signalling and cyber security - irse nederland...component iec 62443-4.1 iec 62443-4.2 system...

Signalling and Cyber Security

Email: [email protected]

John Boss

Cyber Security Management System(CSMS: IEC 62443-2-1)

Information Security Management System(ISMS: ISO 27001)

Risk Management

Security Operations Centre(SOC)

One possible risk mitigation

CSMS/ISMS includes

Railways use IT and OT

Cyber security managed by

IOC

One security measure

Vulnerabilities (killchain)

Cryptography - 3DES


Cryptographic Keys Which makes these really really important

Attackers exploitContext diagram:for (a couple of)

cyber security areas

2

2) Management Systems

3) Cryptography 4) SOC

1) Definitions



Risk Management


CSMS/ISMS includes



IOC



Cryptography - 3DES



Attackers exploitAgenda for this evening.


3

Definitions

VulnerabilitiesZero DaysKill chainIT OT

…threat actors exploit vulnerabilities to launch attacks…

4

Vulnerabilities• A flaw or weakness in a system's design, implementation or operation

and management that could be exploited to violate the system's integrity or security policy (see IEC/TS 62443-1-1).

• Allow a system to be used in a manner for which it was not intended

5

Date of Birth

6

Date of Birth Send me all records…..

7

Vulnerabilities• In Generic Applications, Specific Applications, Operating Systems,

boxes, resident code, firmware…..

• Open Source Vulnerability notices E.g. CVE: Common Vulnerabilities and Exposures

8

https://cve.mitre.org

9

https://cve.mitre.org/

• CVE does not include zero days

11

Vulnerabilities – People and processes• Phishing emails

• USB sticks

•Manuals

• Engineering back doors / work arounds

12

Vulnerabilities - Standards

© This document has been developed and released by UNISIG

SUBSET-037 v3.2.0

EuroRadio FIS Page 1/126

ERTMS/ETCS

EuroRadio FIS

REF : SUBSET-037 ISSUE : 3.2.0 DATE: 17 December 2015

Company Technical Approval Management approval ALSTOM

ANSALDO

AZD

BOMBARDIER

CAF

SIEMENS

THALES

ERA * UNISIG * EEIG ERTMS USERS GROUP

SUBSET-026-8 3.6.0 13/05/2016

System Requirements Specification Chapter 8 Messages

Page 1/33

ERTMS/ETCS

System Requirements Specification Chapter 8 Messages

REF : SUBSET-026-8 ISSUE : 3.6.0 DATE : 13/05/2016

13

Cyber - concepts

• Vulnerabilities: It works - but not in the way you expect…

• Anatomy of a cyber attack: the kill chain…

Recon. Delivery Exploit Infection Lateral move

Act on objects

Kill Chain TM

14

ATT&CK

attack.mitre.org

15

ERTMS


SUBSET-026-2 3.6.0 13/05/2016

System Requirements Specification Chapter 2

Basic System Description

Page 11/25

2.5.3 ERTMS/ETCS reference architecture

(*) Depending on its functionality and the desired configuration, the national system can be addressed either via an STM using the standard interface or via another national solution

Train On-board recording deviceDriver

BIU TIU Juridical data

BTM

DMI function

STM control function

LTM EURORADIO

Odometry

GSM-RMobile

GSM-R fixed network

SUBSET-034 ERA_ERTMS_015560

SUBSET-037A11T6001

SUBSET-027

RBC 1

EURORADIO

SUBSET-037

RIU

EURORADIOEUROBALISE EUROLOOP

LEUInterlocking

NationalSystem

STM

Othersolution

SUBSET-044SUBSET-036

KMC 2

SU

BSE

T-11

4S

UBS

ET-

137

ETCSOn-board

KMC 1

ETCSTrackside

RBC 2

EURORADIO

SU

BSE

T-11

4S

UBS

ET-

137

SU

BSE

T-11

4S

UBS

ET-

137

NationalSystem(*)

or

SUB

SET-

101

SUBSET-036 SUBSET-044



SUB

SET-

035

SU

BS

ET-

056

SU

BS

ET-

057

SUB

SET-

058

Control Centre

PKI

SU

BSE

T-13

7

SUBSET-137

SUBSET-137


Figure 1: ERTMS/ETCS system and its interfaces

2.5.3.1 Note: the entities inside the ERTMS/ETCS on-board equipment box are shown only to highlight the scope of the interfaces that are specified in the TSI CCS annex A.

