Key set management in networked building automation systems using multiple key servers

Reinisch

2008 IEEE International Conference on Emerging Technologies and Factory Automation

2008

Self Cite

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Denial-of-service in automation systems

Reinisch

2008 IEEE International Conference on Emerging Technologies and Factory Automation

2008

Self Cite

“…Moreover, the use of a single key server introduces a single point of failure. Therefore, a scheme based on multiple key servers is desirable [22]. To support all kinds of applications, the use of different communication models shall be possible.…”

Section: Security In Building Automation Standardsmentioning

confidence: 99%

Security in Building Automation Systems

Praus

IEEE Trans. Ind. Electron.

2010

Self Cite

112

Abstract-Building automation systems are traditionally concerned with the control of heating, ventilation, and air conditioning, as well as lighting and shading, systems. They have their origin in a time where security has been considered as a side issue at best. Nowadays, with the rising desire to integrate securitycritical services that were formerly provided by isolated subsystems, security must no longer be neglected. Thus, the development of a comprehensive security concept is of utmost importance. This paper starts with a security threat analysis and identifies the challenges of providing security in the building automation domain. Afterward, the security mechanisms of available standards are thoroughly analyzed. Finally, two approaches that provide both secure communication and secure execution of possibly untrusted control applications are presented.

“…A communication group is denoted as G x where ID Gx holds the unique ID within the network. Based on these three different types of communication relationship, all six communication types typically found in building automation [7] can be supported by the SAL: secure point-to-point control data communication and device management are performed within sessions using secure unicast, secure loose group communication and network management are handled by network relationships using secure broadcast, and secure strict group communication and group management are provided by communication groups using secure multicast.…”

Section: Security Abstraction Layermentioning

confidence: 99%

Communication services for secure building automation networks

2010 IEEE International Symposium on Industrial Electronics

2010

Self Cite

Abstract-Up to now, building automation systems were considered as virtually closed enviroments. If at all, they had to provide some well dedicated dial-in connections for remote management. With the introduction of interconnections to foreign networks (e.g., Web gateways to the Internet) and wireless technologies, the assumption of physical isolation is not longer valid. In parallel, building automation systems of the next generation shall also be home for tight integrated services with seamless interworking nodes of formerly separated systems. When security-critical integration is considered, this promises synergies, but significantly tightens requirements on the protocol stack. This paper summarizes the demands to be met by nodes participating in such an environment and presents necessary secure services that are part of the protocol architecture.