No full-text available
To read the full-text of this research,
you can request a copy directly from the author.
Cyber security, building automation, and the intelligent building
Abstract
Extending the narrow scope of building management systems to form the ‘intelligent building’ has led to the widespread use of proprietary ‘enterprise’ software platforms and networks in both monitoring and control. The PC user is only too familiar with the vulnerability of networked computers to malicious software. But it is only recently that attention has been paid to the possibility of virus damage to process controllers. The hazard for ‘building management systems’ functionality is real but the risk is difficult to assess. Pressures on system procurement and upgrades aimed at improving functionality bring with them increased exposure to the probability of a successful attack. Most published security protocols may engender a false sense of security. The key defence is to ensure a ‘fall-back’, ‘black start’, ‘dumb capability’ within the intelligent building.
... Whenever a new system or product is released, it becomes a new target for cyber attackers. Intelligent buildings are the future, then so too are cyber threats to building services [31]. It is unlikely that an ironclad solution to attacks on connected home systems will be developed in the nearest future. ...
... One of the greatest barriers to the adoption of intelligent building system is the interoperability/standardization-the ability of equipment, devices, appliances and systems from different vendors to operate together which aligned with Edwards and Grinter contribution to the key barriers preventing the adoption of intelligent/smart concepts and technologies [17]. Some other factors to be considered includes erratic electric power supply which is in conjunction with Galo, Macedo, Almeida and Lima contribution to barriers facing the adoption of intelligent building [33]; Data challenges as seen in the work of Zikopoulos and Eaton titled understanding big data which is also aligned to part of the barriers faced with the adoption of intelligent building system [27], data security was also part of the barriers identified which corroborates with Fisk's work on Cybersecurity [31], building automation, and the intelligent building. In conclusion, the findings of this research corroborates with the research carried out by Reffat which was titled challenges facing the successful implementation of intelligent building technologies [34]. ...
The purpose of this paper is to identify barriers facing the adoption of Intelligent Building System in the Construction and Building Industry. The study used the Survey design. Well-structured questionnaires were administered to registered Construction professionals. Although just 120 questionnaires were returned, a total of 176 questionnaires were distributed to obtain information from construction professionals namely; Quantity surveyors, Architects, Engineers and Builders practising in Ondo State, Nigeria. Mean item score was used as the basic analytical tool for ranking in order of relative importance. Results showed a lot of barriers inhibiting the IBS adoption, of which Poor maintenance culture stands tallest, and closely behind it are Cost and Erratic power supply. The barrier that posed the least threat is, however, Organisational support. The study concluded that these barriers are common barriers facing Africa, and a lot of focus has to dwell on the positives that will arise from IBS adoption rather than focusing on the endless barriers.
... If intelligent buildings are the future, then so too are cyber threats to building services [17]. According to Grand View Research, a San Francisco-based consulting firm, the intelligent building automation technologies market is expected to reach USD 98.95 billion by 2024 [18]. ...
... In addition to best cyber security practices becoming an integrated part of deployment of equipment and training for building managers, the contingency plans should be drawn for the periods during which "intelligence" will not be available (known as "plan for the worst"). In order to maintain minimum acceptable levels of service, hardwired hardware may be a necessary cost for resilience for mission critical building automation systems, even at a cost of sacrificing the "intelligent" part of the automation [17]. ...
Intelligent buildings are quickly becoming cohesive and integral inhabitants of cyberphysical ecosystems. Modern buildings adapt to internal and external elements and thrive on ever-increasing data sources, such as ubiquitous smart devices and sensors, while mimicking various approaches previously known in software, hardware, and bioinspired systems. This article provides an overview of intelligent buildings of the future from a range of perspectives. It discusses everything from the prospects of U.S. and world energy consumption to insights into the future of intelligent buildings based on the latest technological advancements in U.S. industry and government.
... The disruption or destruction of such systems due to malicious actions can have a significant impact. Although there has been some research [3], [4] on the security analysis and protection of such systems there is still much to be done, especially in the field of post-incident analysis where information from past incidents can help strengthen the system against future events. This paper presents a first step towards a digital forensics investigation process in BAS systems, exploring the application of commonly accepted digital forensics investigation guidelines [5] in BAS systems. ...
... Wendzel [4] has already highlighted the possibility of these systems being breached and the theoretical risk of the building control system being incorporated into a Botnet. Fisk [3] recommended the hard wiring of some systems to enable them to continue to function without intelligent control in the event of an attack. Rios [24] has highlighted the ease with which some building systems can be compromised. ...
The increasing variety of Internet enabled hardware devices is creating a world of semi-autonomous, interconnected systems capable of control, automation and monitoring of a built environment. Many building automation and control systems that have previously been limited in connectivity, or due to cost only used in commercial environments, are now seeing increased uptake in domestic environments. Such systems may lack the management controls that are in place in commercial environments. The risk to these systems is further increased when they are connected to the Internet to allow control via a web browser or smartphone application. This paper explores the application of traditional digital forensics practices by applying established good practice guidelines to the field of building automation. In particular, we examine the application of the UK Association of Chief Police Officers guidelines for Digital Evidence, identifying the challenges and the gaps that arise in processes, procedures and available tools.
