An introduction to buildings cybersecurity framework

Mylrea, Michael; Gourisetti, Sri Nikhil Gupta; Nicholls, A.K.

doi:10.1109/ssci.2017.8285228

Cited by 23 publications

(11 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Inability to properly control data generation and access has huge implications in terms of compliance issues, unintentional data loss, exposure of data to non-legitimate users and accumulation of poor quality data [54]. These challenges are especially difficult to overcome because cyber security is not among the driving trends of the digital age [62]. In the context of the FM sector, buildings can be considered easy targets for organized criminals who wish to research an organization as part of a targeted attack.…”

Section: Cyber Security and Data Privacymentioning

confidence: 99%

“…There is no doubt that it is high time that the industry as a whole develops a strategic roadmap and specifies standards to support BDA initiatives [57]. The US National Institute of Standards and Technology has also released the Buildings Cyber-Security Framework which provides general guidance to building owners and operators to identify and implement a cyber-security risk management strategy to secure critical buildings Information Technology and Operational Technology [62]. Respectively in the UK, the government plans to invest a total of £1.9 billion over the next five years to transform significantly the country's cyber security and launch two new cyber innovation centres to drive the development of cutting-edge cyber products and dynamic new cyber security companies [66].…”

Section: Cyber Security and Data Privacymentioning

confidence: 99%

See 1 more Smart Citation

Drivers and Challenges Associated With the Implementation of Big Data Within U.K. Facilities Management Sector: An Exploratory Factor Analysis Approach

Konanahalli

Marinelli

Oyedele

2022

IEEE Trans. Eng. Manage.

View full text Add to dashboard Cite

Section: Cyber Security and Data Privacymentioning

confidence: 99%

Section: Cyber Security and Data Privacymentioning

confidence: 99%

Drivers and Challenges Associated With the Implementation of Big Data Within U.K. Facilities Management Sector: An Exploratory Factor Analysis Approach

Konanahalli

Marinelli

Oyedele

2022

IEEE Trans. Eng. Manage.

View full text Add to dashboard Cite

“…At the application layers, it means authenticating the identities of communicating devices. There are significant ongoing IT-based efforts to protect BAS (see Fisher, Isler, and Osborne 2019;Mylrea, Gourisetti, and Nicholls 2017; Buildings Cybersecurity Capability Maturity Model (B-C2M2) for examples). Some work has been done to identify cybersecurity standards for DERs such as PV and batteries (Johnson and Saleem 2017).…”

Section: Cybersecuritymentioning

confidence: 99%

Grid-Interactive Efficient Buildings Technical Report Series: Whole-Building Controls, Sensors, Modeling, and Analytics

Roth

Reyna

2019

View full text Add to dashboard Cite

List of Acronyms and Abbreviations AFDD automated fault detection and diagnosis BAS building automation system BEM building energy modeling BTO Building Technologies Office DER distributed energy resource DOE U.S. Department of Energy GEB grid-interactive efficient building HVAC heating, ventilation, and air conditioning MPC model predictive control M&V measurement and verification PV photovoltaic R&D research and development T&D transmission and distribution v GRID-INTERACTIVE EFFICIENT BUILDINGS TECHNICAL REPORT SERIES: Whole-Building Controls, Sensors, Modeling, and Analytics Glossary These definitions are for the purposes of the Grid-interactive Efficient Buildings Technical Report Series. They may be defined differently or more generally in other contexts. Grid services Services that support the generation, transmission, and distribution of electricity and provide value through avoided electricity generation and/or delivery costs; this report series focuses on grid services that can be provided by grid-interactive efficient buildings. Distributed energy resource (DER) A behind-the-meter resource that provides electricity generation, storage, or demand flexibility. Examples of DERs include solar photovoltaics (PV), wind, combined heat and power, stationary batteries, electric vehicles, and demand flexibility mechanisms such as smart thermostats, connected building automation systems (BAS), and other remotely controllable loads (National Association of Regulatory Utility Commissioners 2016). Energy efficiency Ongoing reduction in annual energy use to provide the same or improved level of building function. Demand flexibility Capability of DERs to adjust a building's load profile across different timescales; energy flexibility and load flexibility are often used interchangeably with demand flexibility. Demand response Activation of demand flexibility in response to price signals or explicit commands from the grid. Grid-interactive efficient building (GEB) An energy-efficient building that uses smart technologies and on-site DERs to provide demand flexibility while co-optimizing for energy cost, grid services, and occupant needs and preferences in a continuous and integrated way. Smart technologies for energy management Controls, sensors, models and analytics used to manage energy efficiency and demand flexibility in buildings and DERs. GEBs are characterized by their use of these technologies.

show abstract

“…The ITCF webtool is complemented by a "how-to" document that discusses the roles of the cybersecurity domains and their respective core elements in managing cybersecurity risks for organizations, the details are described in [11,12]. The ITCF also has the capability to compare the current and postcybersecurity posture of an organization before and after cyber mitigations, assessments, and investments.…”

Section: Itcf Webtoolmentioning

confidence: 99%

Insider Threat Cybersecurity Framework Webtool & Methodology: Defending Against Complex Cyber-Physical Threats

Mylrea

Gourisetti

Larimer

et al. 2018

2018 IEEE Security and Privacy Workshops (SPW)

Self Cite

View full text Add to dashboard Cite

This paper demonstrates how the Insider ThreatCybersecurity Framework (ITCF) web tool and methodology help provide a more dynamic, defense-in-depth security posture against insider cyber and cyber-physical threats. ITCF includes over 30 cybersecurity best practices to help organizations identify, protect, detect, respond and recover to sophisticated insider threats and vulnerabilities. The paper tests the efficacy of this approach and helps validate and verify ITCF's capabilities and features through various insider attacks use-cases. Two casestudies were explored to determine how organizations can leverage ITCF to increase their overall security posture against insider attacks. The paper also highlights how ITCF facilitates implementation of the goals outlined in two Presidential Executive Orders to improve the security of classified information and help owners and operators secure critical infrastructure. In realization of these goals, ITCF: provides an easy to use rapid assessment tool to perform an insider threat self-assessment; determines the current insider threat cybersecurity posture; defines investmentbased goals to achieve a target state; connects the cybersecurity posture with business processes, functions, and continuity; and finally, helps develop plans to answer critical organizational cybersecurity questions. In this paper, the webtool and its core capabilities are tested by performing an extensive comparative assessment over two different high-profile insider threat incidents. Keywords-Insider threat; cybersecurity framework; vulnerability assessment; cybersecurity web tool; cybersecurity methodology I.

show abstract

An introduction to buildings cybersecurity framework

Cited by 23 publications

References 5 publications

Drivers and Challenges Associated With the Implementation of Big Data Within U.K. Facilities Management Sector: An Exploratory Factor Analysis Approach

Drivers and Challenges Associated With the Implementation of Big Data Within U.K. Facilities Management Sector: An Exploratory Factor Analysis Approach

Grid-Interactive Efficient Buildings Technical Report Series: Whole-Building Controls, Sensors, Modeling, and Analytics

Insider Threat Cybersecurity Framework Webtool & Methodology: Defending Against Complex Cyber-Physical Threats

Contact Info

Product

Resources

About