Traditional perimeter-based security models, which implicitly trust internal networks, are vulnerable to modern cyber threats such as ransomware and credential misuse, allowing lateral movement and large-scale breaches. Zero Trust Architecture (ZTA) mitigates these risks by enforcing continuous authentication and least-privilege access for all devices. However, organizations face challenges in adopting ZTA without disrupting operations or incurring high costs, and existing research lacks actionable guidance. Through extensive literature analysis, semi-structured interviews with diverse organizational staff, and evaluation of Zero Trust maturity across seven pillars, this article proposes a practical, phased roadmap tailored to the needs of an organization. The approach prioritizes operational continuity and minimizes implementation barriers, enabling robust and sustainable cybersecurity.

Industry 4.0 and 5.0 offer a promising framework for connecting electro-mechanical systems to cyberspace, enabling real-time access, telecontrol, human-machine collaboration, and intelligent automation of industrial operations. While horizontal and vertical interoperability serve as critical enablers of this ecosystem, heterogeneity among entities and the lack of standardized governance in interoperability allow cybercriminals to exploit structural vulnerabilities. These weaknesses and unknown bugs provide avenues for cyber-attackers to breach systems, conduct espionage, sabotage assets, and extort organizations, threatening IT and OT infrastructures, finances, reputations, and even human lives. This survey paper discusses cybersecurity and privacy threats within the Industry 4.0 and 5.0 ecosystems, their potential impact on industrial processes and peripherals, and the security challenges associated with the transition from Industry 4.0 to 5.0. To identify research gaps and vulnerabilities, we examine the architecture and components of diverse industrial frameworks and establish functional mappings using IIRA and RAMI models. Following a comprehensive threat modeling approach, we present a layered taxonomy of cyber-threats, classified based on their nature, behavior, and execution characteristics. To assist network administrators and security professionals, we propose a threat prioritization framework based on likelihood, detectability, impact severity, and operational consequences. Furthermore, we outline perspective-based cybersecurity challenges that expose deficiencies in current protective measures. As countermeasures, we advocate for AI-driven, blockchain-enabled, edge-computing-based, and privacy-preserving security solutions to defend against threats and mitigate potential damages. We also elaborate on key standardization initiatives, nation-specific privacy regulations, and ongoing research efforts focused on safeguarding the security and privacy of Industry 4.0 and beyond. The paper concludes by summarizing key lessons learned, identifying unresolved research questions, and suggesting future directions for a secure and resilient Industry 5.0 paradigm.

Current Air Traffic Management (ATM) systems are undergoing significant evolution due to increased traffic volumes, the introduction of diverse airborne systems such as Unmanned Aerial Vehicles (UAVs), technological advancements, and the potential to optimize operations through data-driven approaches. These advancements offer benefits in terms of efficiency, safety, and sustainability, but they also expose the systems to heightened cybersecurity risks. This paper analyzes the Security Risk Assessment Methodology (SecRAM) proposed by SESAR, focusing specifically on its use of complementary catalogs of threats and vulnerabilities. By validating the SecRAM approach in a contemporary ATM scenario, this paper identifies gaps in the framework that could be addressed to better meet the security needs of a modern and complex ATM ecosystem. Finally, this work proposes a set of enhancements to the SecRAM catalogs that will enable security professionals to design and develop secure and resilient modern ATM environments.

Virtual Private LAN Service (VPLS) is commonly used for secure multi-point communication across geographically scattered industrial sites, simulating a unified LAN broadcast domain for Industrial IoT (IIoT)-type devices. This configuration demands a fully-connected overlay network with encrypted Host Identity Protocol (HIP)/IPsec tunnels exhibiting quadratic scalability to the number of tunnels and a significant increase in forwarding table entries. Herein, we introduce Tunnel Relay Nodes (TRNs) as selected routers that maintain full-mesh connectivity. This approach allows non-TRN routers, or Provider Equipment (PEs) acting as spoke PEs, to connect via a TRN. We explore the challenges of using TRNs in secure HIP-based VPLS (HIPLS) networks, including (i) placing reliable TRNs within provider networks and (ii) scheduling TRNs to minimize their activation/deactivation costs as well as the connection cost among PEs. We then demonstrate how (i) can be addressed in polynomial time using a modified general median problem approach. Additionally, we formulate (ii) as a Mixed Integer Linear Programming (MILP) scheduling problem and prove its NP-completeness. Furthermore, we introduce an algorithm based on Lagrangian relaxation to address the intractability in large-scale deployments. This algorithm offers fast, near-optimal solutions while simultaneously balancing solution quality and execution time. Our simulations on three real-world network topologies with real network demands show a 92% average reduction in forwarding table entries on PE. Compared to existing solutions, our method reduces the number of tunnels established by up to 95%, at the expense of a 1.39-fold increase in tunnel path length.

This exercise validated an enhanced Attack Simulator that strengthens ATCOs cybersecurity awareness and response to ADS-B threats through realistic, simulation-based training. The research assessed the Attack Simulator's effectiveness in improving ATCOs' cyberattack recognition/response and to evaluate behavioural and performance changes pre-and post-knowledge transfer.

