VACUUM

FEED

HIGH-SPEEDROTATING CHAMBER

WASTE OUTPUT (“TAILS”)

ENRICHEDURANIUM

1

2

The Stuxnet virus moves from computer to computer via Windows security vulnerabilities and USB keys, allowing it to infect computers not normally connected tothe internet.

Once inside, it installs its own drivers. It then spreads to other machines within the network, changing the access privileges and searchingfor its target. If it does’t find thetarget, it does nothing.

The target, according to a report released by Symantec, are the automated systems that control frequency converters manufactured by Fararo Paya in Tehran, Iran, and Vaconin Finland.

3 Part of the sophistication of the virus is that it continues to update itself:

4 The virus has a kill date of

June 24, 2012at which point it will stop spreading and delete itself.

HOW THE STUXNET VIRUS SPREADS THE TARGET INSIDE ACENTRIFUGE

THE POSSIBLEDAMAGE

2. When two infected computers encounter one another, they check to make sure they both have the most recent version of the virus.

1

2

What Stuxnet looks for Siemens SIMATIC WinCC/Step 7 controller software...  

...used to run a particular model of Programmable Logic Controller thought to be used Iran’s Uranium enrichment plants.

3 Stuxnet hijaks the PLC’s programming, allowing it to change the output frequencies, and thus the speed of the motors,for short intervals over periods of months.

Interfering with the speedof the motors sabotages the normal operation of the industrial control process.

4 Stuxnet then hides these code blocks, so when a programmer using an infected machine tries to view all of the code blocks on a PLC, they will not see the code injected by Stuxnet.

Gassified uranium is spun at the speed of sound or faster, separating an isotope, uranium-235. Centrifuges are extremely sophisticated, precision instruments. Strong materials are needed to keep them from disintegrating as the central vessel spins.

THE ENRICHMENT PROCESS 1 Unrefined uranium is fed into the middle of the chamber and circulates throughout.

2 Subjected to centrifugal force thousands of times greater than gravity, a fraction of the uranium becomes depleted of U-235.

3 It is spun toward the outer wall and collects at the bottom of the chamber, where it is scooped up.

4 Another fraction of the uranium, enriched in U-235, is collected in the top of the chamber. It may be further refined in other centrifuges.

Once the frequency converter drives have been operating at the right speed (between 807 Hz and 1210 Hz) Stuxnet hijacks the PLC code and begins modifying the drives’ behaviour.

Over a period of months the virus output frequency for short periods of time to 1410Hz and then to 2Hz and then to 1064Hz.

For the P1 centrifuge found at Iran‘s Natanz enrichment plants, a frequency of 1410 Hz would translate into a tangential rotor wall speed of 443 meters per second, faster than what the aluminum P1 rotor could withstand. The rotor would likely fly apart when the speed of the rotor exceeded about 400 meters per second.

Hoping to throw the rotor off balance and break it, Stuxnet slows the rotor down really quickly.

Stuxnet’s final command quickly speeds the rotor up to 1064 Hz which is a more typical operational speed of Iran’s P1 centrifuge.

The normal operating tangential rotor wall speed of Iran’s P1 centrifuges is about 334 meters per second.

ONIA COWAN/THE GLOBE AND MAIL WITH FILES FROM THE NEW YORK TIMES 66 SOURCES: SYMANTEC, INSTITUTE FOR SCIENCE AND INTERNATIONAL SECURITY (ISIS); SCHNEIER ON SECURITY (WWW.SCHNEIER.COM) HTTP://KREBSONSECURITY.COM

MOTOR

USB DRIVEA small, portable memory card that plugs into a computer and functions as a portable hard drive.

1. The virus checksback periodicallyto control servers inMalaysia and Denmark