Traditional perimeter-based security models, which implicitly trust internal networks, are vulnerable to modern cyber threats such as ransomware and credential misuse, allowing lateral movement and large-scale breaches. Zero Trust Architecture (ZTA) mitigates these risks by enforcing continuous authentication and least-privilege access for all devices. However, organizations face challenges in adopting ZTA without disrupting operations or incurring high costs, and existing research lacks actionable guidance. Through extensive literature analysis, semi-structured interviews with diverse organizational staff, and evaluation of Zero Trust maturity across seven pillars, this article proposes a practical, phased roadmap tailored to the needs of an organization. The approach prioritizes operational continuity and minimizes implementation barriers, enabling robust and sustainable cybersecurity.

Industry 4.0 and 5.0 offer a promising framework for connecting electro-mechanical systems to cyberspace, enabling real-time access, telecontrol, human-machine collaboration, and intelligent automation of industrial operations. While horizontal and vertical interoperability serve as critical enablers of this ecosystem, heterogeneity among entities and the lack of standardized governance in interoperability allow cybercriminals to exploit structural vulnerabilities. These weaknesses and unknown bugs provide avenues for cyber-attackers to breach systems, conduct espionage, sabotage assets, and extort organizations, threatening IT and OT infrastructures, finances, reputations, and even human lives. This survey paper discusses cybersecurity and privacy threats within the Industry 4.0 and 5.0 ecosystems, their potential impact on industrial processes and peripherals, and the security challenges associated with the transition from Industry 4.0 to 5.0. To identify research gaps and vulnerabilities, we examine the architecture and components of diverse industrial frameworks and establish functional mappings using IIRA and RAMI models. Following a comprehensive threat modeling approach, we present a layered taxonomy of cyber-threats, classified based on their nature, behavior, and execution characteristics. To assist network administrators and security professionals, we propose a threat prioritization framework based on likelihood, detectability, impact severity, and operational consequences. Furthermore, we outline perspective-based cybersecurity challenges that expose deficiencies in current protective measures. As countermeasures, we advocate for AI-driven, blockchain-enabled, edge-computing-based, and privacy-preserving security solutions to defend against threats and mitigate potential damages. We also elaborate on key standardization initiatives, nation-specific privacy regulations, and ongoing research efforts focused on safeguarding the security and privacy of Industry 4.0 and beyond. The paper concludes by summarizing key lessons learned, identifying unresolved research questions, and suggesting future directions for a secure and resilient Industry 5.0 paradigm.

Current Air Traffic Management (ATM) systems are undergoing significant evolution due to increased traffic volumes, the introduction of diverse airborne systems such as Unmanned Aerial Vehicles (UAVs), technological advancements, and the potential to optimize operations through data-driven approaches. These advancements offer benefits in terms of efficiency, safety, and sustainability, but they also expose the systems to heightened cybersecurity risks. This paper analyzes the Security Risk Assessment Methodology (SecRAM) proposed by SESAR, focusing specifically on its use of complementary catalogs of threats and vulnerabilities. By validating the SecRAM approach in a contemporary ATM scenario, this paper identifies gaps in the framework that could be addressed to better meet the security needs of a modern and complex ATM ecosystem. Finally, this work proposes a set of enhancements to the SecRAM catalogs that will enable security professionals to design and develop secure and resilient modern ATM environments.

This exercise validated an enhanced Attack Simulator that strengthens ATCOs cybersecurity awareness and response to ADS-B threats through realistic, simulation-based training. The research assessed the Attack Simulator's effectiveness in improving ATCOs' cyberattack recognition/response and to evaluate behavioural and performance changes pre-and post-knowledge transfer.

Controller Pilot Data Link Communications (CPDLC) enhances air traffic communication by replacing traditional voice transmissions with digital messages over Very High Frequency (VHF) radio systems. This transition improves communication resilience by providing clear, text-based instructions that reduce misunderstandings and increase bandwidth efficiency by enabling more data to be transmitted simultaneously. It benefits congested airspace by reducing radio frequency congestion and minimizing communication errors. However, due to the plain-text nature of its messages, CPDLC faces significant security challenges, making it vulnerable to cyber-attacks such as eavesdropping, modification, injection, and man-in-the-middle (MITM) attacks. This vulnerability allows motivated attackers to intercept CPDLC messages using inexpensive devices like Software-Defined Radio (SDR), HACKRF-one, and an antenna. Such breaches can lead to fatal safety incidents, severely impacting passengers and the aviation industry. To address this, we proposed a robust security framework for securing CPDLC communication by implementing critical measures, including mutual authentication, secure key establishment, and handover. The proposed framework has been tested on hardware to verify its effectiveness in practical scenarios, ensuring it aligns with existing CPDLC standards and integrates seamlessly into current systems without impacting operational efficiency. Our findings indicate that the proposed security framework enhances CPDLC's defenses against potential cyber threats while maintaining system performance, making it feasible to protect global air traffic communications.