... Unfortunately, the lack of a holistic or strategic approach meant that each automated service was developed individually, using separate protocols, devices and physical media. Additionally, this lead to a number of terms used to refer to each automation system, such as Energy Management System (EMS), responsible for energy management, and Building Management System (BMS) which provided operational data logging for management (Fisk, 2012). When integration of building services into a centralised management system was proposed, the environment consisted of a wide range of protocols and devices, none of which were capable of being integrated together. ...
... This resulted in development of a range of new protocols that focused on integration and inter-communication; of which three major protocols emerged, namely, BACnet, KNX and LONworks. The remnant term BMS along with BAS and Intelligent Building (IB) are used interchangeably to refer to an integrated building automation system (Fisk, 2012), which is the focus of this research. The key success measure for these three protocols is their ability to communicate on multiple physical media, as shown in Table 1. ...
The purpose of Building Automation Systems (BAS) is to centralise the management of a wide range of building services, through the use of integrated protocol and communication media. Through the use of IP-based communication and encapsulated protocols, BAS are increasingly being connected to corporate networks and also being remotely accessed for management purposes, both for convenience and emergency purposes. These protocols, however, were not designed with security as a primary requirement, thus the majority of systems operate with substandard or non-existent security implementations, relying on security through obscurity. Research has been undertaken into addressing the shortfalls of security implementations in BAS, however defining the threats against BAS, and detection of these threats is an area that is particularly lacking. This paper presents an overview of the current security measures in BAS, outlining key issues, and methods that can be improved to protect cyber physical systems against the increasing threat of cyber terrorism and hacktivism. Future research aims to further evaluate and improve the detection systems used in BAS through first defining the threats and then applying and evaluating machine learning algorithms for traffic classification and IDS profiling capable of operating on resource constrained BAS.
... d) Cyber security: Green buildings are prone to cyberattacks. Hence, maintaining cyber security in green buildings is very important and game theory has been proven to be a useful tool for that purpose [303]. In particular, green buildings are equipped with wireless networks and IoT that are vulnerable to cyber-attacks. ...
With the emergence of the Internet-of-Things (IoT), artificial intelligence, and communication technologies, cyber-physical systems (CPS) have revolutionized the engineering paradigm with profound applications in many aspects of society including homes, energy, agriculture, health-care, transportation, business, and manufacturing. A CPS uses suitable computational techniques such as game theory to enable different entities to interact with one another for taking necessary actions to obtain selected objectives. Recent literature on CPS has extensively used game theory to approach a variety of technical challenges. In order to make these contributions more accessible to a broader audience, there is a need for studies that can provide readers with a comprehensive understanding of different types of CPS and their attributes, then clearly outline why game theory is relevant for modeling different aspects of CPS, and also discuss how game theory has been used in relevant literature to date. This paper bridges this gap by 1) providing a general discussion of different types of CPS and their characteristics; 2) giving an overview of different types of game-theoretic approaches; 3) explaining why game theory is appropriate for modeling different types of CPS; and 4) finally, studying how game theory has been used in different CPS types to address their challenges. Further, we also identify some key research challenges for future investigation where game theory could be applied as a potential solution.
... This intrinsic weakness is an opportunist window for cyber-attacks that can compromise an already unstable system, which reflects the system's effectiveness [36]. A considerable investment is required to secure such a system. ...
Industry 4.0 is seeking to advance traditional construction practices towards more efficient and internet of things (IoT)-based construction practices, such as offsite construction. Offsite construction (OSC) allows for the simultaneous fabrication of building modules and onsite work. Integrating IoT technologies in construction practice is projected to improve the industry’s growth. However, there is an increase in cybersecurity vulnerabilities. Cyber threats are becoming more disruptive and targeted, resulting in monetary and infrastructure losses. Furthermore, the COVID pandemic and the instability in Europe have seen over 100% increases in cyber-attacks, and most industries have weak cybersecurity protocols. The adoption of cybersecurity frameworks in the construction industry is sluggish, and the existing security frameworks fall short in addressing the needs of the industry. This paper gives a concise review of the offsite construction value chain vulnerabilities. We explore the existing cybersecurity frameworks and identify their limitations. Cybersecurity is presented as one of the most crucial components that has received little or no attention in OSC. The future of OSC is promising with the incorporation of Industry 4.0 technologies; however, its development needs to consider more proactive security approaches and management techniques that are adapted to the current hostile cyber landscape.
... Even though there have been several works for optimizing and managing the operation and energy utilization in smart buildings, such as (Ghofrani et al., 2019;Iqbal et al., 2018;Rodriguez-Trejo et al., 2017;Safa et al., 2017;Zhu et al., 2019), investigating and developing solutions for 4 J o u r n a l P r e -p r o o f the cybersecurity of building management systems is essential (Fisk, 2012). There have been limited research works assessing and evaluating the cybersecurity aspect of smart buildings, e.g. ...
