Goodbye Windows XP; Hello IsXP?

Microsoft Windows XP support ends April 8. What happens April 9? Three things to remember. NEW: Updated with answers to reader feedback on April 14.


Goodbye Microsoft Windows XP, you have had your time. You are now obsolete at the ripe old age of 13. It doesn't matter that there are tens of millions, even hundreds of millions, of you still out there. It doesn't matter that you are running ATMs and point-of-sale terminals, and are in thousands of production facilities. It doesn't matter that you are running in critical infrastructure and mission critical systems. It doesn't matter that these systems are keeping our water, food, and medicine safe, and keeping our water, natural gas, and gasoline flowing. Your time had passed on April 14, 2009, at the ripe old age of 8, but you have been on extended life support since them. None of these things matter; your final time has now passed, and on April 8, 2014, you will no longer be a supported product.

Stranded investments

Because Windows XP was the first truly reliable commercial multi-windowed system, it became the "go-to" standard for control, human machine interface (HMI), and instrumentation systems. Companies have invested billions of dollars in these systems and expected them to have the same multi-decade lifetime of other industrial systems. Lifetimes of 15 to 30 years are common in industrial systems.

If Windows XP had been built on an open source model, there would probably still be an active community to support the operating system, just as other open source software has lasted 30 or more years. However, the Windows XP system is Microsoft's property and the only support is through Microsoft. Microsoft may continue to offer extended support, but that seems unlikely given the move to the "one-size-fits-all" approach for PCs, notepads, and phones. If support is offered, the cost per PC will probably be high with limited support, and could still be stopped any time at Microsoft's discretion.

A better solution would be for Microsoft to outsource Windows XP support to an independent third party, to provide Lifetime Support XP (lsXP). That organization could then provide critical and important security patches on a subscription basis. It could quickly respond to zero day attacks, and help protect the millions of XP systems in critical infrastructure or mission critical systems. This approach is a win-win for Microsoft and users. Eventually the Windows XP systems will be replaced, and if industrial and financial companies feel that they will have long-term support organizations for commercial Windows operating systems, then they will look favorably upon Microsoft for replacements. Because so many XP systems are in critical infrastructures in multiple countries, the whole world would be well served to encourage Microsoft to outsource Windows XP support, and plan for the same outsourced support for future obsoleted software.

3 things to remember after XP

If lsXP doesn't develop, then there are only three things to remember to keep your XP systems running: protect, protect, and protect. With zero day attacks continually being discovered, many that affect operating systems and services, there will be an ongoing need to protect your XP systems from infection. This means stronger firewall rules, stronger password rules, severely limited outside access, white listing tools, root kit inspections, tightly constrained external device (USB, CD) connections, and additional security training for system users.

Unfortunately, there is no easy answer to the upcoming loss of support for Windows XP. These systems will become more expensive to maintain and replace. This is the hidden future cost of using commercial software on systems that have lifetimes of 15-30 years. If this is not a wakeup call for vendors to take a long, hard look at the systems they use for their systems, then it is a wakeup call for end users to demand software that lasts as long as the hardware.

- Dennis Brandl, president of BR&L Consulting in Cary, N.C., writes "Engineering and IT Insight" for Control Engineering. His firm focuses on manufacturing IT. Edited by Mark T. Hoske, content manager, CFE Media, Control Engineering and Plant Engineering,


At, search related topics.

See other articles for 2013 at

- See other Manufacturing IT articles

This file, originally posted March 31, 2014, was updated on April 14, with answers to reader feedback, below.

1. Do you know if a Lifetime Support XP (lsXP) has become available?

Unfortunately, Lifetime Support is not available. This was an idea, thrown out in the hope that someone will pick up the concept and run with it. Of course, that someone would probably have to be someone at Microsoft. The idea only works if Microsoft is ready to give up the XP source code to an independent 3rd party, and allows the organization to hire former and current Microsoft employees.  This may work if the third party is a non-profit (it gives Microsoft a tax write-off and would raise fewer issues about gouging license fees) and the current or former employees are those nearing retirement but that want to stay active.   Maybe Bill or Steve would be willing to part with a couple million to make it work?  Unfortunately, I don’t have their phone numbers to call. 

2. We have McAfee and Verizon anti-virus software on our computers.  Is this enough to protect us from attacks or computer virus?

This is a good start, but zero-day attacks, which are vulnerabilities that are exploited before the anti-virus vendors can respond, are still a problem.   To help in those attacks, the systems should also be protected behind firewalls, all unused programs and application removed, any unused accounts removed, and make sure that you are not using default passwords on any applications.  These changes will reduce your risk, and if the systems have no direct connection to the intranet, or even your company’s business network, then this reduces your risk about as low as it can get for an XP system.  

