Reporte de vulnerabilidades en IIoT. Proyecto DEFENDER
- URL: http://arxiv.org/abs/2507.10819v1
- Date: Mon, 14 Jul 2025 21:37:02 GMT
- Title: Reporte de vulnerabilidades en IIoT. Proyecto DEFENDER
- Authors: Pedro Almansa Jiménez, Lorenzo Fernández Maimó, Ángel Luis Peráles Gómez,
- Abstract summary: The main objective of this technical report is to conduct a comprehensive study on devices operating within Industrial Internet of Things (IIoT) environments.<n>The report seeks to identify and examine the main classes of IIoT devices, detailing their characteristics, functionalities, and roles within industrial systems.<n>It analyses the vulnerabilities affecting IIoT devices, outlining their vectors, targets, impact, and consequences.<n>The report presents a compilation of some of the most recent and effective security countermeasures as potential solutions to the security challenges faced by industrial systems.
- Score: 0.0
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The main objective of this technical report is to conduct a comprehensive study on devices operating within Industrial Internet of Things (IIoT) environments, describing the scenarios that define this category and analysing the vulnerabilities that compromise their security. To this end, the report seeks to identify and examine the main classes of IIoT devices, detailing their characteristics, functionalities, and roles within industrial systems. This analysis enables a better understanding of how these devices interact and fulfil the requirements of critical industrial environments. The report also explores the specific contexts in which these devices operate, highlighting the distinctive features of industrial scenarios and the conditions under which the devices function. Furthermore, it analyses the vulnerabilities affecting IIoT devices, outlining their vectors, targets, impact, and consequences. The report then describes the typical phases of an attack, along with a selection of real-world documented incidents. These cases are classified according to the taxonomy presented in Section 3, providing a comprehensive view of the potential threats to security and assessing the impact these vulnerabilities may have on industrial environments. Finally, the report presents a compilation of some of the most recent and effective security countermeasures as potential solutions to the security challenges faced by industrial systems. Special emphasis is placed on the role of Machine Learning in the development of these approaches, underscoring its importance in enhancing industrial cybersecurity.
Related papers
- Industrial Survey on Robustness Testing In Cyber Physical Systems [0.0]
This paper presents findings from an industrial survey conducted in Wallonia, covering a wide range of sectors.<n>It investigates robustness from how it is understood and applied in relationship with requirements engineering.<n>It identifies key challenges and gaps between industry practices and state-of-the-art methodologies.
arXiv Detail & Related papers (2026-03-04T20:30:39Z) - An Empirical Study on the Security Vulnerabilities of GPTs [48.12756684275687]
GPTs are one kind of customized AI agents based on OpenAI's large language models.<n>We present an empirical study on the security vulnerabilities of GPTs.
arXiv Detail & Related papers (2025-11-28T13:30:25Z) - Under Pressure: Security Analysis and Process Impacts of a Commercial Smart Air Compressor [0.0]
The integration of Industrial Internet of Things (IIoT) devices into manufacturing environments has accelerated the transition to Industry 4.0.<n>This paper conducts a comprehensive security analysis of a commercial smart air compressor, revealing critical vulnerabilities.
arXiv Detail & Related papers (2025-10-22T17:01:03Z) - IndustryEQA: Pushing the Frontiers of Embodied Question Answering in Industrial Scenarios [46.421243185923814]
Existing Embodied Question Answering (EQA) benchmarks primarily focus on household environments.<n>We introduce IndustryEQA, the first benchmark dedicated to evaluating embodied agent capabilities within safety-critical warehouse scenarios.<n>The benchmark includes rich annotations covering six categories: equipment safety, human safety, object recognition, attribute recognition, temporal understanding, and spatial understanding.