System under Consideration

16


SUBSET-026-2 3.6.0 13/05/2016

System Requirements Specification Chapter 2

Basic System Description

Page 11/25

2.5.3 ERTMS/ETCS reference architecture

(*) Depending on its functionality and the desired configuration, the national system can be addressed either via an STM using the standard interface or via another national solution

Train On-board recording deviceDriver

BIU TIU Juridical data

BTM

DMI function

STM control function

LTM EURORADIO

Odometry

GSM-RMobile

GSM-R fixed network

SUBSET-034 ERA_ERTMS_015560

SUBSET-037A11T6001

SUBSET-027

RBC 1

EURORADIO

SUBSET-037

RIU

EURORADIOEUROBALISE EUROLOOP

LEUInterlocking

NationalSystem

STM

Othersolution


KMC 2

SU

BSE

T-11

4S

UBS

ET-

137

ETCSOn-board

KMC 1

ETCSTrackside

RBC 2

EURORADIO

SU

BSE

T-11

4S

UBS

ET-

137

SU

BSE

T-11

4S

UBS

ET-

137

NationalSystem(*)

or

SUB

SET-

101

SUBSET-036 SUBSET-044



SUB

SET-

035

SU

BS

ET-

056

SU

BS

ET-

057

SUB

SET-

058

Control Centre

PKI

SU

BSE

T-13

7

SUBSET-137

SUBSET-137


Figure 1: ERTMS/ETCS system and its interfaces

2.5.3.1 Note: the entities inside the ERTMS/ETCS on-board equipment box are shown only to highlight the scope of the interfaces that are specified in the TSI CCS annex A.

System under Consideration

17

IM engineering, logistics, planning

and operations back room

systems

IM business systems

Operators and fleet maintainers

Train Fleetoperating

Systems(non signalling)Signalling system (trackside)

External parties

Traffic Control regionTraffic Control region

Financial Human Resources

Billing Customer portal

Engineering

System Test Labs

Traffic Control region

InterlockingInterlocking

ATP

Traffic Control

CommsInterlocking

Trackside unitsTrackside

unitsTrackside unitsTrackside

unitsTrackside unitsTrackside

units

Onboard Onboard

Onboard Onboard Base

station

Staff Rostering

Enterprise systemsOperational systems

Operations planning

Operations Recovery

System Control centers

Traction power

systems

Station systems

Maintenance Contractors

Maintenance systems

Fleet planning

Operations networks Engineering networks

Enterprise networks

GSM-R

Passenger Information

systems

Comms, CCTV, Train

radio

Level crossings

Building systems

Bridges, Tunnels

Timetable planning Procurement

Maintenance

Suppliers

Engineering contractors

Customer portal

IT Support

Office automation

Others…..

Onboard systemsOnboard systems

Onboard systems

Asset management

Project delivery

Others….

Key management

Others….Others….

Emergency services

Others….

Multiple trains

Onboard systems

DoorsBraking

Traction

Climate

PA, CommsPublic WiFi

MonitoringSignalling

Radio

Onb

oard

net

wor

ks

Etc….

Internet

Internet

Internet

18

IP protocol stack

ERTMS protocol stack

Subset 026

Subset 037(SaPDU structure)

Subset 037

Subset 037(x.224)

Subset 037(x.70)

Subset 037(x.25)

header application InformationApplication PDU

user dataSaPDUheader

1MAC

8

L4: TSDU

first segment123 octets

header5

TPDUlast segment<= 123 octets

header5

flag1

address1

control2

data<=34

FCS2

flag1

header2

First segment32

header2

last segment<=32

L3: NPDU

L2: HDLC frame

IT v OT(Information Technology v Operational Technology)

Http, HTTPS, FTP,SMTP etc

TCP

IP

Network Interface

Application Layer

Transport Layer

Internet Layer

Network Access Layer

• International standard• Millions of applications• Off the shelf

Versiedatum 30-09-202019

Management Systems

ISO 2700 seriesIEC 62443 seriesNIST

Risk Based cyber security management(cyber security is not part of safety management system)

