Segmentados Administración sistemas y redes TI

In recent years, the constant technological evolution has made possible a large number of advances that would have been unthinkable years ago. In industrial environments, one of the latest developments that promises to stand out and is here to stay are virtual PLC.The virtualization of these controllers will make it possible to decouple the hardware from the software, i.e. the software will be installed in the engineering stations, while the hardware will remain in another area outside the production area.

The Industrial Internet of Things (IIoT) has experienced considerable growth in recent years, providing crucial improvements. However, it also has some limitations in terms of consumption, security, cost or scalability. In this blog, we will see how the appearance of LoRaWAN in this area can solve part of those limitations.

A high percentage of devices developed for the industrial world have physical interfaces that allow secondary communications to be established. These communications allow the execution of important tasks such as the management of the devices themselves or changing the way they interact with industrial processes. Although in most cases it is necessary to have physical access to the device in order to use these interfaces, manipulation of the device through these interfaces allows attackers to manipulate the operation of the system without leaving any trace if there are no mechanisms to protect the asset from hardware hacking.This article aims to show the most widespread physical interfaces in industrial devices and embedded systems in general. On the other hand, we want to show some attacks executed throughout history in the industrial world. These attacks, thanks to the physical manipulation of a device, have allowed attackers to achieve a great impact on the targeted industrial process

The physical protection of ports at hardware level within embedded systems allows control of the physical access interfaces, but what happens when these interfaces are necessary? Sometimes, access via JTAG or UART to systems is required for maintenance or modifications in different industrial processes. Thanks to these accesses, suppliers can access memory addresses to read or write, modify firmware, etc. Given the importance of these tasks, it is necessary to incorporate cybersecurity into the process and it is precisely on these measures that the subject of this article will focus.Protection against fault injections, encryption of some memory sections within microcontrollers, or simple write protection are some of the defences that can be implemented to avoid problems within an industrial infrastructure

A growing number of industrial companies are adopting vulnerability management on their devices and systems, in order to perform this management in a correct and efficient way, the first step is to create an asset inventory or update it. Some companies are looking for vulnerability management services to stay on top of the latest cybersecurity issues affecting their assets. In addition, we are also noticing an increase in the availability of tools and their implementation for vulnerability management.

With the industrial revolution of Industry 4.0, industrial processes have become more intelligent, and this has led to the deployment of a greater number of devices. All these deployments usually have a common point, being the gateways, which, after being deployed, are responsible for the translation of some protocols to the TCP/UDP frame or simply send the information to the cloud.Being a point that gathers a large amount of data and capable of providing intelligence to industrial processes, industrial gateways have become a very desirable target for attackers.

One of the most important activities in the industry is the industrial maintenance because it could extend the service life of devices. This activity has always been more mechanically oriented, but currently it might talk a new type of maintenance because the new industry technologies and increase of cyberattacks.This maintenance is more related with the informatic world and in this article will be able to see the principals characteristics and the actions to be taken to ensure that it is carried out correctly.

Currently, there is a constant evolution in the technologies and implementations made in Industrial Control Systems. On one hand, some of the most common implementations for the improvement of industrial systems infrastructures are digitalization and the use of cloud technology. On the other hand, the increase in communication protocols and IIoT devices (due to the growth of the Industry 4.0) generates a large volume of traffic that is difficult to control and secure.

The TETRA (Terrestrial Trunked Radio) network is a standard developed in Europe in the 1990s by ETSI (European Telecommunications Standards Institute), whose emergence came because of the management of telephone communications for extreme cases, in which standard communication via mobile might not work properly. Therefore, it can be considered as an alternative network for communications with emergency and security services to be always operational. TETRA unifies different digital radio interface alternatives for communications and serves as a standard for the construction of private mobile networks or PMR (Private Mobile Radio).

Within the industrial world, there are some sectors such as robotics, which has evolver considerably. This has led to the need to update all the regulations and standards, both in terms of physical (safety) and cybersecurity. (security). Given that the robotics sector is and will increasingly become a highly technical sector with exponential growth, the need to update all documentation has been promoted by a large group of companies in the sector, which, above all, have focused their concerns on the cybersecurity of the industrial robotics world.

Energy efficiency alternatives are nowadays on everyone’s lips given the energy crisis that is plaguing the vast majority of European regions. In Spain, the energetic companies are following alternatives based on the use of different technologies to solve problems as complex as such as the management of surplus energy in some infrastructures. One of the alternatives that seems to have greater depth within the sector is the use of Virtual Power Plant (VPP). This new concept of energy management makes it possible to interweave different energy sources into a single flow of electricity demand, managed through a global solution that is usually deployed in the cloud due to the amount of data that has to be processed. The management system proposed by Virtual Power Plant is simple: Take advantage of surplus energy from microgrids to balance supplies to infrastructures that need this energy. With this gesture, large distributors can take advantage of up to almost 100% of the power within all infrastructures, such as electric vehicle chargers, solar farms, wind turbine farms, etc.

The proliferation of cybersecurity incidents in industrial environments has given rise to a huge concern in the various existing sectors. Some of them, such us the energy sector, are choosing the path taking in the banking sector with the TIBER-EU framework. In addition, many governments are allocating large sums of money to their government agencies to develop strategic plans in which that exercises are included