With the rapid advancement in the industrial control technologies and the increased deployment of the industrial Internet of Things (IoT) in the buildings sector, this work presents an analysis of the security of the Heating, Ventilation, and Air Conditioning (HVAC) system which is a major component of the Building Management System (BMS), has become critical. This paper presents a Transient System Simulation Tool (TRNSYS) model of a 12-zone HVAC system that allows assessing the cybersecurity aspect of HVAC systems. The thermal comfort model and the estimated total power usage are used to assess the magnitude of the malicious actions launched against the HVAC system. Simulation data are collected and used to develop and validate a semi-supervised, data-driven attack detection strategy using Isolation Forest (IF) for the system under study. Three schemes of the proposed approach are investigated, which are: using raw data, using Principal Component Analysis (PCA) for feature extraction, and using 1D Convolutional Neural Network (CNN)-based encoder for temporal feature extraction. The proposed approach is compared with standard machine-learning approaches, and it demonstrates a promising capability in attack detection for a range of attack scenarios with high reliability and low computational cost.
... However, the awareness and implementation in high-level security have been very low and neglected, making the industry susceptible and attractive to malicious individuals (Watson, 2018). Successful integration of construction digitalization requires the consideration of cybersecurity (Boyes, 2013;Mantha & Garcia de Soto, 2019a;Fisk, 2012;Parn & Edwards, 2019). Existing cybersecurity standards and practices from other industries cannot be directly adopted into construction due to characteristic differences and challenges such as complex interactions, different stakeholder interests, and lower profit margins. ...
Digitalization and automation are making the architecture, engineering, and construction (AEC) industry more vulnerable to cyberattacks. Existing literature suggests that industry-specific studies need to be conducted. The work presented in this study shows a preliminary cybersecurity threat model relevant to the AEC industry. To that end, threat models for each of the life cycle phases are proposed. The feasibility of the proposed approach is illustrated with an example from the commissioning phase of a building, which includes an autonomous robotic system to collect data as a possible countermeasure. The suggested countermeasure shows promise to address some of the cybersecurity challenges faced in the building certification and commissioning process. The results show that the likelihood of detecting rogue sensors increases with additional constraints in the monitoring robot, such as minimum and maximum distance. The illustrative models suggest that the proposed framework will help to address the safety and cyber security of stakeholders and systems during crucial phases of construction projects.
... The aim of using integrated systems is to reduce building operating costs while maintaining proper parameters of the internal environment. Additionally, attention is paid to increased technical safety of the integrated systems, optimal operating parameters of individual systems and easier detection of faults and failures [8,9]. ...
... Furthermore, the evolution of the industry toward Construction 4.0 , smart buildings, Building Information Modeling (BIM) (Sacks et al., 2010), and the Internet of Things adds another layer of complexity to the project delivery process because it requires interfaces with product, software, and service development. This situation also raises the issues of cybersecurity (Fisk, 2012;Boyes, 2013;Mantha and García de Soto, 2019;Parn and Edwards, 2019). Thus, the traditional methods used to plan and control the delivery of modern infrastructure should be updated. ...
This study provides a critical review of the concepts of Agile, Lean, Scrum, and Last Planner System ® (LPS). A comparative analysis is conducted between LPS and Scrum to expand LPS by considering Scrum's best practices. Eight dimensions, namely, 1) origins, 2) main purpose, 3) overall system/framework process, 4) tools or artifacts maintained by the team, 5) team composition and main roles, 6) regular events or team meetings, 7) metrics/dashboards, and 8) approach to learning, are evaluated. After analyzing side by side the eight dimensions, it was found that many aspects from Scrum already exist in LPS in the same or similar form. However, the authors identify four main elements from Scrum that can be leveraged to improve the LPS benchmark, such as considering the Scrum "Increment" concept into LPS, having a clear definition of roles and responsibilities, or adding an equivalent to a Scrum Master to have a designated "rule keeper" in LPS. These opportunities to be considered in new LPS benchmarks need to be tested and validated with real applications. To the best of the authors' knowledge, this work is the first to comprehensively compare Scrum (Agile) and LPS (Lean) and could be seen as a contribution toward the evolution of the Last Planner System for the academic and industrial environments.
... Cyber-attacks remain a national security threat for the prosperity of a digital economy and the functionality and safety of the digital built environment (Karabacak et al., 2016b). There have been many reports on the many different threats posed and these present real challenges, as cyber-attacks often enjoy anonymity as the malicious activity they are (Fisk, 2012;Kelly, 2015). ...
This chapter discusses the risks associated with network connected built assets and building management systems. Globally, Construction 4.0 vision provides fully integrated and networked connectivity between digital infrastructure assets and physical infrastructure to form digital economies. However, industrial espionage, cyber-crime and deplorable politically driven cyber-interventions threaten to disrupt and/or physically damage the critical infrastructure that supports national wealth generation and preserves the health, safety and welfare of the populous. Whilst cybersecurity and digitisation have been widely covered within the extant literature in isolation, scant discussion has hitherto offered a holistic review of the perceived threats, deterrence applications and future developments in a digitized Architecture, Engineering, Construction and Operations (AECO) sector transitioning into Construction 4.0. This chapter presents a comprehensive review of cyber threats confronting digital built environment and its critical infrastructure projects reliant upon a common data environment (CDE) to augment Building Information Modeling (BIM) implementation.