20

ISO 27000 seriesVocabulary Standards

Requirements Standards

Guideline Standards

Sector Specific guidelines &

Standards

27000Overview & Vocabulary

27001ISMS

27006Auditing bodies

27009Create sector specific

27002controls

27003Guidance on ISMS

27004Monitoring ISMS

27005Risk Management

27007ISMS auditing

2701327001 v 20000

27014Governance

27016economics

27010Information sharing

27011Telecoms

27017Cloud services

27018Cloud Privacy

27019Energy

27015Financials

21

ISO 27000 seriesVocabulary Standards

Requirements Standards

Guideline Standards

Sector Specific guidelines &

Standards

27000Overview & Vocabulary

27006Auditing bodies

27009Create sector specific

27002controls

27003Guidance on ISMS

27004Monitoring ISMS

27005Risk Management

27007ISMS auditing

2701327001 v 20000

27014Governance

27016economics

27010Information sharing

27011Telecoms

27017Cloud services

27018Cloud Privacy

27019Energy

27015Financials

27001ISMS

22

IEC 62443

IEC 62443-2-4:2015+AMD1:2017 CSV – 5 – © IEC 2017

INTRODUCTION

This standard is the part of the IEC 62443 series that contains security requirements for providers of integration and maintenance services for Industrial Automation and Control Systems (IACS). It has been developed by IEC Technical Committee 65 in collaboration with the International Instrumentation Users Association, referred to as the WIB from its original and now obsolete Dutch name, and ISA 99 committee members.

Figure 1 illustrates the relationship of the different parts of IEC 62443 being developed. Those that are normatively referenced are included in the list of normative references in Clause 2, and those that are referenced for informational purposes or that are in development are listed in the Bibliography.

Figure 1 – Parts of the IEC 62443 Series

IEC

IEC 62443-1.1 IEC TR-62443-1.2 IEC 62443-1.3 IEC TR-62443-1.4

IEC 62443-2.1 IEC TR-62443-2.2 IEC TR-62443-2.3 IEC 62443-2.4

IEC TR-62443-3.1 IEC 62443-3.2 IEC 62443-3.3

IEC 62443-4.1 IEC 62443-4.2

Com

pone

nt

Syst

em

Polic

ies

and

proc

edur

es

Gen

eral

Terminology, concepts and models

Security program requirements for

IACS service providers

Master glossary of terms and abbreviations

System security compliance metrics

IACS security lifecycle and use-case

Requirements for an IACS security

management system

Implementation guidance for an IACS security management system

Patch management in the IACS environment

Security technologies for IACS

Security levels for zones and conduits

System security requirements and

security levels

Product development requirements

Technical security requirements for IACS

components

This is a preview - click here to buy the full publication

23

IEC 62443

IEC 62443-2-4:2015+AMD1:2017 CSV – 5 – © IEC 2017

INTRODUCTION

This standard is the part of the IEC 62443 series that contains security requirements for providers of integration and maintenance services for Industrial Automation and Control Systems (IACS). It has been developed by IEC Technical Committee 65 in collaboration with the International Instrumentation Users Association, referred to as the WIB from its original and now obsolete Dutch name, and ISA 99 committee members.

Figure 1 illustrates the relationship of the different parts of IEC 62443 being developed. Those that are normatively referenced are included in the list of normative references in Clause 2, and those that are referenced for informational purposes or that are in development are listed in the Bibliography.

Figure 1 – Parts of the IEC 62443 Series

IEC

IEC 62443-1.1 IEC TR-62443-1.2 IEC 62443-1.3 IEC TR-62443-1.4

IEC 62443-2.1 IEC TR-62443-2.2 IEC TR-62443-2.3 IEC 62443-2.4

IEC TR-62443-3.1 IEC 62443-3.2 IEC 62443-3.3

IEC 62443-4.1 IEC 62443-4.2

Com

pone

nt

Syst

em

Polic

ies

and

proc

edur

es

Gen

eral

Terminology, concepts and models

Security program requirements for

IACS service providers

Master glossary of terms and abbreviations

System security compliance metrics

IACS security lifecycle and use-case

Requirements for an IACS security

management system

Implementation guidance for an IACS security management system

Patch management in the IACS environment

Security technologies for IACS

Security levels for zones and conduits

System security requirements and

security levels

Product development requirements

Technical security requirements for IACS

components

This is a preview - click here to buy the full publication

24

Business Enterprise zone(IT for Planning,Logistics, Sales, Engineering, Finance, HR etc..)

