Siemens Industry Online Support
Siemens AG
Entry type: Product note Entry ID: 88819016, Entry date: 02/20/2014

End of product support for Microsoft Windows XP

  • Entry
  • Associated product(s)

Information SINUMERIK PCU 50 – End of product support for Microsoft Windows XP.

The extended product support for Windows XP will end on April 8, 2014 – Microsoft will no longer provide security updates, hotfixes or free support as of this date. To ensure the continued protection of your SINUMERIK PCU with Windows XP against possible viruses, spyware and other malware, we recommend that you use the SINUMERIK PCU 50.5 with Windows 7 and SINUMERIK Operate.

If due to technical reasons Windows XP systems must continue to be used in connection with HMI Advanced or SINUMERIK 840D, the following combination of security measures may be of avail:

  • Use of whitelisting
    Whitelisting protection mechanisms ensure that only trusted programs and applications are executed on a SINUMERIK PCU. They prevent the execution of impermissible software and changes to installed applications.
    Based on the SINUMERIK PCU 50.3 with Windows XP and HMI Advanced, the compatibility of the software McAfee Application Control has been tested.
  • Antivirus software
    All known antivirus software vendors have announced that they will continue to provide new signatures for Windows XP, however, only for a limited time. This means that during this transitional period, new virus signatures for the detection of malware will continue to be provided. An up-to-date virus scanner with the latest signatures will continue to help minimize the risk of becoming infected with viruses or Trojan horses. The virus scanner may be bypassed completely, however, due to unpatched vulnerabilities in the operating system itself.
  • Separate network structures/cell protection
    We recommend the use of Windows XP systems in a separate network in order to protect the production network. This structuring can minimize the risk of the computers becoming infected.
  • Use of firewalls/proxy server
    Access from outside to the SINUMERIK PCU can be restricted/prevented by integrating security modules with a firewall such as the Scalance S6xx from SIMATIC NET. If data must continue to be transferred from the isolated Windows XP network to a higher-level system, this can be implemented via an additional proxy computer with an up-to-date Windows operating system and two separate network cards with firewall.
  • Ghost images
    In the event of an infection, it is helpful if Ghost images of the configured SINUMERIK PCU are available so that they can be restored.

We expressly point out that these measures represent only part of a professionally worked out and implemented security concept. For the secure operation of Siemens products and solutions, it is necessary to take suitable preventive action (e.g. cell protection concept) and integrate each component into a holistic, state-of-the-art industrial security concept. Third-party products that may be in use should also be considered. For more information about industrial security, visit http://www.siemens.com/industrialsecurity.

Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit