ICS environments are made up of very heterogeneous machines, with large differences depending on the system we are dealing with. Some of these systems have very strict response time requirements for their correct operation and therefore use real-time operating systems. Throughout this article we will see what real-time operating systems are, how they work, and we will propose hardening measures to reduce the likelihood that these devices will suffer a cyberattack.
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Critical infrastructures
Over time, different communities of experts related to the world of industrial cybersecurity have realised the challenge of calculating the CVSS (Common Vulnerability Score System) for vulnerabilities in industrial environments. This article aims to show the alternatives proposed by experts, such as RSS-MD, TEMSL and IVSS in order to correctly calculate their severity in the industrial environment.
Advances in security within control systems have brought us many of the security tools and services offered in IT for this environment. Until now, protection was based on reactive measures, acting only where there was evidence of the attack, but this trend changed with deployment of monitoring and the proactive defensive actions that this can provide.
Today, we are unable to picture cars without a hands-free system, TVs which are not smart and a bunch of other devices without information processing systems. This can be achieved thanks to embedded systems, the use of which entails security risks.
After having analysed the "why" behind the cybersecurity capacities evaluation model in the first entry dedicated to the C4V model and after having explained how to carry out an appropriate management of risks in the value chain in the second edition, this third edition is dedicated to explaining how to carry out an evaluation of ourselves.
Industry 4.0 integrates a large amount of devices used to provide the industrial processes with more intelligence. Among said devices we can find many different types of equipment such as drones or robots that perform specific tasks or tasks requiring precision. The use of these devices –quite well known nowadays– has certain implications for the security of control systems.
Remote accesses to control devices from networks outside the company are a major problem but, what about direct accesses made thanks to the accessibility of the device? This article explains the concept of hardware hacking and the hazards for the industry.
Alarm bells ringing again –a new malware threats industrial networks. After the attack suffered in Ukraine with BlackEnergy and the failures occurred at the beginning of the year, other new malware is added to the list of attackers of industrial control systems started by Stuxnet