Control zone(Operating technology –

Signaling, traction, Building systems, traffic control etc..)

e.g. ISO 2700x

EN TS

50701Railway System

IEC 62443IACS

NIS

Dire

ctiv

e

Enterprise systems

Operational systems

Systems Standards Legislation

Impl

emen

tatio

n of

25

Railw

ay S

igna

lling

Cybe

r Sec

urity

Concept

ManufactureDesign and Implementation

Architecture

Requirements

Risk analysis

System definition operational context

Acceptance

Validation

Integration

Operation and maintenance Scope: Signalling system

Process: SMS - Safety Management System, Systems Engineering

Focus: (Safety) risk management, Safe operational performance of the railway signalling system

Technology: OT, with increasing IT

Risk Analysis Addressing risk with CSMS

Monitoring and improving the CSMS

Scope: Business systems (Operational systems and Enterprise systems)

Process: CSMS - Cyber Security Management System

Focus: (Security) risk management, Cyber Security Risk, business continuity

Technology: IT

Signalling development lifecycle

(duration measured in years):

Cybersecurity management(duration measured in days / weeks):

Characteristics

Characteristics

EN TS 50701

26

NIST

27

NIST NIST Special Publication 800-82 Revision 2

Guide to Industrial Control Systems (ICS) Security

Supervisory Control and Data Acquisition (SCADA) Systems, Distributed Control Systems (DCS), and Other Control System Configurations such as Programmable Logic Controllers (PLC)

Keith Stouffer Victoria Pillitteri

Suzanne Lightman Marshall Abrams

Adam Hahn

http://dx.doi.org/10.6028/NIST.SP.800-82r2 7KLV�SXEOLFDWLRQ�LV�DYDLODEOH�IUHH�RI�FKDUJH�IURP�

28






Adam Hahn


Federal Information Processing Standards

(FIPS)


(FIPS)


(FIPS)


(FIPS)


(FIPS)

29






Adam Hahn



(FIPS)


(FIPS)


(FIPS)


(FIPS)


(FIPS)

30

Cryptography

XOR0 0 00 1 11 0 11 1 0

The science of passing information over an unsecure communications channel

31

Cifer

Message

Cipher text

Key

Decr

yptio

n

Encr

yptio

n

32

Caesar

A

C

Key

Message

Cipher text

Caesar Cipher

33

Caesar

A

C

Key

Key =2

A B C D E F ….

A B C D E F ….

Attack

Cvvcem

Message:

Cifer text:

Message

Cipher text

Caesar Cipher

Limitations:• Key size = 26 (circa 25)• Deterministic• One character at a

time

34

DESKK

Cipher text

64 bit

64 bit

64 bit

Message DES(Data Encryption Standard)

35

DESKK

Message (64 bit)

Initial Permutation

Li

F

Cipher text

64 bit

64 bit

64 bit

Message

Ri

32 bit 32 bit

P(K)

Round 1

Li+1 Ri+1

Ciphertext block (64 bit)

Initial Permutation-1

Repeat another 15 rounds

DES(Data Encryption Standard)

Limitations:• Key size = 256

• Deterministic• Short messages

36

DESKK

Cipher text

64 bit

64 bit

64 bit

DES k DES k DES k

Cipher text

DES ECB(Electronic Code Book)

Message


• Deterministic

X 1 X 2 X 3 X 4

H 1 H 2 H 3 H 4

37

DESKK

Cipher text

64 bit

64 bit

64 bit

DES k DES k DES k

Message DES CBC(Cipher Block Chain)


X 1 X 2 X 3 X 4

H 1 H 2 H 3 CBC MAC

38

DESK1K1

64 bit

192 bitTriple Key

64 bit

Message

DES k1 DES k1

X 1

DES k1

DES-1 k2

DES k3

K2K3

Triple DES CBC mode(Cipher Block Chain)

X 2 X 3 X 4

H 1 H 2 H 3

CBC MAC

39

Subset 37

© This document has been developed and released by UNISIG

SUBSET-037 v3.2.0

EuroRadio FIS Page 34/126

7.2 Safety protocol

7.2.1 Introduction

7.2.1.1 This section provides a precise specification of the safety protocol taking into account the CENELEC standard EN 50159. The method used in the SFM corresponds to the A1 type in EN 50159: cryptographic safety code using secret key.

