Stuxnet PLC

Most of the attention, reporting and speculation on Stuxnet perpetrators has been focused on the US and Israel, but what about Siemens and the German Government’s possible role in the Stuxnet story?

The Siemens and Iran issue came up last week with the Iranian’s claiming that Siemens had delivered a monitoring device that exploded when investigated. This claim was quickly denied by Siemens spokesman Alexander Machowetz:

Siemens does not have any business ties with Iran”s nuclear programme and does not supply any technical equipment for it.

Siemens has consistently stated that they have had no nuclear division business with Iran since the 1979 revolution. It’s very odd that Iran would even make such a claim if Siemens had been nowhere near the nuclear facilities since 1979.

Adding further confusion are passages from Chapter 8 of David Sanger’s book, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power.

According to one person involved, it helped that Siemens was maintaining the system every few weeks, updating the software. “Siemens had no idea they were a carrier,” one official told me. (American officials insist that the United States steered clear of Siemens engineers for fear of jeopardizing their relationship with Germany’s intelligence service. But those diplomatic niceties apparently did not stop the Israelis.)

Soon it was not an issue: the Iranians, suspicious of the German engineers, banned them from access to Natanz, either directly or remotely.

I wouldn’t expect Siemens or Germany to clarify this confusion, but the Iranians could by simply showing some evidence that Siemens personnel were involved with Natanz sometime over the last five years.

Speculation Warning – the next three paragraphs are pure speculation

I have always assumed that Siemens, in consultation and with approval of the German Government, have provided any and all information available on the Siemens products deployed in Iran. This would include network and process diagrams, application logic, organizational charts and anything else that would be helpful. The assumption is based on the German/US tight alliance, the potential consequences of a nuclear Iran, and a bit of culpability of Siemens in helping Iran in the first place.

Further involvement by Siemens or the German Government in the creation and deployment of Stuxnet is less likely because the more people read into a program like this, the harder it is to keep secret. The only programmatic reason to involve Siemens and the German Government further is if Sanger is correct and Siemens employees were regularly visiting the plant and updating or tracking Stuxnet success. Another reason why it would be helpful to unraveling the Stuxnet mystery to know the truth about Siemens involvement with Natanz over the last five years.

Finally, Sanger’s book has the conflicting technical points of Natanz being airgapped and Stuxnet having “beacons to do their work and report home – complete with maps of the electronic directories of the controllers, and what amounted to blueprints of how the centrifuges …” In my review of the Sanger book I speculated that the only way these two facts make sense is if their was a secret communication to the Natanz control system network; something like a US Government designed Pwnie Express. I admit it is a leap, but what if this device that exploded was part of that second channel?

Image by Nico Kaiser