ArticlePDF Available

Cyber threats confronting the digital built environment: Common data environment vulnerabilities and block chain deterrence

Authors:

Abstract

Purpose – Smart cities provide fully integrated and networked connectivity between virtual/digital assets and physical building/infrastructure assets to form digital economies. However, industrial espionage, cyber-crime and deplorable politically driven cyber-interventions threaten to disrupt and/or physically damage the critical infrastructure that supports national wealth generation and preserves the health, safety and welfare of the populous. The purpose of this paper is to present a comprehensive review of cyber-threats confronting critical infrastructure asset management reliant upon a common data environment to augment building information modelling (BIM) implementation. Design/methodology/approach – An interpretivist, methodological approach to reviewing pertinent literature (that contained elements of positivism) was adopted. The ensuing mixed methods analysis: reports upon case studies of cyber-physical attacks; reveals distinct categories of hackers; identifies and reports upon the various motivations for the perpetrators/actors; and explains the varied reconnaissance techniques adopted. Findings – The paper concludes with direction for future research work and a recommendation to utilize innovative block chain technology as a potential risk mitigation measure for digital built environment vulnerabilities. Originality/value – While cyber security and digitization of the built environment have been widely covered within the extant literature in isolation, scant research has hitherto conducted an holistic review of the perceived threats, deterrence applications and future developments in a digitized Architecture, Engineering, Construction and Operations (AECO) sector. This review presents concise and lucid reference guidance that will intellectually challenge, and better inform, both practitioners and researchers in the AECO field of enquiry.
Engineering, Construction and Architectural Management
Cyber threats confronting the digital built environment: Common data
environment vulnerabilities and block chain deterrence
Erika A. Parn, David Edwards,
Article information:
To cite this document:
Erika A. Parn, David Edwards, (2019) "Cyber threats confronting the digital built environment:
Common data environment vulnerabilities and block chain deterrence", Engineering, Construction
and Architectural Management, https://doi.org/10.1108/ECAM-03-2018-0101
Permanent link to this document:
https://doi.org/10.1108/ECAM-03-2018-0101
Downloaded on: 18 March 2019, At: 03:58 (PT)
References: this document contains references to 101 other documents.
To copy this document: permissions@emeraldinsight.com
The fulltext of this document has been downloaded 980 times since 2019*
Users who downloaded this article also downloaded:
(2018),"Valuing sustainable change in the built environment: Using SuROI to appraise built
environment projects", Journal of Facilities Management, Vol. 16 Iss 3 pp. 315-353 <a href="https://
doi.org/10.1108/JFM-11-2016-0044">https://doi.org/10.1108/JFM-11-2016-0044</a>
(2008),"Responsible property investing: what the leaders are doing", Journal of
Property Investment &amp; Finance, Vol. 26 Iss 6 pp. 562-576 <a href="https://
doi.org/10.1108/14635780810908406">https://doi.org/10.1108/14635780810908406</a>
Access to this document was granted through an Emerald subscription provided by
Token:Eprints:JB72U3hvIPDiKsbRfIge:
For Authors
If you would like to write for this, or any other Emerald publication, then please use our Emerald
for Authors service information about how to choose which publication to write for and submission
guidelines are available for all. Please visit www.emeraldinsight.com/authors for more information.
About Emerald www.emeraldinsight.com
Emerald is a global publisher linking research and practice to the benefit of society. The company
manages a portfolio of more than 290 journals and over 2,350 books and book series volumes, as
well as providing an extensive range of online products and additional customer resources and
services.
Emerald is both COUNTER 4 and TRANSFER compliant. The organization is a partner of the
Committee on Publication Ethics (COPE) and also works with Portico and the LOCKSS initiative for
digital archive preservation.
*Related content and download information correct at time of download.