7.2.2 Generic MAC-Calculation

7.2.2.1 The computation of the MAC in all cases is according to [ISO/IEC 9797-1]. The block cipher used is the single DES with modified MAC algorithm 3, where the last data block in the MAC computation will be computed as encipher with K1, decipher with K2, then encipher with K3 (this is a modification of ISO 9797-1 which uses only two keys, K and K''). ISO 9797-1 Padding Method 1 is used.

7.2.2.2 The CBC-MAC is a value of 64 bits calculated on a message “m” using three 64-bit DES keys.

7.2.2.3 To calculate the CBC-MAC on a value X, the length in bits of the value must be a multiple of 64. If necessary, i.e. if the length of a message m in bits is not a multiple of 64, padding is performed prior to the computation of the CBC-MAC. As few zero bits as needed (possibly none) are added at the end of the message m to obtain a multiple of 64 bits. The padding data p is used for CBC-MAC calculation only. It does not become part of the message.

7.2.2.4 The CBC-MAC (K, X) function using a secret triple-key K and the value X = m | p is defined as follows:

7.2.2.5 Let K = K1 | K2 | K3 be a triple-key and K1, K2, K3 its DES-keys, let X be constituted by the 64-bit blocks X1 | X2 | ... | Xq. Let E(Kn,X) be a block cipher function, single DES in CBC mode, enciphering the data string X using the key Kn (n є {1,2,3}). Let E-1(Kn,X) be a single DES block decipher function, deciphering the data string X using the key Kn (n є {1,2,3}). Let � be the XOR-operation. Then, CBC-MAC is derived by the following iteration:

7.2.2.6 The initial value H0 is of length 64 bits, all bits are of value “0”. H0 is not enciphered before first usage,

7.2.2.7 Hi = E(K1,Hi-1 � Xi), i = 1,2,…, q-1, Hq = E(K3,E-1 (K2, E(K1,Hq-1 � Xq)))

7.2.2.8 The CBC-MAC calculated on the message m is then equal to Hq.

7.2.2.9 An informative example is given in ANNEX E.

7.2.3 Functions of the safety layer

7.2.3.1 The safety layer provides the safe transfer of user data. This includes the establishment and release of the safety connection.

7.2.3.2 Safety procedures

40

An Attack Against Message Authentication in the ERTMSTrain to Trackside Communication Protocols

Tom ChothiaUniversity of Birmingham

Birmingham, [email protected]

Mihai OrdeanUniversity of Birmingham


Joeri de RuiterRadboud University

Nijmegen, [email protected]

Richard J. ThomasUniversity of Birmingham


ABSTRACTThis paper presents the results of a cryptographic analysisof the protocols used by the European Rail Traffic Manage-ment System (ERTMS). A stack of three protocols securesthe communication between trains and trackside equipment;encrypted radio communication is provided by the GSM-Rprotocol, on top of this the EuroRadio protocol providesauthentication for a train control application-level proto-col. We present an attack which exploits weaknesses in allthree protocols: GSM-R has the same well known weak-nesses as the GSM protocol, and we present a new collisionattack against the EuroRadio protocol. Combined with de-sign weaknesses in the application-level protocol, these vul-nerabilities allow an attacker, who observes a MAC collision,to forge train control messages. We demonstrate this at-tack with a proof of concept using train control messages wehave generated ourselves. Currently, ERTMS is only usedto send small amounts of data for short sessions, thereforethis attack does not present an immediate danger. However,if EuroRadio was to be used to transfer larger amounts ofdata trains would become vulnerable to this attack. Addi-tionally, we calculate that, under reasonable assumptions,an attacker who could monitor all backend control centresin a country the size of the UK for 45 days would have a 1%chance of being able to take control of a train.

1. INTRODUCTIONThe European Rail Traffic Management System (ERTMS)

Standard provides a suite of protocols used to deliver next-generation train management and signalling.1 This standardis designed with the intention to enable trains to interoper-ate across borders and optimise the running operation of

1http://www.ertms.net/

Permission to make digital or hard copies of all or part of this work for personal orclassroom use is granted without fee provided that copies are not made or distributedfor profit or commercial advantage and that copies bear this notice and the full citationon the first page. Copyrights for components of this work owned by others than theauthor(s) must be honored. Abstracting with credit is permitted. To copy otherwise, orrepublish, to post on servers or to redistribute to lists, requires prior specific permissionand/or a fee. Request permissions from [email protected] ’17, April 02 - 06, 2017, Abu Dhabi, United Arab Emirates.c© 2017 Copyright held by the owner/author(s). Publication rights licensed to ACM.

