Abstract
With the integration of security-critical services into Building Automation Systems (BAS), the demands on the underlying network technologies increase rapidly. Relying on physically isolated networks and on “Security by Obscurity”, as it is still common today, is by no means an adequate solution. To be reliable and robust against malicious manipulations, the used communication services must support advanced security mechanisms that counteract potential security threats. This paper identifies important security requirements and challenges within the building automation domain. Based on this analysis, state-of-the-art technologies are carefully examined. Finally, an outlook on advanced security concepts is given.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Pfleeger, C.P., Pfleeger, S.L.: Security in Computing, 4th edn. Prentice Hall, Englewood Cliffs (2006)
Dzung, D., Naedele, M., Hof, T.V., Crevatin, M.: Security for Industrial Communication Systems. Proceedings of the IEEE 93(6), 1152–1177 (2005)
Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V., Culler, D.E.: SPINS: Security Protocols for Sensor Networks. In: 7th Annual International Conference on Mobile Computing and Networking, pp. 189–199 (2001)
BACnet – A Data Communication Protocol for Building Automation and Control Networks, ANSI/ASHRAE 135-2008 (2008)
Building Automation and Control Systems (BACS) – Part 5: Data Communication Protocol. ISO 16484-5 (2007)
Control Network Protocol Specification. ANSI/EIA/CEA 709 Rev. B (2002)
Open Data Communication in Building Automation, Controls and Building Management – Control Network Protocol. ISO/IEC 14908 (2008)
Information Technology – Home Electronic Systems (HES) Architecture. ISO/IEC 14543-3 (2006)
KNX Specification Version 2.0. Konnex Association, Diegem (2009)
ZigBee Specification, ZigBee Alliance, San Ramon (2007)
Schwaiger, C., Treytl, A.: Smart Card Based Security for Fieldbus Systems. In: 9th IEEE Conference on Emerging Technologies and Factory Automation, vol. 1, pp. 398–406 (2003)
Holmberg, D.G.: BACnet Wide Area Network Security Threat Assessment. Technical report, National Institute of Standards and Technology, NISTIR 7009 (2003)
Zachary, J., Brooks, R., Thompson, D.: Secure Integration of Building Networks into the Global Internet. Technical report, National Institute of Standards and Technology, NIST GCR 02-837 (2002)
BACnet – A Data Communication Protocol for Building Automation and Control Networks. ANSI/ASHRAE 135-2008: Addendum g (2009)
Granzer, W., Kastner, W., Neugschwandtner, G., Praus, F.: Security in Net- worked Building Automation Systems. In: 6th IEEE International Workshop on Factory Communication Systems, pp. 283–292 (2006)
Kent, S., Seo, K.: Security Architecture for the Internet Protocol. RFC 4301 (2005)
Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (2008)
Gupta, V., Wurm, M., Zhu, Y., Millard, M., Fung, S., Gura, N., Eberle, H., Shantz, S.C.: Sizzle: A Standards-based End-to-End Security Architecture for the Embedded Internet. Pervasive and Mobile Computing 1(4), 425–445 (2005)
Weis, B., Gross, G., Ignjatic, D.: Multicast Extensions to the Security Architecture for the Internet Protocol. RFC 5374 (2008)
Kastner, W., Novak, T.: Functional Safety in Building Automation. In: 14th IEEE Conference on Emerging Technologies and Factory Automation, pp. 1–8 (2009)
Granzer, W., Reinisch, C., Kastner, W.: Denial-of-Service in Automation Systems. In: 13th IEEE Conference on Emerging Technologies and Factory Automation, pp. 468–471 (2008)
Granzer, W., Reinisch, C., Kastner, W.: Key Set Management in Networked Building Automation Systems using Multiple Key Servers. In: 7th IEEE International Workshop on Factory Communication Systems, pp. 205–214 (2008)
Granzer, W., Lechner, D., Praus, F., Kastner, W.: Securing IP Backbones in Building Automation Networks. In: 7th IEEE International Conference on Industrial Informatics, pp. 410–415 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Granzer, W., Kastner, W. (2010). Security Analysis of Open Building Automation Systems. In: Schoitsch, E. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2010. Lecture Notes in Computer Science, vol 6351. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15651-9_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-15651-9_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15650-2
Online ISBN: 978-3-642-15651-9
eBook Packages: Computer ScienceComputer Science (R0)