Arduino’s Post

Join our Oct 1st webinar on "Ensuring System Stability and Security for Large-Scale Power Systems" to hear how system-level control challenges can be addressed for large-scale power systems. We'll provide an overview of how control and estimation techniques can be used to mitigate stability concerns and test safety/cybersecurity. #MATLAB #Simulink #Electrification https://spr.ly/6043oBiXX

More attacks to OT systems, big need of hardening better controllers, microcontrollers:

📃Scientific paper: SNOW-SCA: ML-assisted Side-Channel Attack on SNOW-V Abstract: This paper presents SNOW-SCA, the first power side-channel analysis \(SCA\) attack of a 5G mobile communication security standard candidate, SNOW-V, running on a 32-bit ARM Cortex-M4 microcontroller. First, we perform a generic known-key correlation \(KKC\) analysis to identify the leakage points. Next, a correlation power analysis \(CPA\) attack is performed, which reduces the attack complexity to two key guesses for each key byte. The correct secret key is then uniquely identified utilizing linear discriminant analysis \(LDA\). The profiled SCA attack with LDA achieves 100% accuracy after training with $\<200$ traces, which means the attack succeeds with just a single trace. Overall, using the \textit\{combined CPA and LDA attack\} model, the correct secret key byte is recovered with \<50 traces collected using the ChipWhisperer platform. The entire 256-bit secret key of SNOW-V can be recovered incrementally using the proposed SCA attack. Finally, we suggest low-overhead countermeasures that can be used to prevent these SCA attacks. Continued on ES/IODE ➡️ https://etcse.fr/yMj7Q ------- If you find this interesting, feel free to follow, comment and share. We need your help to enhance our visibility, so that our platform continues to serve you.

https://lnkd.in/gU6Xh9ST It is important that the secure memory is located within the microcontroller and not added as an external device/ IC, e.g. Secure Element (SE), Trusted Platform Module (TPM) or secure storage. This is important because the authenticity of the SE or TPM devices cannot be guaranteed (e.g., the devices could be swapped on the PCB). This does not mean that SE and TPM circuits are insecure, it just means that Secure Boot is needed to operate these devices securely.

Join our Oct 1st webinar on "Ensuring System Stability and Security for Large-Scale Power Systems" to hear how system-level control challenges can be addressed for large-scale power systems. We'll provide an overview of how control and estimation techniques can be used to mitigate stability concerns and test safety/cybersecurity. #MATLAB #Simulink #Electrification https://spr.ly/6049mNvc9

Join our Oct 1st webinar on "Ensuring System Stability and Security for Large-Scale Power Systems" to hear how system-level control challenges can be addressed for large-scale power systems. We'll provide an overview of how control and estimation techniques can be used to mitigate stability concerns and test safety/cybersecurity. #MATLAB #Simulink #Electrification https://spr.ly/6042mA94G

Siemens has disclosed a vulnerability in their SIMATIC S7-200 SMART Devices. The CVE-2024-35292 is rated high, with a CVSS score of 8.2. This vulnerability allows attackers to predict IP ID sequence numbers as their base method of attack, potentially leading to a denial-of-service condition. Read the blog by Blain Smith and Rob King for more insights including how you can find potentially vulnerable systems with runZero👇 https://lnkd.in/e8YdvepU

Join Deb Radcliff and James Warne on the latest episode of TalkSecure discussing how subtle yet critical weaknesses in embedded devices can lead to vulnerabilities. With his background in development, Jay sheds light on how issues with sensors, antennas, modulators, and voltage can lead to vulnerabilities. 🔗 Check out the full video to dive deeper into this fascinating topic and discover how understanding these low-level functions can bolster the security and efficiency of our embedded systems! #EmbeddedSystems #Cybersecurity #IndustrialIoT #Manufacturing #ResearchInnovation https://lnkd.in/e3YhG2se

Engineering Secure Devices guides you through the intricate landscape of threats, safeguards, and design principles crucial for crafting secure embedded devices. Better yet, you'll learn how to protect users without sacrificing performance or aesthetics. https://lnkd.in/ehwdPpkf

Caldera™ is a cybersecurity framework developed by MITRE that empowers cyber practitioners to save time, money, and energy through automated security assessments. - With Caldera, your cyber team can build a specific threat (adversary) profile and launch it in a network to see where you may be susceptible. This helps with testing defenses and training blue teams on how to detect specific threats. - Enables your team to perform automated testing of cyber defenses, to include network & host defenses, logging & sensors, analytics & alerting, and automated reponse. - Helps your red team perform manual assessments with computer assistance by augmenting existing offensive toolsets. The framework can be extended with any custom tools you may have. - Directly and indirectly enables cutting-edge research in cyber gaming, emulation & simulation, automated offensive & defensive cyber operations, cyber defense analytics and cyber defense models. It's free: https://lnkd.in/dBdMd4D6