arXiv Detail & Related papers (2025-05-27T02:36:17Z) - A Survey of Model Extraction Attacks and Defenses in Distributed Computing Environments [55.60375624503877]
Model Extraction Attacks (MEAs) threaten modern machine learning systems by enabling adversaries to steal models, exposing intellectual property and training data.<n>This survey is motivated by the urgent need to understand how the unique characteristics of cloud, edge, and federated deployments shape attack vectors and defense requirements.<n>We systematically examine the evolution of attack methodologies and defense mechanisms across these environments, demonstrating how environmental factors influence security strategies in critical sectors such as autonomous vehicles, healthcare, and financial services.
arXiv Detail & Related papers (2025-02-22T03:46:50Z) - Cyber-Physical Security Vulnerabilities Identification and Classification in Smart Manufacturing -- A Defense-in-Depth Driven Framework and Taxonomy [0.0]
Existing solutions fall short in addressing the complex, domain-specific vulnerabilities of manufacturing environments.<n>This paper redefines vulnerabilities in the manufacturing context by introducing a novel characterization based on the duality between vulnerabilities and defenses.<n>We identify and classify vulnerabilities across the manufacturing cyberspace, human element, post-production inspection systems, production process monitoring, and organizational policies and procedures.
arXiv Detail & Related papers (2024-12-29T11:41:06Z) - Physical and Software Based Fault Injection Attacks Against TEEs in Mobile Devices: A Systemisation of Knowledge [5.6064476854380825]
Trusted Execution Environments (TEEs) are critical components of modern secure computing.
They provide isolated zones in processors to safeguard sensitive data and execute secure operations.
Despite their importance, TEEs are increasingly vulnerable to fault injection (FI) attacks.
arXiv Detail & Related papers (2024-11-22T11:59:44Z) - EARBench: Towards Evaluating Physical Risk Awareness for Task Planning of Foundation Model-based Embodied AI Agents [53.717918131568936]
Embodied artificial intelligence (EAI) integrates advanced AI models into physical entities for real-world interaction.<n>Foundation models as the "brain" of EAI agents for high-level task planning have shown promising results.<n>However, the deployment of these agents in physical environments presents significant safety challenges.<n>This study introduces EARBench, a novel framework for automated physical risk assessment in EAI scenarios.
arXiv Detail & Related papers (2024-08-08T13:19:37Z) - Object Detectors in the Open Environment: Challenges, Solutions, and Outlook [95.3317059617271]
The dynamic and intricate nature of the open environment poses novel and formidable challenges to object detectors.
This paper aims to conduct a comprehensive review and analysis of object detectors in open environments.
We propose a framework that includes four quadrants (i.e., out-of-domain, out-of-category, robust learning, and incremental learning) based on the dimensions of the data / target changes.
arXiv Detail & Related papers (2024-03-24T19:32:39Z) - Security and Safety Aspects of AI in Industry Applications [0.0]
We summarise issues in the domains of safety and security in machine learning that will affect industry sectors in the next five to ten years.
Reports of underlying problems in both safety and security related domains, for instance adversarial attacks have unsettled early adopters.
The problem for real-world applicability lies in being able to assess the risk of applying these technologies.
arXiv Detail & Related papers (2022-07-16T16:41:00Z) - Sustainability Through Cognition Aware Safety Systems -- Next Level
Human-Machine-Interaction [1.847374743273972]
Industrial Safety deals with the physical integrity of humans, machines and the environment when they interact during production scenarios.
The concept of a Cognition Aware Safety System (CASS) is to integrate AI based reasoning about human load, stress, and attention with AI based selection of actions to avoid the triggering of safety stops.
arXiv Detail & Related papers (2021-10-13T19:36:06Z) - Inspect, Understand, Overcome: A Survey of Practical Methods for AI
Safety [54.478842696269304]
The use of deep neural networks (DNNs) in safety-critical applications is challenging due to numerous model-inherent shortcomings.
In recent years, a zoo of state-of-the-art techniques aiming to address these safety concerns has emerged.
Our paper addresses both machine learning experts and safety engineers.
arXiv Detail & Related papers (2021-04-29T09:54:54Z) - Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance.
We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems.
We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.