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Cyber threats confronting the
digital built environment
Common data environment vulnerabilities and
block chain deterrence
Erika A. Parn and David Edwards
School of Engineering and the Built Environment,
Birmingham City University, Birmingham, UK
Abstract
Purpose Smart cities provide fully integrated and networked connectivity between virtual/digital assets
and physical building/infrastructure assets to form digital economies. However, industrial espionage, cyber-
crime and deplorable politically driven cyber-interventions threaten to disrupt and/or physically damage the
critical infrastructure that supports national wealth generation and preserves the health, safety and welfare of
the populous. The purpose of this paper is to present a comprehensive review of cyber-threats confronting
critical infrastructure asset management reliant upon a common data environment to augment building
information modelling (BIM) implementation.
Design/methodology/approach An interpretivist, methodological approach to reviewing pertinent
literature (that contained elements of positivism) was adopted. The ensuing mixed methods analysis: reports
upon case studies of cyber-physical attacks; reveals distinct categories of hackers; identifies and reports upon
the various motivations for the perpetrators/actors; and explains the varied reconnaissance techniques adopted.
Findings The paper concludes with direction for future research work and a recommendation
to utilize innovative block chain technology as a potential risk mitigation measure for digital built
environment vulnerabilities.
Originality/value While cyber security and digitization of the built environment have been widely covered
within the extant literature inisolation, scant research has hithertoconducted an holistic review of the perceived
threats, deterrence applications and future developments in a digitized Architecture, Engineering, Construction
and Operations (AECO) sector. This review presents concise and lucid reference guidance that will intellectually
challenge, and better inform, both practitioners and researchers in the AECO field of enquiry.
Keywords Building information modelling, Integrated practice,
Information and communication technology (ICT) applications
Paper type General review
Introduction
We will neglect our cities to our peril, for in neglecting them we neglect the nation - John F. Kennedy
Throughout history, buildings and infrastructure (i.e. physical assetsthat cumulatively
constitute the built environment) have provided secure sanctuaries, protecting inhabitants
from theft and malicious attacks (Toy, 2006). Todays built environment is no exception and
conserves this utilitarian physicality. However, contemporary operations and maintenance
(O&M) works have become increasingly dependent upon an expansive web of cyber-
physical connectivity. Such connectivity has been achieved via an amalgamation of smart
sensor-based network technologies (Lin et al., 2006), advanced computerization (Pärn and
Edwards, 2017) and computational intelligence techniques (Bessis and Dobre, 2014).
Contextualized as virtual assets, the voluminous data and information generated
throughout a physical building/infrastructure assets whole lifecycle (i.e. design,
construction and operations/occupancy phases) constitutes the basis for knowledge
propagation, insightful business intelligence and an invaluable commercial commodity
(Edwards et al., 2017). Intelligence on building/infrastructure asset performance augments
decision making via automated analytics geared towards driving economic prosperity,
Engineering, Construction and
Architectural Management
© Emerald Publishing Limited
0969-9988
DOI 10.1108/ECAM-03-2018-0101
Received 16 March 2018
Revised 8 May 2018
3 June 2018
Accepted 15 June 2018
The current issue and full text archive of this journal is available on Emerald Insight at:
www.emeraldinsight.com/0969-9988.htm
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
business profitability and environmental conservation (Lin et al., 2006; Ryan, 2017). These
palpable benefits have steered government reforms globally towards embedding
digitalization throughout the Architecture, Engineering, Construction and Operations
(AECO) sector a sector that encapsulates the whole lifecycle of an assets design,
construction and subsequent use (Nye, 2017). For example, the UK governments mandated
policy Digital Built Britain 2025represents a prominent epitome of ambitious plans to
coalesce digitized economies and infrastructure deployment (HM Government, 2015). This
strategic vision has been enacted via the building information modelling (BIM) Level 2
mandate to extend the frontiers of digitized asset handover for building and infrastructure
asset owners (HM Government, 2013). BIM has orchestrated a paradigm shift in the way
that information is managed, exchanged and transformed, to stimulating greater
collaboration between stakeholders who interact within a common data environment
(CDE) throughout the building/infrastructure assets whole lifecycle (Eastman et al., 2011).
