Home / Blog / Filter / Blog
Subscribe to CERTSI - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Critical infrastructures
Aurora_ICS

Aurora vulnerability: origin, explanation and solutions

Posted on 09/26/2019, by INCIBE
Perhaps, given the many important cybersecurity leaks and intrusions in recent years involving everything from social media accounts to critical infrastructure and classified military secrets, the attention paid to the Aurora vulnerability has not been proportional to its seriousness and systems affected. This is because it affects almost every electrical system in the world, and potentially any rotating equipment, whether it generates energy or is essential for an industrial or commercial installation. If the threat is so widespread, why isn’t the industry more worried and actively looking for solutions? From this article various possible reasons for this are given.
Reloj

Real-Time Operating Systems, hardening and functioning

Posted on 07/25/2019, by INCIBE
ICS environments are made up of very heterogeneous machines, with large differences depending on the system we are dealing with. Some of these systems have very strict response time requirements for their correct operation and therefore use real-time operating systems. Throughout this article we will see what real-time operating systems are, how they work, and we will propose hardening measures to reduce the likelihood that these devices will suffer a cyberattack.
CVSS_SCI

Industrial CVSS: alternative calculations for different needs

Posted on 07/23/2019, by INCIBE
Over time, different communities of experts related to the world of industrial cybersecurity have realised the challenge of calculating the CVSS (Common Vulnerability Score System) for vulnerabilities in industrial environments. This article aims to show the alternatives proposed by experts, such as RSS-MD, TEMSL and IVSS in order to correctly calculate their severity in the industrial environment.
image of Monitoring Networks and Events in SCIs

Monitoring Networks and Events in SCIs: more Information, more Security

Posted on 06/28/2018, by INCIBE
Advances in security within control systems have brought us many of the security tools and services offered in IT for this environment. Until now, protection was based on reactive measures, acting only where there was evidence of the attack, but this trend changed with deployment of monitoring and the proactive defensive actions that this can provide.
Robots and drones

Robots and drones in the Industry 4.0

Posted on 07/20/2017, by INCIBE
Industry 4.0 integrates a large amount of devices used to provide the industrial processes with more intelligence. Among said devices we can find many different types of equipment such as drones or robots that perform specific tasks or tasks requiring precision. The use of these devices –quite well known nowadays– has certain implications for the security of control systems.

Pages