Typical practical explanations covered from cybersecurity literature will include: 1) distinct categories of hackers – to identify sources of such malevolent attacks; 2) motivations for the perpetrators/actors – to explain the commonly faced repercussions of such attacks; 3) varied reconnaissance techniques adopted – to explain how hackers locate cyber vulnerabilities. The chapter concludes with direction for future security opportunities in Construction 4.0 such as the recommendation to utilize innovative blockchain technology as a potential risk mitigation measure for digital built environment vulnerabilities. This holistic review presents a concise and lucid overview of cyber threats that will intellectually challenge, and better inform, students, practitioners and researchers in the digitized AECO field at a transition towards networked Construction 4.0 operations.
... Perpetrator Perpetrator: [68][69][70]; Attacker: [34,35,[71][72][73][74]; Adversary: [42,[75][76][77]; Malefactor: [60,78,79]; Actor: [29,[80][81][82]; Hacker: [47,48,68,77,81,; Crook: [49] [82] [109]; Mis-actor: [49] 2 ; Assailant: [106,[110][111][112][113]; Misuser: [49,94,[114][115][116][117]; Bad guy: [113,[118][119][120][121][122] 1 Wu et al. use the terms attacker, adversary, malefactor and perpetrator interchangeably in the same paper [123]. 2 Sindre and Opdahl use the terms crook and mis-actor in the same paper to refer to a perpetrator. The term mis-actor is used specifically as an 'inverted actor' in other words the opposite to actor which is the term generically used in use cases to refer to the user of a service or function [49]. ...
Perceiving and understanding cyber-attacks can be a difficult task, and more effective techniques are needed to aid cyber-attack perception. Attack modelling techniques (AMTs) - such as attack graphs, attack trees and fault trees, are a popular method of mathematically and visually representing the sequence of events that lead to a successful cyber-attack. These methods are useful visual aids that can aid cyber-attack perception.
This survey paper describes the fundamental theory of cyber-attack before describing how important elements of a cyber-attack are represented in attack graphs and attack trees. The key focus of the paper is to present empirical research aimed at analysing more than 180 attack graphs and attack trees to identify how attack graphs and attack trees present cyber-attacks in terms of their visual syntax.
There is little empirical or comparative research which evaluates the effectiveness of these methods. Furthermore, despite their popularity, there is no standardised attack graph visual syntax configuration, and more than seventy self-nominated attack graph and twenty attack tree configurations have been described in the literature — each of which presents attributes such as preconditions and exploits in a different way. The survey demonstrates that there is no standard method of representing attack graphs or attack trees and that more research is needed to standardise the representation.
... Studies suggest that these are highly susceptible to cyber-attacks [31,32]. A key element to be considered in the proposed framework is cybersecurity across all the different components shown in Figure 1 [33,34,35,36]. Therefore, identifying, assessing, and analyzing the cyber risks, vulnerabilities, and threat models of the different participants and processes involved is crucial for the successful and secure implementation of the proposed framework. ...
Computing technologies have proven to significantly contribute to improving the efficiency of various industries, such as manufacturing and farming. Several studies have suggested that construction can benefit significantly from integrating these technologies due to the involvement of several repetitive and mundane tasks. However, since on-site execution suffers from constant modifications and changes, there is enormous variability between planned and actual performance, which can result in schedule delays and/or budget overruns. Thus, the overall productivity significantly relies on the optimum decisions made based on real-time on-site construction progress. Computing technologies could dynamically improve efficiency, this essay identifies critical factors influencing productivity, presents possible dynamic solutions that integrate advanced computing technologies and construction management strategies with Building information modeling (BIM). To that extent, an integrated BIM-based system is proposed to (1) obtain real-time resources data from BIM-integrated models; (2) optimize resource allocation and conflicts detection; (3) conduct operation simulations to obtain dynamic (real-time) productivity and automation process using robotic systems. In conclusion, this essay will guide future work on the verification and validation of integrated BIM-based frameworks to enhance productivity.
... However, the reality is that awareness and investment in high-level security in the industry are still very low, making this industry susceptible and particularly attractive to hackers [8]. Therefore, a key element to be considered for the successful transition into digitalization of the AEC industry is the consideration of cybersecurity [9][10][11]. Furthermore, the challenges faced by construction are unique due to the complex interactions and objective of different participants. ...
The construction industry is making a shift towards digitization and automation (known as Construction 4.0) due to the rapid growth of information and communication technologies as well as 3D printing, mechatronics, machine learning, big data, and the Internet of Things (IoT). These technologies will transform the design, planning, construction, operation and maintenance of the civil infrastructure systems, with a positive impact on the overall project time, cost, quality, and productivity. These new technologies will also make the industry more connected, and the consideration of cybersecurity of paramount importance. Although many studies have proposed frameworks and methodologies to develop such technologies, investigation of cybersecurity implications and related challenges have received very less attention. Some work has focused on security-minded BIM, but it lacks generality or does not consider an approach to determine the vulnerability of the different project participants, construction processes, and products involved during the different phases of construction projects. To address these limitations, this study a) develops a framework to identify cybersecurity risks in the construction industry, and b) assesses the vulnerability of traditional and hybrid delivery methods based on an agent based model (ABM). That is, the vulnerability of different project participants and construction entities during the different phases of the life-cycle of construction projects as a consequence of Construction 4.0. The findings from this study help to identify potential risks and provide a basis to assess the impact of interactions in a digital environment among different project participants. Future work aims to thoroughly investigate the proposed ABM approach and extend the same to other project delivery methods and information exchange networks in construction projects.