Adaptation of a CDE for critical infrastructure (i.e. the processes, systems, technologies
and assets essential to economic security and/or public safety) constitutes a key facet of
effective asset digitalization and offers potential long-termlifecycle savings for both
government and private sector funded projects (Bradley et al., 2016). In the short-term,a
precipitous amount of front-loaded government expenditure earmarked to augment
operations management means that a concerted effort has been made to develop accurate
BIM asset information models (AIM) for large infrastructure asset managers (e.g. utility
companies, Highways England, Network Rail, Environment Agency) (BSI, 2014a).
Government policy edict will continue to transform the modus operandi for developing
and maintaining buildings and infrastructure within the smart built environment (Bessis
and Dobre, 2014). However, the proliferation of cyber-physical connectivity inherent within
a CDE has inadvertently created opportunities for hackers and terrorists, and an
omnipresent threat of cyber-crime prevails (Boyes, 2013a) yet surprisingly, extant
literature is overtly sanguine about the conspicuous benefits accrued from digitalization
(BSI, 2014a, b, c; HM Government, 2015). Infrastructure stakeholders (e.g. clients, project
managers and designers and coordinators) are unwittingly confronted by clandestine cyber-
assailants targeting critical infrastructures through a digital portal facilitated by the CDEs
integral networked systems that support O&M activities (Ficco et al., 2017). Curiously,
pertinent literature is replete with examples of public policy considerations that evaluate
critical infrastructure exposed to intentional attacks, natural disasters or physical accidents
(Mayo, 2016). However, the discourse is comparatively silent on substantial cyber-physical
security risks posed by a wholesale digital shift within the AECO sector (Kello, 2013).
Significant risks posed could disrupt the stream of virtual data produced and in turn, have a
profound detrimental impact upon a virtually enabled built environment, leading to physical
interruption and/or destruction of infrastructure assets (e.g. electricity generation) thereby
endangering members of the public.
Given this prevailing worldwide menace, a comprehensive literature review of cyber-
threats impacting upon the built environment, and specifically critical infrastructure, is
conducted. Concomitant objectives are to: report upon case studies of cyber-physical attack
to better comprehend distinct categories of hackers, their motivations and the
reconnaissance techniques adopted; and explore innovative block chain technology as a
potential risk mitigation measure for digital built environment vulnerabilities. The research
concludes with new hypothesis and research questions that will initiate much needed future
investigations and an expanded academic/practitioner discourse within this novel area.
Methodology
The methodology adopted an interpretivist research approach to reviewing extant literature
(Walsham, 1995) that contained elements of positivism, where the latter was founded upon
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
the assumption that published material has already been scientifically verified by a robust
peer review process. A systematic literature review conducted collected and critically
analyzed results emanating from existing studies found within extant literature, where the
literature constituted data and the population frame (Levy and Ellis, 2006). An iterative, four
stage process was implemented that consisted of: a broader review of wider literature to set
the context for this research study; a specific review of cyber-space and cyber-physical
attacks case studies of cyber-attacks extracted from the Repository of Industrial Security
Incidents (RISI) online incident database were reviewed to identify the motivations for
hacking and to delineate and define the various types of hackers (otherwise known as
actors); a componential analysis of literature a mixed methods componential analysis was
conducted to provide a richer understanding of the established, but fragmented, topic of
cyber-crime. A componential analysis is a manual qualitative technique that assigns the
meaning of a word(s) or other linguistic unit(s) to discrete semantic components (Fisher,
2018). In this instance, a cross comparative tabulation matrix of key industries studied and
recurrent emergent themes identified was constructed to present analysis findings; and a
report upon innovative cyber-deterrence techniques an iterative process flow diagram is
utilized to explain how block chaincan be successfully employed to provide superior
protection against ensuing cyber-threats (when compared to encryption and firewalls).
