Blog
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Industrial Control System
Aurora vulnerability: origin, explanation and solutions
Perhaps, given the many important cybersecurity leaks and intrusions in recent years involving everything from social media accounts to critical infrastructure and classified military secrets, the attention paid to the Aurora vulnerability has not been proportional to its seriousness and systems affected. This is because it affects almost every electrical system in the world, and potentially any rotating equipment, whether it generates energy or is essential for an industrial or commercial installation.
If the threat is so widespread, why isn’t the industry more worried and actively looking for solutions? From this article various possible reasons for this are given.
My industrial devices support LDAP, now what?
The main security standards and best practice guidelines in industrial cybersecurity include as a requirement the need for a user authentication system. The options involve implementations in each device of this system or being integrated into a centralised user authentication system. One of the most-used options is the use of the LDAP protocol, but there are a number of points to consider in the design phase, which are key when implementing a specific centralised user management system for industrial control systems, under LDAP.
The improvement of IIoT in industrial environments
In recent years there has been an increase in interconnectivity between devices thanks to the Internet of Things (IoT). This has affected all sectors, including industry, which has been involved in an era of connectivity of industrial devices. This concept is known as the Industrial Internet of Things (IIoT).
Attacking a BusyBox, the small Gaulish village
A BusyBox is software or a program that combines several functionalities in a small executable. This small tool was created for use in integrated operating systems with very limited resources, and they are usually used in control systems. But, as in all tools, you have to know what security level they have and if it can be improved.
Radio frequencies in industrial environments
In the industrial world there are many communications including radio communications. This article aims to inform the reader about these types of communications available and some concepts to consider. Also, about cases of cyberattacks that have been detected in order to prevent them in the future.
Secure network architecture, things in order
Control system networks have grown immensely in recent years, something similar to what happened with the explosion of IT networks in the 1980s. This growth is happening somewhat chaotically, promoted mainly by productive needs and by the lack of joint definition of network administration managers for IT and OT, instead of doing it by thinking of the future, scalability and security.
Real-Time Operating Systems, hardening and functioning
ICS environments are made up of very heterogeneous machines, with large differences depending on the system we are dealing with. Some of these systems have very strict response time requirements for their correct operation and therefore use real-time operating systems.
Throughout this article we will see what real-time operating systems are, how they work, and we will propose hardening measures to reduce the likelihood that these devices will suffer a cyberattack.
Industrial CVSS: alternative calculations for different needs
Over time, different communities of experts related to the world of industrial cybersecurity have realised the challenge of calculating the CVSS (Common Vulnerability Score System) for vulnerabilities in industrial environments. This article aims to show the alternatives proposed by experts, such as RSS-MD, TEMSL and IVSS in order to correctly calculate their severity in the industrial environment.
Cybersecurity standards at sea
Trips across the ocean have changed over the years with the arrival of the industrial revolution and information technology, among other things, making technology its best ally, both to automate their navigation and to control their location from land-based stations. However, this total dependence on technology brings with it important security issues that need to be addressed with the importance they deserve.