The Kendall Village Board has decided to sidestep a $36,000 software replacement at its wastewater treatment plant by installing Windows 10 on a new computer and continuing to run the aging control system. The move, approved Monday, highlights a recurring dilemma for small municipalities: upgrade costs that dwarf IT budgets versus the security risks of clinging to legacy operating systems.

With Windows 10’s end-of-support deadline looming on October 14, 2025, the village’s choice raises urgent questions about the long-term viability of running critical infrastructure on an operating system that will soon stop receiving security patches. For a community of fewer than 500 residents, $36,000 represents more than spare change—it’s a line item that competes with road repairs and public safety.

The Software Dilemma in Industrial Control Systems

The wastewater plant’s control software is almost certainly a SCADA (Supervisory Control and Data Acquisition) application, purpose-built to monitor and manage pumps, chemical dosing, and filtration processes. These industrial systems are notorious for their longevity and resistance to modernization. Often, the software was designed for a specific Windows version—say, XP or 7—and vendors charge exorbitant fees to recertify or rewrite it for newer releases. In Kendall Village, the quoted $36,000 likely covers license migration, revalidation of control algorithms, and labor to ensure the critical processes remain fail-safe on a modern OS like Windows 11.

From an engineering standpoint, continuing with Windows 10 is not irrational. If the current control software works reliably on Windows 10, and the hardware is refreshed, the immediate operational risk is low. The plant can keep processing sewage without disruption. The problem is cybersecurity: without regular patches after October 2025, any new vulnerability discovered in Windows 10 will remain unpatched, leaving the system exposed to attackers who increasingly target water utilities.

Windows 10’s End of Life: A Ticking Clock for Public Infrastructure

Microsoft’s lifecycle policy is unambiguous: Windows 10 Home and Pro editions will cease receiving free security updates on October 14, 2025. After that date, only organizations purchasing Extended Security Updates (ESU) will get critical patches—and that program is primarily aimed at enterprises. ESUs are sold per device, with a price that doubles each consecutive year, making them a temporary bridge rather than a permanent solution. For a small village, even the ESU cost might be prohibitive over time.

More importantly, the ESU program does not guarantee the same breadth of vulnerability fixes that a fully supported OS receives. Zero‑day exploits targeting Windows 10 will become more frequent after mainstream support ends, as malicious actors know that many systems will remain unprotected. In the context of a wastewater plant, the nightmare scenario is a ransomware attack that encrypts the control server, halting treatment operations and risking environmental contamination. The 2021 Oldsmar, Florida incident—where an attacker remotely increased sodium hydroxide levels in a water treatment facility—serves as a stark reminder: these systems are in the crosshairs.

The Real Cost of Saving $36,000

At first glance, Kendall Village’s decision appears to be a straightforward budgetary win. The new computer hardware—likely an industrial‑grade PC with Windows 10 pre‑installed—costs only a fraction of the software upgrade. The control software remains unchanged, requiring no retraining of operators, no new integration testing, and no downtime. For a plant that runs 24/7, avoiding disruption is a powerful incentive.

But hidden costs accumulate. Without security updates, the village may be forced to isolate the wastewater SCADA network from all Internet connections—true air‑gapping—which complicates remote monitoring, alerts, and vendor support. That isolation, while improving security, introduces manual processes and delays in fault response. Furthermore, insurance carriers are increasingly scrutinizing the cyber hygiene of municipal infrastructure. A wastewater plant running an unsupported OS may see premiums rise or coverage denied entirely after a breach investigation.

Then there is the inevitable migration. Windows 10 will not last forever. When the hardware eventually fails, or when the control software needs a patch itself—for instance, to support new sensors—the village will face the same $36,000 bill (or more, after inflation). Kicking the can down the road only defers the expense; it does not erase it.

What Experts Say About Unsupported OSes in Critical Infrastructure

Cybersecurity agencies worldwide have sounded alarms against using obsolete software in operational technology (OT) environments. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) both recommend maintaining supported operating systems as a foundational security practice. For water facilities, the American Water Works Association (AWWA) echoes this stance, advising members to replace unsupported software or implement compensating controls.

Greg Hale, founder of ISAGCA (ISA Global Cybersecurity Alliance), often points out that industrial control systems were not designed with modern cyber threats in mind. “When you have an unpatched Windows box sitting on a control network, you’re essentially leaving the front door unlocked,” he said in a 2023 interview. “The attackers know these environments are soft targets.”