3. What are “white listing tools” and “root kit inspections” mentioned in the article?

White listing tools are extensions to the operating system that checks that only approved (white listed) programs are running, and that the running programs have the signature.  This means that have not been modified by a virus or hacker.   

Root kit inspection tools check that the startup parts of the computer have not be modified or changes by a virus or hacker.  The changes are made in the “root” of the operating system, so that they are not seen by anti-virus tools.  With a root kit attack, the system is compromised as soon as it starts up.  Root kit inspections read the boot sectors on the disk and check the BIOS to make sure that these are correct and not infected. 

Anonymous , 04/01/14 11:26 AM:

For those in the HMI, SCADA world, there are alternatives and I don't mean MacOS. Anyone ever heard of Linux ? For starters, take a look at Oh yes, did I mention that it's free ? and,no. It is not of the you-get-what-you-pay-for-it variety. This comment was written in a laptop running Ubuntu Linux, which I have used now for over 5 years without a hitch.
Anonymous , 04/01/14 11:46 AM:

Look, XP is obsolete. Let it go. Win 7 and Win 8 are great systems that are truly reliable. Don't buy the commercial news anti Microsoft hype and complaints. ISXP is for those looking backwards and those that have no future vision.

Keeping moving forward and let XP go already. Oh, and 13 is very old for an OS. If you want something to be in a fixed state, go embedded. Ha, no wait, chipset life is shrinking as well.
David , United Kingdom, 04/01/14 12:01 PM:

I agree. Even though a small business user, I believe we will still run XP, as we have tried to migrate to Windows 8 but it is so different, and access to our history seems more difficult, diaries are not in sync etc. XP is a steady workhorse which should still be supported somehow.
AZAM , IN, United States, 04/01/14 01:32 PM:

All PLC, HMI, and other automation product manufactureres need to speed up and upgrade their develeopment sfotware to work with latest windows. There is no other solution.
DIRK , PA, United States, 04/01/14 01:41 PM:

May be somebody has the idea to file an anti-monopoly case against Microsoft.
BRYAN , WA, United States, 04/01/14 03:24 PM:

The article poses interesting ideas on extending lifecycle support.

Given that the operating system is just a piece of the puzzle, is this really a call to open source the application layer too?

Similarly legacy hardware and drivers are notorious for support lifecycle issues. The open model could be applicable to hardware as well?

(FD: my experience with knock off hardware and clones has been poor. For me hardware obsolence is a 'hard' trigger for system relife)
JAMES , TX, UNITED STATES, 04/01/14 04:26 PM:

I would encourage Microsoft to continue to provide support, internal or external.
Anonymous , 04/01/14 06:06 PM:

For me, this is the last straw. I and I hope millions of other XP users migrate to an Apple system. I don't want to do this but I am tired of being jacked around by Microsoft. At least their stuff works reliably. "The redcoats are coming"
PHIL , TX, United States, 04/01/14 10:36 PM:

It has been by far my most reliable OS.
C.G. , FL, United States, 04/02/14 10:13 PM:

I gave up on Microsoft's high-handed marketing tactics around the time XP had its disasterous debut. It's no surprise that legacy XP systems are in danger of abandonment. The surprise is that so many owners/maintainers of critical systems were fool enough to rely on Microsoft products to begin with.
Consulting-Specifying Engineer's Product of the Year (POY) contest is the premier award for new products in the HVAC, fire, electrical, and...
Consulting-Specifying Engineer magazine is dedicated to encouraging and recognizing the most talented young individuals...
The MEP Giants program lists the top mechanical, electrical, plumbing, and fire protection engineering firms in the United States.
Salary survey: How much are you worth?; Dedicated outdoor air systems; Energy models and lighting
Fire, life safety in schools; Fire protection codes; Detection, suppression, and notification; 2015 Commissioning Giants; Emergency and standby power in hospitals
HVAC and building envelope: Efficient, effective systems; Designing fire sprinkler systems; Wireless controls in buildings; 2015 Product of the Year winners
Designing positive-energy buildings; Ensuring power quality; Complying with NFPA 110; Minimizing arc flash hazards
Implementing microgrids: Controlling campus power generation; Understanding cogeneration systems; Evaluating UPS system efficiency; Driving data center PUE, efficiency
Optimizing genset sizing; How the Internet of Things affects the data center; Increasing transformer efficiency; Standby vs. emergency power in mission critical facilities
As brand protection manager for Eaton’s Electrical Sector, Tom Grace oversees counterfeit awareness...
Amara Rozgus is chief editor and content manager of Consulting-Specifier Engineer magazine.
IEEE power industry experts bring their combined experience in the electrical power industry...
Michael Heinsdorf, P.E., LEED AP, CDT is an Engineering Specification Writer at ARCOM MasterSpec.