... Cyber-attacks remain an omnipresent national security threat to a digital economy's prosperity and digital built environment's functionality and safety. Reporting upon a veritable plethora of threats posed presents significant challenges, as cyber-attacks engender greater anonymity as a malicious activity (Fisk, 2012). Nevertheless, known cases and revolutionary deterrents will form the premise upon which this literature review is based. ...
Purpose – Smart cities provide fully integrated and networked connectivity between virtual/digital assets and physical building/infrastructure assets to form digital economies. However, industrial espionage, cyber-crime and deplorable politically driven cyber-interventions threaten to disrupt and/or physically damage the critical infrastructure that supports national wealth generation and preserves the health, safety and welfare of
the populous. The purpose of this paper is to present a comprehensive review of cyber-threats confronting critical infrastructure asset management reliant upon a common data environment to augment building information modelling (BIM) implementation.
Design/methodology/approach – An interpretivist, methodological approach to reviewing pertinent literature (that contained elements of positivism) was adopted. The ensuing mixed methods analysis: reports upon case studies of cyber-physical attacks; reveals distinct categories of hackers; identifies and reports upon the various motivations for the perpetrators/actors; and explains the varied reconnaissance techniques adopted.
Findings – The paper concludes with direction for future research work and a recommendation to utilize innovative block chain technology as a potential risk mitigation measure for digital built environment vulnerabilities.
Originality/value – While cyber security and digitization of the built environment have been widely covered within the extant literature in isolation, scant research has hitherto conducted an holistic review of the perceived threats, deterrence applications and future developments in a digitized Architecture, Engineering, Construction and Operations (AECO) sector. This review presents concise and lucid reference guidance that will intellectually challenge, and better inform, both practitioners and researchers in the AECO field of enquiry.
... In [44], the authors surveyed and measured user's level of concern regarding the security in SBs. Finally, a number of papers highlight and discuss several potential attacks, vulnerabilities and security risks of SB from a more high level point of view, including [38,39,40,41,43,42]. ...
Smart Buildings are networks of connected devices and software in charge of automatically managing and controlling several building functions such as HVAC, fire alarms, lighting, shading and more. These systems evolved from mostly electronic and mechanical elements to complex systems relying on IT and wireless technologies and networks. This exposes smart buildings to new risks and threats that need to be enumerated and addressed. Research efforts have been done in several areas related to security in smart buildings but a clear overview of the research field is missing. In this paper, we present the results of a systematic literature review that provides a thorough understanding of the state of the art in research on the security of smart buildings. We found that the field of smart buildings security is growing significantly in complexity due to the many protocols introduced recently and that the research community is already studying. We also found an important lack of empirical evaluations, though evaluations on testbeds and real systems seems to be growing. Finally, we found an almost complete lack of consideration of non-technical aspects, such as social, organisational, and human factors, which are crucial in this type of systems, where ownership and liability is not always clear.
... Cybersecurity concerns in BAS are critical and any security leakage could cause serious problems. This is detailed in [15] and the lack of proper solutions that integrate cybersecurity and BAS effectively is mentioned as a serious threat for the future of BAS applications. Furthermore, importance of the security is explained with comprehensive examples. ...
With the development of sensor technologies, various application areas have emerged. The usage of these technologies and exploitation of recent improvements have clear benefits on building applications. Such use-cases can improve smart functions of buildings and can increase the end-user comfort. As a similar notion, building automation systems (BAS) are smart systems that target to provide automated management of various control services and to improve resource usage efficiency. However, buildings generally contain hardware and control services from a diverse set of characteristics. The automated and central management of such functions can be challenging. In order to overcome such issues, an Emergency Evacuation Service is proposed for BAS, where requirements of such central management model are analyzed and model content and subservice definitions are prepared. A crucial scenario, which could be a necessity for future BAS, is defined and an approach for evacuation of people in the buildings at emergency situations is proposed. For real-life scenarios, the Evacuation Service is implemented by using a low-cost design, which is appropriate for Internet of Things (IoT) based BAS applications. As demonstrated, the proposed service model can provide effective performance in real-life deployments.
... The existence of a cyber threat on an intelligent building is imminent, regardless of the purpose of the attack. Part of the attraction to attackers is the capability of malicious agents to attack anonymously (Fisk, 2012). In a facilities campus setting, the networked systems are larger and therefore have more available entry points. ...
