Desarrollo seguro

Contenido Desarrollo seguro

Blog posted on 10/08/2023

Within the industrial world, systems can be detected that do not have all their cybersecurity capabilities activated. This can occur for a variety of reasons, but if detected, each case must be analyzed to get the most out of each device. 
The ability to robustly configure programs, services or other nuances within industrial systems is called bastioning and allows, among other things, to prevent assets from having a large exposure to the network or the solutions deployed in the system from having vulnerabilities resulting from misconfiguration.
In this article, we will begin by explaining what hardening is and how to apply it to our industrial network, along with some good practices to follow.

Blog posted on 29/06/2023

In recent years, the constant technological evolution has made possible a large number of advances that would have been unthinkable years ago. In industrial environments, one of the latest developments that promises to stand out and is here to stay are virtual PLC.
The virtualization of these controllers will make it possible to decouple the hardware from the software, i.e. the software will be installed in the engineering stations, while the hardware will remain in another area outside the production area.

Blog posted on 22/06/2023

IDSs are passive elements that are in our network to ensure its security, but what would happen if all our communications were encrypted, or would this protection measure be enough to ensure that my network is protected? These questions and more will be discussed in the following article to provide solutions and advice focused on industrial environments.

Blog posted on 25/05/2023

The physical protection of ports at hardware level within embedded systems allows control of the physical access interfaces, but what happens when these interfaces are necessary? Sometimes, access via JTAG or UART to systems is required for maintenance or modifications in different industrial processes. Thanks to these accesses, suppliers can access memory addresses to read or write, modify firmware, etc. Given the importance of these tasks, it is necessary to incorporate cybersecurity into the process and it is precisely on these measures that the subject of this article will focus.
Protection against fault injections, encryption of some memory sections within microcontrollers, or simple write protection are some of the defences that can be implemented to avoid problems within an industrial infrastructure

Blog posted on 11/05/2023

En este artículo se presentarán algunas soluciones útiles en la realización de test de vulnerabilidades en aplicaciones Android, resaltando las oportunidades que estas tareas aportan a la ciberseguridad.

Blog posted on 04/05/2023

The growth of cyberattacks suffered in the industrial world is very worrying, since it is a sector that until recently the vast majority of its devices were not connected to the Internet, so the implementation of cybersecurity had never been thought of.
But with Industry 4.0 all that has changed, since almost all devices are interconnected or have Internet connection creating many advantages, but also some problem.
That is why experts in this field have seen the need to improve and implement cybersecurity in the industry, for this they have created different models and applications. Some of these can be seen in the following article.

Blog posted on 27/04/2023

With the industrial revolution of Industry 4.0, industrial processes have become more intelligent, and this has led to the deployment of a greater number of devices. 

All these deployments usually have a common point, being the gateways, which, after being deployed, are responsible for the translation of some protocols to the TCP/UDP frame or simply send the information to the cloud.

Being a point that gathers a large amount of data and capable of providing intelligence to industrial processes, industrial gateways have become a very desirable target for attackers.

Blog posted on 20/04/2023

One of the most important activities in the industry is the industrial maintenance because it could extend the service life of devices. This activity has always been more mechanically oriented, but currently it might talk a new type of maintenance because the new industry technologies and increase of cyberattacks.
This maintenance is more related with the informatic world and in this article will be able to see the principals characteristics and the actions to be taken to ensure that it is carried out correctly.

Blog posted on 05/04/2023

Currently, there is a constant evolution in the technologies and implementations made in Industrial Control Systems. On one hand, some of the most common implementations for the improvement of industrial systems infrastructures are digitalization and the use of cloud technology. On the other hand, the increase in communication protocols and IIoT devices (due to the growth of the Industry 4.0) generates a large volume of traffic that is difficult to control and secure.

Blog posted on 27/03/2023

Within the industrial world, there are some sectors such as robotics, which has evolver considerably. This has led to the need to update all the regulations and standards, both in terms of physical (safety) and cybersecurity. (security). Given that the robotics sector is and will increasingly become a highly technical sector with exponential growth, the need to update all documentation has been promoted by a large group of companies in the sector, which, above all, have focused their concerns on the cybersecurity of the industrial robotics world.