Controller Pilot Data Link Communications (CPDLC) enhances air traffic communication by replacing traditional voice transmissions with digital messages over Very High Frequency (VHF) radio systems. This transition improves communication resilience by providing clear, text-based instructions that reduce misunderstandings and increase bandwidth efficiency by enabling more data to be transmitted simultaneously. It benefits congested airspace by reducing radio frequency congestion and minimizing communication errors. However, due to the plain-text nature of its messages, CPDLC faces significant security challenges, making it vulnerable to cyber-attacks such as eavesdropping, modification, injection, and man-in-the-middle (MITM) attacks. This vulnerability allows motivated attackers to intercept CPDLC messages using inexpensive devices like Software-Defined Radio (SDR), HACKRF-one, and an antenna. Such breaches can lead to fatal safety incidents, severely impacting passengers and the aviation industry. To address this, we proposed a robust security framework for securing CPDLC communication by implementing critical measures, including mutual authentication, secure key establishment, and handover. The proposed framework has been tested on hardware to verify its effectiveness in practical scenarios, ensuring it aligns with existing CPDLC standards and integrates seamlessly into current systems without impacting operational efficiency. Our findings indicate that the proposed security framework enhances CPDLC's defenses against potential cyber threats while maintaining system performance, making it feasible to protect global air traffic communications.

Cybersecurity assessments are critical for ensuring that security measures in organizational infrastructures, systems, and applications meet necessary requirements. Given the significant HTTPS vulnerabilities exposed in recent years, assessing HTTPS deployments is increasingly important. However, there has been no systematic literature review (SLR) comparing different cybersecurity assessment methods specifically for HTTPS deployment security issues. This study aims to address this gap by identifying, analyzing, and comparing various HTTPS deployment assessment methods documented in scientific literature. Our approach involved a structured research methodology with specific inclusion and exclusion criteria for selecting relevant methods. The review utilizes 16 comparison metrics, divided into two categories: critical security metrics, focusing on assessment metrics adopted and the number of vulnerabilities evaluated by each method, and additional metrics assessing the methods’ applicability and effectiveness in real-world scenarios. The findings indicate varied adoption rates of these metrics among the reviewed cybersecurity assessment methods, highlighting the absence of a standardized approach using common, well-defined security metrics for HTTPS deployment assessment. In contrast, merging all the comparison metrics outlined in this review would enable a more in-depth assessment of HTTPS deployment security issues, enhance the quality of reported results, and lead to the development of a more practical assessment method.

In this paper, we analyze the performance of a wireless caching system with heterogeneous traffic and relaying capabilities satisfying secrecy constraints for one of two receiving users. In this setup, the second user has no secrecy requirements and receives cacheable content either from the relay helper or the core network through a wireless base station. The wireless relay helper can assist both users since it is equipped with finite storage that is split into cacheable and non-cacheable storage. Concurrently, a passive eavesdropper tries to overhear transmissions to the user with secrecy requirements. Consequently, we examine how this relay’s storage split and the eavesdropper affect the performance of the average throughput and delay of the system as the transmission powers, the relay’s transmission probability, and the relay’s cache size vary. © 2023 IEEE.

In today’s digital world, passwords are the keys that unlock our online lives, keeping our social media, financial accounts, and streaming services secure. However, creating strong passwords that are easy to remember is hard. Often an individual’s language and cultural background influence password creation, which an attacker can exploit. This paper examines the importance of the User Context Bias (UCB) on Swedish passwords, versus international passwords stemming from multiple languages and cultures. This is done by employing four different password-cracking tools; Probabilistic Context Free Grammar (PCFG), Ordered Markov Enumerator (OMEN), Odinn, and Hashcat. The findings reveal that all the tools are able to crack a higher percentage of passwords when attacking those created by Swedish natives compared to their international counterparts. PCFG, in particular, is nearly twice as effective as the other tools against Swedish passwords after just 10,000 guesses, while OMEN is the best against Swedish passwords after 5 million guesses.

The worldwide implementation of Remote Identification (RID) regulations mandates unmanned aircraft systems (UAS), or drones, to openly transmit their identity and real-time location as plain text on the wireless channel. This mandate serves the purpose of accounting for and monitoring drone operations effectively. However, the current RID standard's plain-text transmission exposes it to cyberattacks, including eavesdropping, injection, and impersonation. The Drone Remote Identification Protocol (DRIP) has been proposed to enhance the security of RID. The DRIP ensures information secrecy and confidentiality by using unique session keys while guaranteeing the authenticity of messages and entities through digital signatures. These security features of DRIP make it a preferable alternative to the existing RID standard. However, the lack of verification regarding its security claims raises concerns about its performance in hostile conditions. This paper comprehensively analyzes the DRIP protocol's security features using Tamarin Prover, a formal security verification tool. With its automated reasoning capabilities, Tamarin Prover accurately identifies potential security vulnerabilities within the DRIP protocol while thoroughly verifying its conformance to security properties. Our investigation demonstrates that the DRIP protocol is susceptible to replay attacks. We strongly recommend the inclusion of message freshness components, reducing the lifespan of DET broadcasts, and incorporating a not-after timestamp that is set only a few minutes ahead of the current time. These measures enhance the protocol's defence against replay attacks and ensure message authenticity and Integrity.