ID: ASEM_2016_224 ____________________________________________________________________________________________ Abstract The traditional view of facility management (FM) previously included tasks which were more of a physical nature in terms of the responsibility of the building. Newer FM roles now include maintaining critical operations through the use of information technology (IT) and automated controls. Therefore, these changing operations now include new concerns for facilities personnel, who today typically must work in conjunction with subcontractors and IT staff for installation as well as operations. Facilities personnel are now also becoming aware of the needs to secure university (or any campus setting) administrative and facilities data. This awareness has created an additional layer of concern and responsibility for facilities management personnel. Although publications often address cyber-threats to campus operations, rarely have these topics included what the specific concerns might be for facility managers regarding the potential threats. Additionally, rarely has the discussion addressed the role of the stakeholders with regards to the mitigation of those concerns.
... The existence of a cyber threat on an intelligent building is imminent, regardless of the purpose of the attack. Part of the attraction to attackers is the capability of malicious agents to attack anonymously (Fisk, 2012). In a facilities campus setting, the networked systems are larger and therefore have more available entry points. ...
http://facilityexecutive.com/2016/08/cyber-security-for-buildings/
... As noted by Fisk [1], the intelligent building community might protest that there have been no significant successful reported attacks on building management systems (BMS) over the 40 years that the technology has been deployed. This is potentially a complacent view as a range of complex threats are rapidly developing from increasingly sophisticated threat actors. ...
The concept of an intelligent building has existed for over 30 years and is seen as a solution to a number of economic and environmental problems. Intelligent buildings are often seen as a means of improving the energy efficiency of the built environment. However they are increasingly being promoted as a means of improving the operational efficiency of buildings, providing enhanced building and personal security, and improving the availability of management information to support better and quicker decision making. The potential cyber security risks inherent in the adoption of intelligent buildings are rarely discussed.
... heating, air-conditioning, ventilation or elevators. Even for single BAS, miscreants may cause considerable damage using these actuators [Fis12] (e.g., disabling fire alarms before placing a fire in the building [Hol03], activating a fire alarm at an airport to cause chaos [Con08], or deactivating an airport's luggage transport system). Another example would be to cause a DoS at the physical access control systems of an enterprise building to prevent that employees can access their office rooms, what could, in the worst case, result in inactivity of a company. ...
A building automation system (BAS) is the IT equipment within a building that monitors and controls the building (e.g., measuring temperature in a room to configure the heating level within the same room). We discuss the potential and the use of botnets in the context of BAS. Our botnet concept and scenario is novel in the sense that it takes advantage of the phyiscal capabilities of a building and as it has to adapt to a specialized environment being highly deterministic, predictable, simplistic and conservative. These properties make anomalies easy to detect. Smart building botnets allow the monitoring and remote control of (critical) building automation infrastructure in public and private facilities, such as airports or hospitals. We discuss why building automation botnets could thus enable attackers to cause various critical damage on whole regions and economies. Hiding the command and control communication is a highly beneficial step to adapt botnets to the BAS environment. We show that this is not necessarily a big hurdle and can be solved using existing covert channel techniques.
The 4th industrial revolution and its inherent digitalization are changing every aspect of the construction industry. However, these technological transformations bring new challenges, including cybersecurity. Although a number of studies in recent years have aimed to analyze cybersecurity issues in the construction sector, further research investment in this area is vital. The first step towards identifying needed and promising research directions in this domain is to systematically analyze the existing body of knowledge and detect knowledge gaps. This study addresses this need through a systematic scoping review designed based on the Preferred Reporting Items for Systematic Reviews and Meta-Analysis extension for Scoping Review (PRISMA-ScR). To synthesize the existing knowledge, the extracted information is mapped with multiple benchmarks, including the National Institute of Standards and Technology (NIST) framework for cybersecurity management. The outcomes of the scoping review indicated that, from the construction perspective, the existing literature mainly focuses on a few areas, including Building Information Modeling (BIM), while other digital systems such as construction robots and prefabrication platforms need to be considered in future works. In terms of cybersecurity management, most of the existing studies focus on identifying risks and protecting assets. Other aspects of cybersecurity management, including detecting intrusions, responding to threats, and recovering from cyber-attacks need to be addressed in future studies. Regarding the technology-mediated countermeasures, the existing studies have explored only a limited number of potential solutions with a considerable focus on Blockchain-based systems, while the application of other countermeasures such as network virtualization can be a basis for future studies. Finally, the existing studies focused on procedural guidelines lack systematic solutions for areas including integrated cyber risk management and organizational change.
Internet of Things (IoT) as a modern tool which works as a global entity by interconnecting object especially in the health sector is also susceptible to various challenges. With the advent of IoTs, the safety precautions against COVID-19 could be enforced and monitored to minimize the global effects of the pandemic because health is wealth. Security and reliability are great issues during corona virus, COVID-19; there are established cases of poor compliance with the safety precautions which consequently increases the mortality rate of patients during emergency. Hence, this chapter addresses IoTs and COVID-19 safety precautions. This chapter adopts both quantitative and qualitative research methods, data were sourced secondarily through the content analysis of peered review journals, edited books and credible online resources. Findings showed that IoTs enhance safety precaution of COVID-19 pandemic. The study will be useful to individuals, organizations, non-governmental institutions, corporate bodies and scholars in the fields of computer sciences and criminology, security studies and health sciences.