ISBN 978-1-4503-4944-4/17/04. . . $15.00.DOI: http://dx.doi.org/10.1145/3052973.3053027

railways. At present, the system is being rolled out acrossEurope and also on high-speed lines around the world.ERTMS is formed of three core communication layers:

GSM-R, EuroRadio and the Application Layer protocol (seeFigure 1). The EuroRadio and the Application Layer proto-cols form ETCS, the European Train Control System. Thelowest layer of the stack, GSM-R, is a rail-specific variantof the GSM protocol, used for communications between thetrain and trackside infrastructure. EuroRadio, the middlelayer, provides authentication and integrity of messages sentbetween the train and track side components using crypto-graphic MACs. The Application Layer protocol is the high-est layer of the stack; this is a stateful protocol that includestimestamps and message acknowledgements to prevent thereplay of messages and ensure successful communication.In this paper, we present the results of a cryptographic

analysis of the ERTMS communication stack, in which wedetermined whether arbitrary, unauthorised messages canbe sent to trains or trackside equipment. We show that onesuch attack is possible and give details on the exact circum-stances which would allow it to happen. We also proposeseveral solutions to mitigate this vulnerability.The MAC algorithm used in EuroRadio is a modified ver-

sion of the ISO 9797-1 MAC Algorithm 3 [13, 23], a standardwhich was introduced in 2011. The ISO algorithm is a CBC-MAC that uses a single DES transformation for all but thelast block, which is encrypted using triple DES (3DES) usingtwo different keys. The use of only two keys for the 3DESoperation is a potential weakness, so EuroRadio uses tripleDES (3DES), with 3 distinct keys, for this final block.As with any 64-bit MAC, it is possible for collisions to

occur, i.e., two different messages may have the same MACfor a particular key. Such a collision is unlikely (requiring229 messages for a 1% chance) however an attacker that canwait long enough will eventually observe one. A well de-signed protocol should not be vulnerable to an attacker thatobserves colliding MACs. However, we show in Section 4that in the case of EuroRadio that such a collision can beused to retrieve the first of the three DES keys using brute-force.Establishing one of the keys used by the MAC should

not pose an immediate threat to the integrity of the pro-tocol, as the final transformation when generating a MACinvolves a 3DES encryption with three distinct keys. Anattacker, therefore, cannot simply generate a valid MAC

41

SOC - IOC

Security Operations CenterIndicator of Compromise

detection processes and procedures …. to ensure timely and adequate awareness of anomalous events

(EC 2018/151 – applies to digital service providers not OED, but a good read in any case….)

42

IOC: What does suspicious look like?

User OtherQuestion

Answer


Probably OK

43

IOC: What does suspicious look like?

User Other

User Other

Answer


Probably OK

Suspicious

Question

Answer

44

IOC: What does suspicious look like? IT

User Other

User Other

Answer


Probably OK

Suspicious

• State firewalls• HTTP not port 80 • HTTPS not port 443• Doom FPS not port 666• User / application mismatch• Transfer of sensitive data• Use profiles• Network traffic anomalies

Question

Answer

45

IOC: What does suspicious look like? Signalling

46


ERTMS L1 & L2

Transition L2 à L1

Probably OK

47


ERTMS L1 & L2

Transition L2 à L1

ERTMS L2 only

Transition L2 à L1

Probably OK

Suspicious

48


• Incoming call from German SIM ?• Incoming call from Germany ?• RBC calling Thailand ?• Interlocking operating unused o/p ?• Data from unused i/p ?• Multiple failed login attempts ?• Unusual delay in transmission ?

Complications:• Custom monitoring tool• Use case to be defined• Data from multiple companies

49

Challenges

• Identification of IOC• Collecting the necessary data (across companies)• SOC (scope, location, management, cost, …..)• Incident response (procedures, escalation)

• Biggest challenge – The Mindset

50



Risk Management



CSMS/ISMS includes



IOC



Cryptography - 3DES



Attackers exploit

51

Questions..

Nederland

Einde

signalling and cyber security - irse nederland...component iec 62443-4.1 iec 62443-4.2 system...

Documents