For Kendall Village, the best path might be a phased modernization: run Windows 10 with ESU for one year while budgeting for the software upgrade in the next fiscal cycle. Alternatively, the village could explore moving the SCADA software to a supported server‑based deployment, perhaps using Windows Server 2019 or 2022, which may be less expensive to license and support for longer. Some SCADA vendors also offer cloud‑hosted options that remove the OS burden, though connectivity to remote areas can be a barrier.

Community and Political Reactions

In the board meeting, officials likely weighed citizen sentiment. Tax increases are never popular, especially for something as unglamorous as wastewater. One board member might have argued: “Why spend $36,000 when what we have works fine?” That sentiment resonates in many small towns where infrastructure is invisible until something breaks.

Neighboring municipalities have faced similar choices. In 2022, the town of Laytonsville, Maryland, extended the life of its water treatment SCADA by switching to a Linux‑based gateway that communicated with the legacy Windows 7 machines, delaying a $20,000 replacement. Kendall Village could investigate such middle‑ground solutions if it has the technical staff to implement them.

Local residents, while not quoted directly in the board minutes, are likely to support the decision in the short term. The narrative of “saving taxpayer money” is politically potent, even if it increases long‑term risk. Without a visible crisis, cybersecurity arguments tend to lose out to more tangible concerns like potholes and school funding.

A Broader Trend in Municipal IT

Kendall Village is not alone. Across the United States, thousands of small water utilities run outdated control systems on obsolete Windows versions. According to a 2023 survey by the Water Information Sharing and Analysis Center (Water‑ISAC), 41% of water sector organizations reported running at least one unsupported operating system in their OT environment. Budget constraints (cited by 76%) and dependency on legacy software (61%) were the top reasons.

Windows 10’s impending end of support will force many of these organizations to confront the problem head‑on. Microsoft has been pushing Windows 11 aggressively, but the hardware requirements—TPM 2.0, eighth‑generation or newer Intel CPUs—mean that many industrial computers cannot upgrade without a hardware refresh. This creates a double‑bind: pay for new software and new hardware, or stick with the old and hope for the best.

Some vendors are starting to offer containerized SCADA solutions that run the legacy application inside a virtual environment on a supported host, effectively decoupling the application from the underlying OS. This approach could allow Kendall Village to postpone the full software replacement while still retiring Windows 10, but it requires skilled integration and testing.

Practical Takeaways for Similar Small‑Town Decisions

For other villages watching Kendall’s choice, several best practices can guide the debate:

  • Conduct a formal risk assessment. Quantify the financial impact of a successful cyberattack on the wastewater plant, including regulatory fines, cleanup costs, and reputational damage. Often, this number far exceeds the cost of modernization.
  • Investigate the ESU program. For Windows 10, Microsoft offers ESU for up to three years. Even one year of ESU can buy time to budget for a proper migration.
  • Isolate and monitor. If staying on an unsupported OS is unavoidable, implement network segmentation so that the SCADA network has no Internet access and is monitored by an intrusion detection system.
  • Involve the vendor. Push the SCADA vendor to provide a supported roadmap. If they cannot, consider how to mitigate the risk through alternative vendors or controls.
  • Plan for the upgrade now. Include the $36,000 (or whatever the quote) in the next budget cycle, even if you defer spending. That way, the board has already acknowledged the inevitable expense.

Looking Forward

October 2025 is not a distant deadline. The Kendall Village board’s decision buys time, but it also creates a looming technical debt. The wastewater plant is likely to function reliably for a while, yet each passing month without security patches increases the attack surface. The risk is asymmetric: the probability of a targeted attack is low, but the consequences are catastrophic.

One middle‑of‑the‑road option that the board might not have considered is a staggered migration. They could keep the current control system air‑gapped but install a parallel monitoring system on a modern, secure platform that collects data from the plant sensors without interfering with the primary controls. This would provide operators with safe visibility while limiting exposure.

Ultimately, Kendall Village’s story is a microcosm of the tension between fiscal conservatism and digital hygiene in public infrastructure. It will become a more common narrative as Windows 10’s retirement approaches. The villages that act now—prioritizing cybersecurity alongside other civic needs—will be better positioned to avoid headlines for the wrong reasons.

The clock is ticking.