The digitalization and automation of the construction sector are transforming positively the way we plan, design, execute, and operate construction projects. However, they are also increasing the vulnerability of construction projects and making the architecture, engineering, construction, and facility management (AEC-FM) industry subject to cyberattacks. Although current cybersecurity practices are relevant, they cannot be directly adopted due to the unique challenges faced by the AEC-FM industry. Current literature suggests that industry-specific studies need to be conducted. To that extent, this study investigates the cybersecurity threat modeling for construction projects by developing a framework that identifies what might be compromised, how might it happen, why would someone intend to do it, what would be the impact, and what could be done to prevent it. The objectives are to a) develop a preliminary threat model relevant to construction, b) show the feasibility of the approach by using illustrative threat models for each of the life cycle phases, and c) use the commissioning phase of a building as a case study to show a possible countermeasure. The proposed framework will help to address the safety and security of stakeholders and systems during crucial phases of a construction project.
Since the late 1980's a large number of techniques to embed covert channels into network protocols were discovered. Covert channels enable a policy-breaking communication while they are additionally hard to detect. While it must be considered non-trivial to counter covert channels in networks, it can be considered trivial to evaluate network protocols in order to find possible ways to embed hidden information in these protocols. This thesis therefore, does not aim on presenting new covert channels in network protocols (except from exemplary channels in BACnet).
Today, covert channels are a useful technique for the development of botnets since these channels can make botnet traffic hard to detect. For this reason, it is an attractive goal for botnet developers to enhance existing covert channel techniques. As this gives leeway for the introduction of additional features into covert channels and enhancement of their invisibility.\\
Therefore, the research community must also aim on improving covert channels since it would otherwise be unfeasible to find means to counter such novel techniques introduced by botnet developers.\\
On the other hand, covert channels must be considered as dual-use betterment as they, for instance, can enable journalists to transfer illicit information in networks with censorship without facing detection.
Within the last decade, new covert channels with internal control protocols (so called micro protocols) arose. These micro protocols are placed in the hidden data of the channel and can be considered a powerful technique as they introduce new features such as dynamic routing or reliability. In general, micro protocols control a covert channel but their purpose depends on its given utilization. For instance, a micro protocol used within a botnet could signal a botnet command, such as, to send a Spam mail while the actual hidden payload can comprise a fragment of the Spam message to be sent.
This thesis is the first to discuss the need for improved micro protocol designs as the detectability of a covert channel highly depends on the used micro protocol: If a micro protocol causes anomalies, the detection of a covert channel raises.
The first part (Chapters 3 and 4) of this thesis introduces two approaches for the design and development of micro protocols. The first approach decreases the size of a micro protocol header to minimize the number of bits to be modified in a network packet --- if less bits are required to be modified by the covert channel, the channel will cause fewer anomalies. The second approach ensures the conformity of the micro protocol to the utilized network protocol: If the micro protocol does not violate rules of the utilized protocol, it will also cause less anomalies.
Therefore, the existing covert channel terminology is extended.
The initial connection establishment phase (NEL phase) of network covert channels is enhanced by using these micro protocols and it helps overcoming the two-army problem initially discovered in this thesis.
Covert channels (with or without micro protocols) can utilize various network protocols simultaneously. We call the family of such covert channels protocol switching covert channels. A problem with these channels is the lack of a means to limit their bitrate. This thesis presents the first approach to limit the maximum error-free bitrate of protocol switching covert channels. The approach has been evaluated and can be considered to be applicable in practice.
The second part (Chapter 5) of this thesis discusses the presence of covert and side channels in building automation systems. Their potential for adversaries, which lies in the observation of events and persons in buildings. And finally, in building automation-based data exfiltration to bypass the protection means of a (better protected) enterprise network.
A distinction of such covert channels into high-level covert channels (based on the interaction with the building) and low-level covert channels (based on the utilization of building automation network protocols) is proposed.
Furthermore, a prevention means to counter high-level covert (and side) channels in building automation systems as well as a prevention technique for BACnet-based covert channels is also presented and evaluated.
We examine the code base of the OpenBSD operating system to determine whether its security is increasing over time. We measure the rate at which new code has been introduced and the rate at which vulnerabili- ties have been reported over the last 7.5 years and fifteen versions. We learn that 61% of the lines of code in today's OpenBSD are foundational: they were introduced prior to the release of the initial version we studied and have not been altered since. We also learn that 62% of re- ported vulnerabilities were present when the study began and can also be considered to be foundational. We find strong statistical evidence of a decrease in the rate at which foundational vulnerabilities are being re- ported. However, this decrease is anything but brisk: foundational vulnerabilities have a median lifetime of at least 2.6 years. Finally, we examined the density of vulnerabilities in the code that was altered/introduced in each version. The densities ranged from 0 to 0.033 vulnerabilities reported per thousand lines of code. These densities will increase as more vulnerabilities are reported.
