the recovery cost and is there a plan in place to ensure buisness can continue. This side of the pond this is call buisness continuity planning and would have some strict rules that would cover this problem and many others.

Take care.

Regards

Pat

[mactec54]

[QUOTE=Loose Nut;650231]Older Haas controls are dos. New controls are Linux based.


Should be safe.


This is incorrect Haas only have Dos base system they do not have Linux

[KIMFAB]

Originally Posted by mactec54 Hi Kimfab Totallty incorrect Haas & most CNC controls run a Dos based system its just as easy to be infected as your computer at home/ work by the transfer of programs if the computor is not protected with a good updated virus software it should not be used for any CNC machine controls if it does not have updated virus protection The controls don't usually get the virus but they will become corrupted & have to have a software reload or sometimes a new computer board installed

Really? Sorry, as I said I didn't know what operating system it used. I would have thought they wouldn't have wasted memory space by using dos as its operating system but I guess it was easier and faster to develop the machine with an existing system.

[chad123]

"Possibilties of Virus from Windows to Haas control "

Exactly 0.

Maybe really OLD machines used some form of ms dos but I know that my 07 tl1 does not. It doesn't use Linux either. Just because it can read a floppy or a win formatted usb drive doesn't mean that it uses dos, it just means that they implemented fat-16 in order to read these devices(they probably pay a license to use it).

The haas controls use Motorola-freescale coldfire processors. The controls are 100% embedded machines. They don't use x86 (common pc) processors. Virus's written and compiled for pc's will not have any luck on these controllers. They are totally different. They don't share any of the instructions, memory addresses or windows code to be infected.

These machines don't have a bios like a pc does. I am sure there is a bios like implementation but again it is like apples and oranges, or like apples and pc's. There are no cross apple / pc viruses and they share the same x86 hardware. So the chance of a haas picking up a pc virus are 0.

I don't know what tool chain haas uses for it's embedded rtos (real time operating system), there are only a couple of good ones, if I had to take a guess it would have to be VxWorks from wind river systems.

Could some one custom build a virus for a haas machine? maybe. They would have to have a copy of VxWorks, find an exploit in Vx's fat-16 be really damn familiar with the coldfire, and know every address and memory location in every variant of haas control. In other words it would have to come out of haas itself as a malicious act.

So no your boss if full of hot air unless you have a old machine that actually uses some variant of ms dos, I can't say for sure but I would be really suprised if haas EVER did that. People use embedded systems for speed, security, and to keep things like this from happening in a system that is supposed to have high uptime. They can only make this happen if they can control every aspect of hardware and software. You can't do this with a pc.


Chad

p.s. haas apps correct me if I am wrong.

[mactec54]

Hi Chad

My be you should of talked to Haas Tec before you vented here all of there software for there controls is Dos based Which they have perfected for there controls There software engineers have done what no one else has been able to do with this software

Yes they do have protection in place when something hits the control from downloading, It will go into an ALARM

Sometimes this can be cleared (by a call to Tec-support) without a software reload & sometimes if the software reload does not work you will need to replace the main mother board which can get/be corrupted

[Haas_Apps]

All,
I really did not want to get involved in this as I did not want to go into details about the Haas kernal. The answer to the question is no the Haas control can not get a PC virus. The control is a closed system.

http://www.haascnc.com/MAIN_HaasControl.asp#haascontrol

[wildwestpat]

Originally Posted by wildwestpat Hi fattybean ........................ In my opinion all CNC machines should have their BIOS locked - preferably by having the BIOS reside in a PROM that cannot be rewritten or at the very least have the BIOS reload capability removed. Some Motherboards have a link that can be made / removed for BIOS flash and some have a protected mode where the settings cannot be changed. .................... Pat

Good to know that the Hass Control designers are up to the bench mark and that vital low level programme interpreters are protected by suitable 'hardening'. However if the unthinkable happens the conseququential action of the boss needs to be a factor as logical thinking has a habit of going missing when the blame game kicks off.

Glad to see this resolved as there are lessons for other machine builders who have not been dilligent about protecting their products operating code.

Regards

Pat