Security Analysis of Building Automation Networks

Antonini, Alessio; Barenghi, Alessandro; Pelosi, Gerardo

doi:10.1007/978-3-642-41488-6_14

Cited by 4 publications

(2 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [72], the lack of security in KNX is improved with the use of an online key server and elliptic curve cryptography (ECC). In [73], the authors propose a multiparty key agreement scheme equivalent to Diffie-Hellman problem, however, their solution seems resource demanding as it requires one minute of computation on a KNX network. Numerous security challenges in SB are discussed in [32], along with possible counter measures such as packet filtering or proxies-filters to strengthen KNX security.…”

Section: Protocol-specific Defencesmentioning

confidence: 99%

The Security of Smart Buildings: a Systematic Literature Review

Ciholas,

Lennie,

Sadigova

et al. 2019

Preprint

View full text Add to dashboard Cite

Smart Buildings are networks of connected devices and software in charge of automatically managing and controlling several building functions such as HVAC, fire alarms, lighting, shading and more. These systems evolved from mostly electronic and mechanical elements to complex systems relying on IT and wireless technologies and networks. This exposes smart buildings to new risks and threats that need to be enumerated and addressed. Research efforts have been done in several areas related to security in smart buildings but a clear overview of the research field is missing. In this paper, we present the results of a systematic literature review that provides a thorough understanding of the state of the art in research on the security of smart buildings. We found that the field of smart buildings security is growing significantly in complexity due to the many protocols introduced recently and that the research community is already studying. We also found an important lack of empirical evaluations, though evaluations on testbeds and real systems seems to be growing. Finally, we found an almost complete lack of consideration of non-technical aspects, such as social, organisational, and human factors, which are crucial in this type of systems, where ownership and liability is not always clear.

show abstract

Section: Protocol-specific Defencesmentioning

confidence: 99%

The Security of Smart Buildings: a Systematic Literature Review

Ciholas,

Lennie,

Sadigova

et al. 2019

Preprint

View full text Add to dashboard Cite

show abstract

“…Information security in building automation systems has been studied in [4], [5], [13] and [14]. Demonstrations of working breaches have been shown in [15] with discussion over the attack motivations, methodology and possible damages as well as the difficulty of improving the situation quickly.…”

Section: Related Workmentioning

confidence: 99%

Security Assessment of a Distributed, Modbus-Based Building Automation System

Tenkanen¹,

Hämäläinen

2017

2017 IEEE International Conference on Computer and Information Technology (CIT)

View full text Add to dashboard Cite

Abstract-Building automation systems were designed in an era when security was not a concern as the systems were closed from outside access. However, multiple benefits can be found in connecting such systems over the Internet and controlling a number of buildings from a single location. Security breaches towards building automation systems are increasing and may cause direct or indirect damages to the target organization or even the residents of the building. This work presents an approach to apply a method of data flow recognition and environment analysis to building automation through a case study on a distributed building automation system utilizing the Modbus protocol at the sites and presents suggested methods for mitigating the risks.

show abstract

Security challenges in building automation and SCADA

Antonini

Barenghi

Pelosi

et al. 2014

2014 International Carnahan Conference on Security Technology (ICCST)

Self Cite

View full text Add to dashboard Cite

Cyber-Physical Systems (CPSs) are systems in which software and hardware entities monitor and manage physical devices using communication channels. They have become ubiquitous in many domains including health monitoring, smart vehicles and energy efficiency as in smart buildings and smart grid operations. The introduction of a digital control system and a communication channel, to exchange data with the physical system, increases the chance of vulnerabilities in the overall system. This paper presents the state-of-the-art of the security vulnerabilities of such systems as well as the possible methods to mitigate/reduce such threats. We will describe recent promising solutions to guarantee confidentiality and authentication of the transported data in building automation network domains, and present ideas to analyze and formally verify the control commands issued by the (possibly compromised) control network computers for execution on SCADA system actuators. The purpose of the latter approach is to prevent malicious parties from injecting malicious commands and potentially driving the underlying physical system into an unsafe state.

show abstract

Security Analysis of Building Automation Networks

Cited by 4 publications

References 15 publications

The Security of Smart Buildings: a Systematic Literature Review

The Security of Smart Buildings: a Systematic Literature Review

Security Assessment of a Distributed, Modbus-Based Building Automation System

Security challenges in building automation and SCADA

Contact Info

Product

Resources

About