CYBERSECURITY

The Cybersecurity and IT Architectures research line at ITCL is focused on developing secure, scalable solutions tailored to the most demanding digital and industrial environments. This line works closely with companies to design and implement resilient technological infrastructures capable of handling large volumes of data while ensuring the security, confidentiality, integrity, and availability of that information.

Our work centers on the design and implementation of secure, distributed architectures, including on-premise, cloud, edge, and fog computing infrastructures. These solutions are built following principles of Security by Design and Defense in Depth, incorporating proactive measures against cyber threats.

We develop and integrate advanced mechanisms for authentication, encryption, continuous monitoring, and intrusion detection, applied to both corporate systems and industrial or critical infrastructures. We also focus on the application of cybersecurity standards and best practices such as ISO 27001, NIST, and compliance with specific sectoral regulations.

Additionally, we design and validate secure architectures for connected environments such as Smart Cities, Smart Energy systems, and Factories of the Future (FoF), where distributed systems must ensure the protection of devices, communications, and sensitive data.

Our experience in R&D projects spans the entire country, collaborating with companies that require robust and cybersecure technological environments as the foundation for their digital transformation and evolution towards connected, intelligent industrial models.

CYBERSECURITY CAPABILITIES

GOVERNANCE, RISK, AND COMPLIANCE

Threat identification and risk assessment related to information security that could impact assets and business continuity.
Definition of policies and regulations to implement an effective cybersecurity strategy that protects information and ensures regulatory compliance.
Awareness and training to promote a cybersecurity culture among employees and encourage good practices and skills to identify risks.
Alignment with standards and frameworks (ISO 27001, NIST, CIS, etc.).

SECURE ARCHITECTURE AND SYSTEM DESIGN

Design of secure network architectures based on principles like Zero Trust, least privilege, and defense in depth.
Secure integration of IT (Information Technology) and OT (Operational Technology) environments.
Development of secure and robust systems applying security-by-design from the outset.
Analysis of requirements and characteristics of each application individually, using secure software development practices.

DATA SECURITY

Implementation of measures to ensure the confidentiality, integrity, and availability of an organization’s critical data.
Integration of post-quantum cryptography algorithms into systems, including low-performance devices (microcontrollers) or FPGAs, to ensure resistance against quantum attacks.
Development of blockchain-based solutions to ensure data integrity and traceability.
Application in various environments: healthcare, industrial, automotive, etc.

CYBERSECURITY LABORATORY

Simulation of an IT/OT environment through a hybrid (physical and virtual) lab to carry out attacks in a controlled and isolated setting on any part of the topology.
Evaluation of various architectures, configurations, and security tools to test their effectiveness and compare different security approaches.
Analysis of vulnerabilities, mitigation strategies, response protocols, etc., across diverse scenarios to ensure the security of industrial environments or critical infrastructures.
Generation of datasets to train AI models, using data from network traffic, malware, event logs, etc

THREAT MONITORING AND DETECTION

Application of artificial intelligence techniques to detect anomalies in communications and processes.
Deployment of monitoring systems with real-time detection capabilities and alert visualization on dashboards.
Use of honeypots to research real-world threats and attack techniques with the aim of developing more effective defense measures.

OUR CYBERSECURITY TEAM

This line is driven by highly qualified senior and junior researchers committed to continuous innovation and development. Our team includes computer scientists, mathematicians, data analysts, and more.

Ángel López Campo

Head of Cybersecurity

Computer Engineer with extensive experience in participating in and managing R&D projects, especially in the fields of cybersecurity, embedded devices, and secure software development.

His main research areas focus on developing cybersecurity solutions for industrial environments and critical infrastructures, particularly related to honeypots, network monitoring systems, and anomaly detection. He is also specialized in IoT system design and the study of their vulnerabilities and protection measures, such as integrating post-quantum cryptography. He holds several software registrations and a patent.

As the head of Cybersecurity solutions at ITCL, he coordinates a multidisciplinary team to carry out projects and research that protect and add value to companies.

RESEARCH PROJECTS

ITCL and Arcelik Global take steps in the AI4LABOUR by sharing knowledge and adding talent

During 2023, ITCL hosted two employees from the Turkish multinational Arçelik Global, who will work collaboratively for the European Marie Skłodowska-Curie AI4LABOUR project. A journey that for the two employees, originally from the Turkish country, they valued as “extremely positive” in terms of implementing common ideas and that also allowed them to “test the project survey” being the first company in the world to do it.

PEIVPRO – Virtual Reality Training Modules

Facilitate the integration of students into the professional world by confronting them with real professional situations through the use of virtual immersion.
Duration: 2023 - 2025

Mindtooth – Wearable Device for Brain Signal Decoding

Mindtooth will enable truly "intelligent" and "cooperative" interaction between human actors (e.g., car drivers, airplane pilots, factory workers) and the devices around them through the use of brain signals.

Duration: 2020 - 2022

School of Empathy, a game to combat bulling

ITCL has recently launched a video game that seeks to combat bullying. In this way, the aim is to answer questions such as what to do in a bullying situation or how we can correct this type of situation. A 'serious game' developed from Burgos with the aim of fighting against bullying and that allows the player to acquire responsible behavior to avoid bullying situations in the school environment.

Sofía Vallecorsa CERN: “The role of the private sector in the field of quantum computing is very relevant with an ecosystem of companies that are already looking towards it”

Talking about quantum computing at the European level is talking about CERN European Organization for Nuclear Research. From her laboratories, Sofía Vallecorsa has been working for years on the analysis and potential of quantum computing. From the Franco-Swiss border, Vallecorsa leads the study of the Quantum Technology Initiative, dedicated to investigating the impact of quantum technologies (computing, detection and communication) in the field of High Energy Physics.

ESPADIN- Optimizing Data Spaces in Industry

Collaborative technological impulse dedicated to bringing the sharing and exploitation of the value of data to industrial practice under the paradigm of the denominated shared data spaces, working on the quality, availability and reliability of the data. Industrial research in these three areas will provide lines of work that promote trust and security, fundamental for the progress of the aforementioned paradigm, in terms of solving cross-cutting and strategic challenges of Spanish industry.

Duration: 2022-2024