Collectively, this chain of documentary evidence and analysis of such provided a thorough
and holistic contextualization of cyber-threats confronting the digital built environment.
The digital Jacquerie
Globally, an insatiable desire within rural communities for economic migration to cities,
continues to engender an upsurge in urbanization a trend further exacerbated by a
projected 9.7bn population growth by 2050 (UN, 2014a, 2015). For both developed and
developing countries, relentless urbanization presents a complex socio-economic
conundrum and raises portentous political issues such as: deficiencies in health care
provisions (UN, 2014b); lack of resources and malnutrition (UN, 2015); and environmental
degradation and pollution (UN, 2015). These dystopian challenges can be alleviated through,
for example, shrewd allocation of resources via social circumscription measures (UN, 2014b).
However, politicians worldwide have also contemplated the implicit assumption of
technology inertia as an impediment to government reform (cf. Mokyr, 1992). Policies
subsequently developed have responded accordingly by mandating advanced technologies
within smart city development as a panacea to these challenges within the AECO sector a
sector sensu stricto berated for its reluctance to innovate (BSI, 2014a). Despite a notable
disinclination to change, the AECO sector is widely espoused as being a quintessential
economic stimulus (Eastman et al., 2011) significantly contributing to gross domestic
product (HM Government, 2015) and providing mass-labor employment (DBIS, 2013).
Consequently, the AECO sector was a prime candidate for the UK governments BIM Level
2 mandate that seeks to immerse it within a digital economy. Specifically, the Digital Built
Britain report (HM Government, 2015) aspires that:
The UK has the potential to lead one of the defining developments of the 21st century, which will
enable the country to capture not only all of the inherent value in our built assets, but also the data
to create a digital and smart city economy to transform the lives of all.
Within this digital insurgency, critical infrastructures are at the forefront of the UK
governments strategic agenda (Bradley et al., 2016). Unabated advancements in
computerization have widened the capability of decision support to providing appropriate
resolutions to pertinent infrastructure challenges such as: optimizing planning and economic
development (Ryan, 2017); ensuring resilient clean air, water and food supply (Bradley et al.,
2016); and/or safeguarding integrated data and security systems (BSI, 2014a). Throughout the
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
various stages of an infrastructure assets lifecycle this transition is further fortified by BIM
technology and the use of a CDE that can improve information and performance management
(Pärn and Edwards, 2017). The palpable benefits of BIM and CDE extend beyond the design
and construction phases into the operations phase of asset occupancy and use. BIM
technologys innate capability is essential during the assets operational phase which
constitutes up to 80 percent of the overall whole lifecycle expenditure. In congruence with this
statistic, the McNulty (2011) report ambitiously predicts that the potential savings associated
with digital asset management and supply chain management may reach up to £580m
between 2018 and 2019 and will be facilitated through: effective communications; the right
speed of action; a focus on detail and change; and incentives and contractual mechanisms that
encourage cost reduction. For the purpose of this review, digitization is acknowledged to
proliferate throughout all stages of an infrastructure assets lifecycle in a smart cities and
digital economies context; such has potentially severe implications businesses and
governments who may be exposed to cyber-crime and -espionage.
Smart cities and digital economies
The British Standards Institute (BSI, 2014a) defines smart cities as:
The effective integration of physical, digital and human systems in the built environment to deliver
a sustainable, prosperous and inclusive future for its citizens.
