fast16 as a Second-Order Subversion Attack

SentinelOne's April 2026 disclosure of fast16, a precision sabotage framework compiled in August 2005, predates Stuxnet by five years and corrupts floating-point calculations in engineering simulation software via kernel-mode filesystem filtering. The infosec community described the mechanism accurately but did not classify the attack class. This paper applies the nth-order attackframework from Bilar (NATO CCDCOE, 2009) and argues fast16 is a second-order subversion attack: the high-precision research end system is reached through two successive ancillary systems, the OS kernel filesystem stack and the engineering simulation software above it. The wormlet is a delivery mechanism, not a distinct ancillary hop.…