Abstract-Building automation systems are traditionally concerned with the control of heating, ventilation, and air conditioning, as well as lighting and shading, systems. They have their origin in a time where security has been considered as a side issue at best. Nowadays, with the rising desire to integrate securitycritical services that were formerly provided by isolated subsystems, security must no longer be neglected. Thus, the development of a comprehensive security concept is of utmost importance. This paper starts with a security threat analysis and identifies the challenges of providing security in the building automation domain. Afterward, the security mechanisms of available standards are thoroughly analyzed. Finally, two approaches that provide both secure communication and secure execution of possibly untrusted control applications are presented.
Abstract-The use of wireless technologies in automation systems offers attractive benefits, but introduces a number of new technological challenges. The paper discusses these aspects for home and building automation applications. Relevant standards are surveyed. A wireless extension to KNX/EIB based on tunnelling over IEEE 802.15.4 is presented. The design emulates the properties of the KNX/EIB wired medium via wireless communication, allowing a seamless extension. Furthermore, it is geared towards zero-configuration and supports the easy integration of protocol security.
Abstract-The challenge of integrating heterogeneous systems in order to combine their functionality is of utmost importance for the further deployment of building automation systems. The goal is to allow comprehensive communication among the systems. This will provide enhanced possibilities thus making way for intelligent buildings. Traditionally, integration is achieved using gateways which require considerable configuration effort. To alleviate this overhead and provide a unified system view, a generic application model is proposed that can accommodate all functionality found in building automation systems. The employment of this model promises several benefits such as a central point for configuration and system access. The method of choice are ontologies, which allow to offer a seminal representation of knowledge, an abstraction of the heterogeneous network infrastructure and automatic reasoning on the stored knowledge.
Abstract-The use of IP networks as common backbone is becoming of increased interest in today's building automation systems (BAS). With the use of IP also new attack scenarios that threaten the overall security of BAS are introduced. Due to the absence of native security mechanisms in IP and because of its long standing and pervasive use in the IT world, many vulnerabilities exist that are well-known to attackers. To counteract these threats, this paper presents a generic concept to secure IP backbones that is tailored to the use in building automation. A main advantage of the concept is its flexibility. Due to the used protocol architecture, it is applicable to available BAS standards without the need of an adaption of existing BAS protocols. As a proof-of-concept, a prototype implementation for the KNX standard is also presented.
In modern building automation systems a plethora of different networking technologies exists. Therefore, interoperability between devices using various technologies is a key requirement. The use of Web Services as a platformand technological-independent method of communication is a promising approach to address this challenge. Since IP extensions to available technologies are more and more established in building automation systems the network infrastructure and necessary protocols for Web Services communication are already present. However, providing appropriate concepts to model information that can be accessed in a generic way are still missing. OPC Unified Architecture (OPC UA) is a powerful and promising standard that aims at solving this challenge. This work discusses an approach to map the interworking model of BACnet to OPC UA. Using the resulting information model BACnet applications can be represented in OPC UA and, thus, be accessed by OPC UA clients in a standard and well-defined way.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.