British putting Huawei under spotlight over use of US firm’s ageing software
Software installed on some of the Chinese firm’s hardware will expire in 2020, leaving devices open to security risks, source say citing British government report
Huawei Technologies is facing increased scrutiny in Britain because it is using an ageing software component sold by a firm based in the US, where lawmakers claim its equipment could be used to spy for the Chinese, sources told Reuters.
A report last month by a British government oversight board charged with analysing Huawei equipment said it found technical and supply chain “shortcomings” which exposed the country’s telecoms networks to security risks.
One of those is due to Huawei’s use of the VxWorks operating system, which is made by California-based Wind River Systems, said three people with knowledge of the matter, all of whom spoke on condition of anonymity when discussing details which were not made public in the report.
The sources said the version of VxWorks being used by Huawei will stop receiving security patches and updates from Wind River in 2020, even though some of the products it is embedded in will still be in service, potentially leaving British telecoms networks vulnerable to attack.
“Third party software, including security critical components, on various component boards will come out of existing long-term support in 2020, even though the Huawei end of life date for the products containing this component is often longer,” the July report said, although did not mention VxWorks.