Key Vulnerabilities of Industrial Automation and Control Systems and Actions to Prevent Cyber-Attacks

Isidro Calvo, Ismael Etxeberria-Agiriano, Miguel A Iñigo, Pablo González-Nalda


Until recently, Industrial Automation and Control Systems (IACS) were largely isolated from corporate systems by means of proprietary protocols, which facilitated their protection against cyber-attacks under the principle of security through obscurity. However, the widespread adoption of the new communication technologies, such as the Internet protocols and wireless communications has changed this scenario.

During recent years there have been many evidences of cyber-attacks to IACS that exploit their vulnerabilities. Unfortunately, these attacks have increased significantly during the last five years, and we should be aware that only the tip of the iceberg comes to the public knowledge.

The purpose of this article is twofold: (1) to raise awareness about the security vulnerabilities that most companies are facing at their IACS and (2) to set a starting point by proposing a roadmap that seeks to guide designers and programmers in the new and complex world of industrial cyber-security.


Cyber-security, Cyber-attacks, Vulnerabilities, Industrial Automation, Industrial Communications

Full Text:


International Journal of Online and Biomedical Engineering (iJOE) – eISSN: 2626-8493
Creative Commons License
Scopus logo Clarivate Analyatics ESCI logo IET Inspec logo DOAJ logo DBLP logo EBSCO logo Ulrich's logo Google Scholar logo MAS logo