Building automation and control systems (BACS) are an important part of modern automated buildings. More and more they are also responsible for functions affecting people 's safety, security and health. Thus the respective technology is supposed to work reliably, securely, safely and efficiently. The two important features of such a BACS are functional safety and system security (short safety and security) of both the network nodes and the communication protocols. Up to now little effort has been made to specify a life cycle for a safe and secure BACS that defines requirements for the different stages of the product life of a BACS. Special focus is related to the commonalities between the development of safety and security systems to benefit from these commonalities in development.
Not only has the socio‐ and geo‐political climate changed dramatically in the‐last decade, but there has also been a technological sea‐change with the advent of the ‘information revolution’. The potential that these developments have created for differing forms of ‘warfare’ in cyberspace seems unlimited, with ‘cyber‐terrorism’ an apparently logical, outcome. But this potential needs to be approached not in the spirit of futurology and science‐fiction, but with clear‐headed analysis. Here Dr Rathmell brings to bear such an approach in discussing Information Warfare and its potential use by sub‐state groups, looking at the extent of IW techniques, who would use them, how and what categories of activities they, would, be. involved in. Using the case study of the Provisional IRA as a ‘doomsday scenario’, he assesses the threat of strategic infrastructure war‐fare. Dr Rathmell concludes, that as with the rest of society, sub‐state groups have embraced the information revolution, but realising its full potential would require levels of financial and personnel investment unlikely to be achieved soon. What is needed now is a full, pro‐active review of vulnerabilities across the information spectrum to ensure we are fully equipped to meet and outflank this new threat when it does materialise.
Facilities management, according to the International Facilities Management Association (IFMA), is concerned with the design, construction, maintenance, and management of the physical environment as it relates to people and work processes. This definition is very general but includes a number of distinct and interrelated areas. Add to this definition the large amount of space that is involved in the management of tall buildings and it becomes obvious that to manage these large amounts of space effectively, a computerized system that integrates all areas is required.
With Microsoft about to unleash Windows 7, the tiny number of companies still using legacy Windows 98 systems and software is almost certainly going to dwindle still further. It may come as a surprise that there are organisations still using Windows 98 at all. In fact, this is generally limited to one sector – utilities. And paradoxically, this obsolete operating system supports some highly critical operations.
Is cyber-terrorism the threat of the future? The convergence of current conventional wisdoms regarding technological and socio-political developments suggests that it may be. In regard to technology, the ‘Information Mania’ that has swept the US defence establishment since the 1991 Gulf War has now reached European and Asian defence planners. To its acolytes in the defence community, Information Warfare is the paradigm of future war. At the same time, the popular imagination is gripped by the accelerating digitisation of society. As the Internet continues its exponential growth and increasing portions of everyday life go online, the media and public are titillated by the daring exploits of hackers and the ‘digital underground’. Warnings of a catastrophic collapse of national and even global information infrastructures abound, most dramatically in relation to the Year 2000 problem.
Engineering systems are becoming increasingly complex as they address the challenges of the twenty-first century. However the stability of complex systems has long been difficult to determine, and may indeed represent a technological limit. Some systems are both stable and complex, but in others excessive complexity leads to collapse. Collapse may arise from a tradeoff between optimality and resilience. Recent analysis of very large complex systems shows that behind their apparent lack of order are a number of statistical patterns, which perhaps provide the much sought after pointers to system stability. Components with high levels of connectivity to the rest of a given system, and that can induce coherent behaviour across the system, can produce some spectacular collapses. These may be a special weakness introduced by global communication systems.
To what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software.
Nature - the world's best science and medicine on your desktop
The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.
Is this the start of cyber warfare? Nature
- S Weinberg
Weinberg, S., 2011. Is this the start of cyber warfare? Nature, 474, 142–145.
The Scada Challenge BACnet Wide Area Network Security Threat Assessment
- S Gold
Gold, S., 2009. The Scada Challenge. Network Security, (8), 18–20. IEEE. Holmberg, D., 2003. BACnet Wide Area Network Security Threat Assessment. Technical report, National Institute of Standards and Technology, NISTIR 7009, July.
The enemy within. The Atlantic Information model standard for integrating facilities with smart grid
- M Bowden
Bowden, M., 2010. The enemy within. The Atlantic, 23–24 June. Bushby, S.T., 2011. Information model standard for integrating facilities with smart grid. ASHRAE Journal, 53 (11), B18–B22.
Anti-virus software market grows
- A Savvas
Savvas, A., 2007. Anti-virus software market grows. Computer Weekly, 13 July. Siemens, 2011. http://support.automation.siemens.com [Accessed 1 December 2011].
Introducing the series 16 DDC system. Minneapolis: Honeywell Inc. ISID, 2006. Industrial security incident database
- Honeywell
Honeywell, 1965. Introducing the series 16 DDC system. Minneapolis: Honeywell Inc. ISID, 2006. Industrial security incident database. Burnaby: AITG British Columbia Institute of Technology.
Multi-building internet demand-response control system. Environmental Energy Technologies Division News
- A Chen
Chen, A., 2004. Multi-building internet demand-response control system. Environmental Energy Technologies Division News, 5 (1). California: Lawrence Berkeley National Laboratory.