![Imagen de Noticia Imagen decorativa Noticia](/sites/default/files/images/ImagenGeneral-INCIBE.jpg)
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/2024-04/Portada_Vehiculos.png)
The UN R155 and UN R156 regulations are of vital importance for vehicle cybersecurity. From July 2022, all car manufacturers that want to be type-approved must comply with both regulations, but from July 2024 this requirement will be extended to all new vehicles sold in the European Union, regardless of when the manufacturer obtained type-approval. One of the most important aspects of compliance with both regulations is the completion of a cybersecurity risk assessment of the vehicle, including all integrated components of the vehicle's supply chain. On the other hand, it also specifies how to incorporate cybersecurity from design, how to detect and respond to incidents, how to securely update vehicle software, etc.
![Imagen de Noticia Imagen decorativa Noticia](/sites/default/files/images/ImagenGeneral-INCIBE.jpg)
![Imagen de Noticia Imagen decorativa Noticia](/sites/default/files/images/ImagenGeneral-INCIBE.jpg)
![Imagen de Noticia Imagen decorativa Noticia](/sites/default/files/images/ImagenGeneral-INCIBE.jpg)
![Imagen de Noticia Imagen decorativa Noticia](/sites/default/files/images/ImagenGeneral-INCIBE.jpg)
![Imagen de Noticia Imagen decorativa Noticia](/sites/default/files/images/ImagenGeneral-INCIBE.jpg)
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/2024-04/Portada_CAPEC.png)
CAPEC (Common Attack Pattern Enumeration and Classification) is a project that focuses on enumerating and classifying common attack patterns on computer systems and providing a systematic approach to understanding and addressing the tactics used by attackers. Like CWE (Common Weakness Enumeration), CAPEC is an initiative of the computer security community and is maintained by the National Institute of Standards and Technology (NIST) in the United States. Recently in version 3.9, the project has incorporated a number of attack patterns related to the industrial world.
This article aims to show the reader the use of these codes, such as those used at the identifier level in CVEs, CWEs, etc., and which are related to many of the jobs that are carried out on a daily basis in the industrial cybersecurity sector.
![Imagen de Noticia Imagen decorativa Noticia](/sites/default/files/images/ImagenGeneral-INCIBE.jpg)
![Imagen de Noticia Imagen decorativa Noticia](/sites/default/files/images/ImagenGeneral-INCIBE.jpg)