Reporte de vulnerabilidades en IIoT. Proyecto DEFENDER

TL;DR

This report provides a comprehensive analysis of vulnerabilities in IIoT devices within industrial environments, highlighting attack vectors, real-world incidents, and the role of machine learning in enhancing security measures.

Contribution

It offers a detailed classification of IIoT device vulnerabilities, attack phases, and discusses recent security countermeasures with an emphasis on machine learning applications.

Findings

Identification of main vulnerability classes in IIoT devices

Analysis of real-world attack incidents and their impact

Evaluation of machine learning-based security solutions

Abstract

The main objective of this technical report is to conduct a comprehensive study on devices operating within Industrial Internet of Things (IIoT) environments, describing the scenarios that define this category and analysing the vulnerabilities that compromise their security. To this end, the report seeks to identify and examine the main classes of IIoT devices, detailing their characteristics, functionalities, and roles within industrial systems. This analysis enables a better understanding of how these devices interact and fulfil the requirements of critical industrial environments. The report also explores the specific contexts in which these devices operate, highlighting the distinctive features of industrial scenarios and the conditions under which the devices function. Furthermore, it analyses the vulnerabilities affecting IIoT devices, outlining their vectors, targets, impact, and consequences. The report then describes the typical phases of an attack, along with a selection of real-world documented incidents. These cases are classified according to the taxonomy presented in Section 3, providing a comprehensive view of the potential threats to security and assessing the impact these vulnerabilities may have on industrial environments. Finally, the report presents a compilation of some of the most recent and effective security countermeasures as potential solutions to the security challenges faced by industrial systems. Special emphasis is placed on the role of Machine Learning in the development of these approaches, underscoring its importance in enhancing industrial cybersecurity.