Cybersecurity assessments are critical for ensuring that security measures in organizational infrastructures, systems, and applications meet necessary requirements. Given the significant HTTPS vulnerabilities exposed in recent years, assessing HTTPS deployments is increasingly important. However, there has been no systematic literature review (SLR) comparing different cybersecurity assessment methods specifically for HTTPS deployment security issues. This study aims to address this gap by identifying, analyzing, and comparing various HTTPS deployment assessment methods documented in scientific literature. Our approach involved a structured research methodology with specific inclusion and exclusion criteria for selecting relevant methods. The review utilizes 16 comparison metrics, divided into two categories: critical security metrics, focusing on assessment metrics adopted and the number of vulnerabilities evaluated by each method, and additional metrics assessing the methods’ applicability and effectiveness in real-world scenarios. The findings indicate varied adoption rates of these metrics among the reviewed cybersecurity assessment methods, highlighting the absence of a standardized approach using common, well-defined security metrics for HTTPS deployment assessment. In contrast, merging all the comparison metrics outlined in this review would enable a more in-depth assessment of HTTPS deployment security issues, enhance the quality of reported results, and lead to the development of a more practical assessment method.

In today’s digital world, passwords are the keys that unlock our online lives, keeping our social media, financial accounts, and streaming services secure. However, creating strong passwords that are easy to remember is hard. Often an individual’s language and cultural background influence password creation, which an attacker can exploit. This paper examines the importance of the User Context Bias (UCB) on Swedish passwords, versus international passwords stemming from multiple languages and cultures. This is done by employing four different password-cracking tools; Probabilistic Context Free Grammar (PCFG), Ordered Markov Enumerator (OMEN), Odinn, and Hashcat. The findings reveal that all the tools are able to crack a higher percentage of passwords when attacking those created by Swedish natives compared to their international counterparts. PCFG, in particular, is nearly twice as effective as the other tools against Swedish passwords after just 10,000 guesses, while OMEN is the best against Swedish passwords after 5 million guesses.

The worldwide implementation of Remote Identification (RID) regulations mandates unmanned aircraft systems (UAS), or drones, to openly transmit their identity and real-time location as plain text on the wireless channel. This mandate serves the purpose of accounting for and monitoring drone operations effectively. However, the current RID standard's plain-text transmission exposes it to cyberattacks, including eavesdropping, injection, and impersonation. The Drone Remote Identification Protocol (DRIP) has been proposed to enhance the security of RID. The DRIP ensures information secrecy and confidentiality by using unique session keys while guaranteeing the authenticity of messages and entities through digital signatures. These security features of DRIP make it a preferable alternative to the existing RID standard. However, the lack of verification regarding its security claims raises concerns about its performance in hostile conditions. This paper comprehensively analyzes the DRIP protocol's security features using Tamarin Prover, a formal security verification tool. With its automated reasoning capabilities, Tamarin Prover accurately identifies potential security vulnerabilities within the DRIP protocol while thoroughly verifying its conformance to security properties. Our investigation demonstrates that the DRIP protocol is susceptible to replay attacks. We strongly recommend the inclusion of message freshness components, reducing the lifespan of DET broadcasts, and incorporating a not-after timestamp that is set only a few minutes ahead of the current time. These measures enhance the protocol's defence against replay attacks and ensure message authenticity and Integrity.

Generative adversarial networks (GANs), a category of deep learning models, have become a cybersecurity concern for wireless communication systems. These networks enable potential attackers to deceive receivers that rely on convolutional neural networks (CNNs) by transmitting deceptive wireless signals that are statistically indistinguishable from genuine ones. While GANs have been used before for digitally modulated single-carrier waveforms, this study explores their applicability to model filtered multi-carrier waveforms, such as orthogonal frequency-division multiplexing (OFDM), filtered orthogonal FDM (F-OFDM), generalized FDM (GFDM), filter bank multi-carrier (FBMC), and universal filtered MC (UFMC). In this research, an evasion attack is conducted using GAN-generated counterfeit filtered multi-carrier signals to trick the target receiver. The results show that there is a remarkable 99.7% probability of the receiver misclassifying these GAN-based fabricated signals as authentic ones. This highlights the need for urgent investigation into the development of preventive measures to address this concerning vulnerability.

The L-band Digital Aeronautical Communications System (LDACS) is a key advancement for next-generation aviation networks, enhancing Communication, Navigation, and Surveillance (CNS) capabilities. It operates with VHF Datalink mode 2 (VDLm2) and features a seamless handover mechanism to maintain uninterrupted communication between aircraft and ground stations (GSs), improving safety and efficiency in air traffic management (ATM). However, LDACS’ handover process encounters significant security risks due to inadequate authentication and key agreement between aircraft and ground station controllers (GSCs) during handovers. This vulnerability threatens communications’ confidentiality, integrity, and authenticity, posing risks to flight safety and sensitive data. Therefore, developing and implementing a robust security framework to protect aviation communications is essential. In response, we have proposed a security solution specifically designed to protect LDACS handovers. Our solution uses a mutual authentication and key agreement mechanism tailored for LDACS handovers, ensuring robust security for all types of handovers, including Intra GSC - Intra Aeronautical Telecommunication Network (ATN), Inter GSC - Intra ATN, and Inter GSC - Inter ATN. Our approach utilizes post-quantum cryptography to protect aviation communication systems against potential post-quantum threats, such as unauthorized access to flight data, interception of communication, and spoofing of aircraft identity. Furthermore, our proposed solution has undergone a thorough informal security analysis to ensure its effectiveness in addressing handover challenges and offering robust protection against various threats. It seamlessly integrates with the LDACS framework, delivering low Bit Error Rate (BER) and latency levels, making it a highly reliable approach in practice.