Securing BACnet’s Pitfalls

Kaur, Jaspreet; Tonejc, Jernej; Wendzel, Steffen; Meier, Michael

doi:10.1007/978-3-319-18467-8_41

Cited by 19 publications

(10 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The QoS is affected by such an attack, which can be conducted by an attacker without any special skills. Router advertisement flooding can be used by attackers in order to exhaust the resources of a device by means of the routing maintenance protocol [153], resulting in a DoS. In BACnet, this methodology can be applied using who-is-router-to-network messages and the source addresses SADR and SNET.…”

Section: Network Layer Attacksmentioning

confidence: 99%

Intelligent Buildings in Smart Grids: A Survey on Security and Privacy Issues Related to Energy Management

et al. 2021

View full text Add to dashboard Cite

During the last decade, the smart grid (SG) concept has started to become a reality, mainly thanks to the technical progress achieved in telecommunications, informatics and power electronics, among other domains, leading to an evolution of the traditional electrical grid into an intelligent one. Nowadays, the SG can be seen as a system of smart systems that include cyber and physical parts from different technologies that interact with each other. In this context, intelligent buildings (IBs) constitute a paradigm in which such smart systems are able to guarantee the comfort of residents while ensuring an appropriate tradeoff of energy production and consumption by means of an energy management system (EMS). These interconnected EMSs remain the objective of potential cyber-attacks, which is a major concern. Therefore, this paper conducts a survey, from a multidisciplinary point of view, of some of the main security and privacy issues related to IBs as part of the SG, including an overview of EMS, smart meters, and the main communication networks employed to connect IBs to the overall SG. Future research directions towards a security enhancement from both technical and human perspectives are also provided.

show abstract

Section: Network Layer Attacksmentioning

confidence: 99%

Intelligent Buildings in Smart Grids: A Survey on Security and Privacy Issues Related to Energy Management

et al. 2021

View full text Add to dashboard Cite

show abstract

“…Several publications are fully dedicated to DoS attacks at the automation and management layers [26,27,28,29,10,16,17,11,30,22]. Two main type of DoS attacks can be conducted at this layer [26]: host-based and network-based.…”

Section: Denial Of Service Attacksmentioning

confidence: 99%

The Security of Smart Buildings: a Systematic Literature Review

Ciholas,

Lennie,

Sadigova

et al. 2019

Preprint

View full text Add to dashboard Cite

Smart Buildings are networks of connected devices and software in charge of automatically managing and controlling several building functions such as HVAC, fire alarms, lighting, shading and more. These systems evolved from mostly electronic and mechanical elements to complex systems relying on IT and wireless technologies and networks. This exposes smart buildings to new risks and threats that need to be enumerated and addressed. Research efforts have been done in several areas related to security in smart buildings but a clear overview of the research field is missing. In this paper, we present the results of a systematic literature review that provides a thorough understanding of the state of the art in research on the security of smart buildings. We found that the field of smart buildings security is growing significantly in complexity due to the many protocols introduced recently and that the research community is already studying. We also found an important lack of empirical evaluations, though evaluations on testbeds and real systems seems to be growing. Finally, we found an almost complete lack of consideration of non-technical aspects, such as social, organisational, and human factors, which are crucial in this type of systems, where ownership and liability is not always clear.

show abstract

“…While in BACnet, an attack similar to ARP spoofing can be launched where a compromised device generates BACnet's "I-Am-Router-To-Network" messages with the fake content and forces other devices to send their messages via the attacker host [1]. With this, MITM [9]. • Interception and Traffic Redirection -An adversary can spoof "I-Am-Router-To-Network" or "Router-Available-to-Network" messages, thus tricking the other field devices into redirecting selective traffic messages to itself.…”

Section: A Threat Modelmentioning

confidence: 99%

“…• Interception and Traffic Redirection -An adversary can spoof "I-Am-Router-To-Network" or "Router-Available-to-Network" messages, thus tricking the other field devices into redirecting selective traffic messages to itself. Consequently, the adversary will be able to gain access to the traffic data and eavesdrops on the confidential monitoring data [9].…”

Section: A Threat Modelmentioning

confidence: 99%

SEABASS: Symmetric-keychain encryption and authentication for building automation systems

Keoh

Tang

et al. 2018

2018 IEEE 4th World Forum on Internet of Things (WF-IoT)

View full text Add to dashboard Cite

There is an increasing security risk in Building Automation Systems (BAS) in that its communication is unprotected, resulting in the adversary having the capability to inject spurious commands to the actuators to alter the behaviour of BAS. The communication between the Human-Machine-Interface (HMI) and the controller (PLC) is vulnerable as there is no secret key being used to protect the authenticity, confidentiality and integrity of the sensor data and commands. We propose SEABASS, a lightweight key management scheme to distribute and manage session keys between HMI and PLCs, providing a secure communication channel between any two communicating devices in BAS through a symmetric-key based hash-chain encryption and authentication of message exchange. Our scheme facilitates automatic renewal of session keys periodically based on the use of a reversed hash-chain. A prototype was implemented using the BACnet/IP communication protocol and the preliminary results show that the symmetric keychain approach is lightweight and incurs low latency.

show abstract

Securing BACnet’s Pitfalls

Cited by 19 publications

References 6 publications

Intelligent Buildings in Smart Grids: A Survey on Security and Privacy Issues Related to Energy Management

Intelligent Buildings in Smart Grids: A Survey on Security and Privacy Issues Related to Energy Management

The Security of Smart Buildings: a Systematic Literature Review

SEABASS: Symmetric-keychain encryption and authentication for building automation systems

Contact Info

Product

Resources

About