Today, rail transport is a key strategic sector, both for the transport of people and goods of all kinds. It is also a sector in constant evolution and progress, which has adopted new technologies, from Wi-Fi zones for employees and customers, to new remote distributed control technologies, GPS and IoT.
While all applied technologies provide many advantages, they can also bring problems and introduce cybersecurity risks. The objective of this article will be to raise awareness of some of the most important cyber-attacks that have occurred in the industry and to contribute to the general awareness of the evolution of railway cybersecurity and cyber-attack protection measures available to the industry.
There are currently many standards and regulations in the industrial sector. A wide variety of them allow industrial organizations to check their level of maturity, such as IEC 62443, or to improve the security level of the organization through the application of a series of guidelines, good practices or guides, as in the case of the NIST Framework.
Given the growth of the industrial sector, and the increase in capabilities, both in production and connectivity, thanks to the consolidation of Industry 4.0 and the emergence of Industry 5.0, industrial environments are in the focus, not only of technological improvements, but also of cyber-attacks.
The application and implementation of the IEC 62443 family, in combination with the NIST Framework, will enable organizations to reduce, mitigate and control the possibility of suffering a cyber-attack by implementing the controls and best practices defined in both standards.
In today's business landscape, the digital revolution has led to an unprecedented transformation, and at the epicenter of this evolution are Industrial Internet of Things devices (IIoT). These devices, skilled in collecting and transmitting data in real-time, have emerged as fundamental pillars, that drive operational efficiency and decision-making in industrial environments.
From advanved sensors to smart sctuators, the network of IIoT devices implemented in the industrial fabric is improving the frontiers of connectivity, impacting the way companies design, implement, and manage their operations.
In this article, we will learn about the role of these devices within Industry 4.0, analyzing how different types of architectures are implemented and how their communications protocols shape the future of the industry.
The UN R155 and UN R156 regulations are of vital importance for vehicle cybersecurity. From July 2022, all car manufacturers that want to be type-approved must comply with both regulations, but from July 2024 this requirement will be extended to all new vehicles sold in the European Union, regardless of when the manufacturer obtained type-approval. One of the most important aspects of compliance with both regulations is the completion of a cybersecurity risk assessment of the vehicle, including all integrated components of the vehicle's supply chain. On the other hand, it also specifies how to incorporate cybersecurity from design, how to detect and respond to incidents, how to securely update vehicle software, etc.
En la actualidad, el crecimiento de las plantas industriales ha provocado una incesante búsqueda en la mejora de la productividad de los procesos industriales. Esto ha llevado a la evolución de los dispositivos IIoT y, con ello, la emergencia de las pasarelas ICS. Estas se han postulado como puentes tecnológicos, tendiendo vínculos, puentes, entre los dispositivos instalados y la inmensidad de los entornos cloud. En este artículo descubrirás el papel central de estas pasarelas, descubriendo su función como facilitadoras esenciales en la convergencia de la ingeniería tradicional y la innovación en la nube.
Technology adoption in industrial plants is part of the global digital transformation. This evolution provides greater knowledge of all the elements that interact in industrial processes, but it can also incorporate cybersecurity issues if a series of good practices are not followed. The development of this article focuses on the problems introduced by Wi-Fi communications and their growth in industrial environments.
En la actualidad, el sector industrial se ha convertido en uno de los blancos más frecuentes de los ciberdelincuentes. Convirtiendo el cibercrimen en uno de los principales riesgos del sector, ya que el objetivo preferido en las redes industriales son los equipos críticos que desempeñan un papel fundamental en el sistema. Por tanto, en este artículo, exploraremos las distintas fases y formas de un ciberincidente en un entorno industrial, para entender el riesgo que representan y como prevenirlos.
The M-Bus protocol is a common protocol in the industry in general, it’s daily use can be related to devices for measurements of electricity, gas, water, heating, etc. This protocol has a wireless variant called Wireless M-Bus and works through a hierarchical master/slave system, standardized according to EN13757.
Space is an increasingly important element in the critical infrastructures of all countries. The possibility of losing or degrading space services can significantly affect both national security and all customers who have contracted services involving the use of satellites or any other space devices, resulting in major economic and security losses.
To protect it, the National Institute of Standards and Technology (NIST) has developed a cyber security framework for the commercial ground segment of the space sector, providing a means for stakeholders to assess their cyber security posture in terms of identification, protection, detection, response and recovery operations, thereby evaluating the level of risk to the satellite ground segment structure.
In the electricity sector, it has always been necessary to use robust communications that allow proper communication, since a failure in this sector would cause a large number of losses, both economic and social.
In addition, with the technological advances, it is important also to have secure communications since the electricity sector is one of the sectors that currently suffers the most cyber-attacks. For this reason, in recent years different robust and secure protocols have been created.
One of these protocols is DNP3, created mainly for the use of substation automation and control systems, for the electric utility industry, although it has now also been used for other sectors.
Finally, in this article we want to explain in more depth the operation of this protocol and the benefits or disadvantages of using this protocol.