A multi-modelling based approach to assessing the security of smart buildings

Mace, JC; Morisset, Charles; Pierce, Ken; Gamble, Carl; Maple, Carsten; Fitzgerald, JS

doi:10.1049/cp.2018.0031

Cited by 7 publications

(3 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A multi-modeling based approach, using a mix of modeling, simulation and analysis tools, was used by the CPS Association to design the INTO-CPS cyber-physical platform [23], which has been used to assess the security of smart buildings, using a man-in-the-middle attack for validation purposes [24].…”

Section: Intrusion Detection For Bacs Scenariosmentioning

confidence: 99%

A Network Intrusion Detection System for Building Automation and Control Systems

2023

View full text Add to dashboard Cite

Building Automation and Control Systems (BACS) are traditionally based on specialized communications protocols, such as KNX or BACnet, and dedicated sensing and actuating devices. Despite the increased awareness about the security risks associated with BACS, there is a lack of security tools for protecting this special breed of cyber-physical systems. This is further aggravated by the fact that general-purpose security tools are typically not able to cope with the specific requirements and technologies associated with BACS, making it necessary to devise domain-specific approaches -as shown, for instance, by the KNX Secure initiative led by the KNX Association. Nevertheless, despite the advances brought by KNX Secure and similar initiatives, there is still a considerable gap between the security needs of BACS and the solutions available. In this paper, we address this gap by proposing a Network Intrusion Detection System (NIDS) specifically designed for BACS. This NIDS is protocol-agnostic and can potentially support different BACS protocols and technologies, such as KNX, BACnet, Modbus or mixed ecosystems, without loss of generality. We also present a specific proof-of-concept implementation of this NIDS concept for KNX -one of the more widespread BACS protocols. To this purpose, a real-world KNX deployment was used to showcase and evaluate the proposed approach.

show abstract

Section: Intrusion Detection For Bacs Scenariosmentioning

confidence: 99%

A Network Intrusion Detection System for Building Automation and Control Systems

2023

View full text Add to dashboard Cite

show abstract

“…Research on smart building security recently has received special focus. Mace et al introduced a multi-model methodology for assessing the security of smart-building systems, utilizing a suite of modeling, simulation, and analysis tools [20]. Meyer et al presented an abstract model of a building automation system using attack trees in order to simplify the threat identification model [21].…”

Section: F Related Workmentioning

confidence: 99%

BIoTA Control-Aware Attack Analytics for Building Internet of Things

Haque¹,

Rahman²,

Chen³

et al. 2021

Preprint

View full text Add to dashboard Cite

Modern building control systems adopt demand control heating, ventilation, and cooling (HVAC) for increased energy efficiency. The integration of the Internet of Things (IoT) in the building control system can determine real-time demand, which has made the buildings smarter, reliable, and efficient. As occupants in a building are the main source of continuous heat and CO2 generation, estimating the accurate number of people in real-time using building IoT (BIoT) system facilities is essential for optimal energy consumption and occupants' comfort. However, the incorporation of less secured IoT sensor nodes and open communication network in the building control system eventually increases the number of vulnerable points to be compromised. Exploiting these vulnerabilities, attackers can manipulate the controller with false sensor measurements and disrupt the system's consistency. The attackers with the knowledge of overall system topology and control logics can launch attacks without alarming the system. This paper proposes a building internet of things analyzer (BIoTA) framework 1 that assesses the smart building HVAC control system's security using formal attack modeling. We evaluate the proposed attack analyzer's effectiveness on the commercial occupancy dataset (COD) and the KTH live-in lab dataset. To the best of our knowledge, this is the first research attempt to formally model a BIoT-based HVAC control system and perform an attack analysis.

show abstract

“…Mace et al [137] reported on a multi-modelling-based approach to assessing the security of smart buildings. The approach was based on an Integrated Tool Chain for Model-based Design of Cyber-Physical Systems (INTO-CPS), a suite of modelling, simulation, and analysis tools for designing cyber-physical systems.…”

Section: Modelling-based Approachmentioning

confidence: 99%

A Review of Cyber-Ranges and Test-Beds: Current and Future Trends

Ukwandu¹,

Farah²,

Hindy³

et al. 2020

Preprint

View full text Add to dashboard Cite

Cyber situational awareness has been proven to be of value in forming a comprehensive understanding of threats and vulnerabilities within organisations, as the degree of exposure is governed by the prevailing levels of cyber-hygiene and established processes. A more accurate assessment of the security provision informs on the most vulnerable environments that necessitate more diligent management. The rapid proliferation in the automation of cyber-attacks is reducing the gap between information and operational technologies and the need to review the current levels of robustness against new sophisticated cyber-attacks, trends, technologies and mitigation countermeasures has become pressing. A deeper characterisation is also the basis with which to predict future vulnerabilities in turn guiding the most appropriate deployment technologies. Thus, refreshing established practices and the scope of the training to support the decision making of users and operators. The foundation of the training provision is the use of Cyber-Ranges (CRs) and Test-Beds (TBs), platforms/tools that help inculcate a deeper understanding of the evolution of an attack and the methodology to deploy the most impactful countermeasures to arrest breaches. In this paper, an evaluation of documented CR and TB platforms is evaluated. CRs and TBs are segmented by type, technology, threat scenarios, applications and the scope of attainable training. To enrich the analysis of documented CR and TB research and cap the study, a taxonomy is developed to provide a broader comprehension of the future of CRs and TBs. The taxonomy elaborates on the CRs/TBs different dimensions, as well as, highlighting a diminishing differentiation between application areas.

show abstract

A multi-modelling based approach to assessing the security of smart buildings

Cited by 7 publications

References 21 publications

A Network Intrusion Detection System for Building Automation and Control Systems

A Network Intrusion Detection System for Building Automation and Control Systems

BIoTA Control-Aware Attack Analytics for Building Internet of Things

A Review of Cyber-Ranges and Test-Beds: Current and Future Trends

Contact Info

Product

Resources

About