Within practice, the term smart cities is a linguistic locution that encapsulates fully
integrated and networked connectivity between digital infrastructure assets and physical
infrastructure assets to form digital economies (BSI, 2014a). A perspicacious hive mentality
is inextricably embedded within smart city philosophy and serves to augment intelligent
analysis of real-time data and information generated to rapidly optimize decisions in a cost
effective manner (Szyliowicz, 2013; Zamparini and Shiftan, 2013). Consequently, smart cities
within the digital built environment form a cornerstone of a digital economy that seeks to
provide more with less; maximize resource availability; reduce cost and carbon emissions
(whole lifecycle); enable significant domestic and international growth; and ensure that an
economy remains in the international vanguard (HM Government, 2015). The unrelenting
pace of digitization worldwide is set to continue with an expected $400bn (US Dollars)
investment allocated for smart city development by 2020; where smart infrastructure will
consist of circa 12 percent of the cost (DBIS, 2013). Yet, despite this substantial forecast
expenditure, scant academic attention has hitherto been paid to the complex array of
interconnected arteries of infrastructural asset management (e.g. roads, ports, rail, aviation
and telecommunications) that provide an essential gateway to global markets (DBIS, 2013).
The omnipresent threat of cyber-espionage and crime
Prior to meticulous review of papers an established understanding of the omnipresent threat
of cyber-espionage and crime is required. The implementation of smart city technologies has
inadvertently increased the risk of cyber-attack facilitated through expansive networked
systems (Mayo, 2016). However, cyber-crime has been largely overlooked within the built
environment and academic consensus concurs that a cavernous gap exists between the state
of security in practice and the achieved level of security maturity in standards (Markets and
Markets, 2014). Security specialists and practitioners operating smart buildings, grids and
infrastructures are said to coexist in a redundant dichotomy. Instead, academic and policy
attention has focused upon either: hypothesized scenarios within international security
studies (e.g. the protection of military, industrial and commercial secrets) (Rid, 2012); policy
planning for cyber-warfare (McGraw, 2013); and/or the safety of computer systems or
networks per se rather than cyber-physical attack (activities that could severely impact
upon nuclear enrichment, hospital operations, public building operation and maintenance
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
and traffic management) (Stoddart, 2016). Threats from cyber-crime have arisen partially
because of the increased adoption rate of networked devices but also as a result of industrys
operational dependency upon IT systems (Boyes, 2013b).
Cyber-criminals are particularly adept at harnessing the intrinsic intangible value of digital
assets (BSI, 2015) and can decipher the digital economy and its intricacies more perceptively
than their counterpart industrialists and businesses that are under attack (Kello, 2013). The
most recent WannaCryransomware attack personified the sophisticated measures deployed
by cyber-criminals in navigating networks and identifying, extracting and monetizing data
found (Hunton, 2012). While the inherent value of digital assets to owners and creators is often
indeterminate, cyber-criminals manipulate data and information to encrypt, ransom or sell it
piecemeal (Marinos, 2016). Several prominent instances of unsecure critical infrastructure
assets being physically damaged by persistent cyber-crime have been widely reported
upon (Peng et al., 2015). These include: the STUXNET worm that disarmed the Iranian
industrial/military assets at a nuclear facility (Lindsay, 2013); and the malware WannaCry
that caused significant damageto the UKs National Health Service patient databases, German
railway operations and businesses globally (Clarke and Youngstein, 2017). Cyber-attacks
remain an omnipresent national security threat to a digital economys prosperity and digital
built environments functionality and safety. Reporting upon a veritable plethora of threats
posed presents significant challenges, as cyber-attacks engender greater anonymity as a
malicious activity (Fisk, 2012). Nevertheless, known cases and revolutionary deterrents will
form the premise upon which this literature review is based.
Cyber-space, cyber-physical attacks and critical infrastructure hacks
In the UK, security analysts from MI5 and MI6 have warned that industrial cyber-espionage is
increasing in prevalence, sophistication and maturity, and could enable an entire shutdown of
critical infrastructure and services including power, transport, food and water supplies
(Hjortdal, 2011). A number of pre-eminent politically driven infrastructure intrusions support
this assertion and serve as illustrative examples that a prediction of a global pandemic may
prove to be distressingly accurate. These intrusions include: the Russian led cyber-attacks on
digital infrastructures (banking, news outlets, electronic voting systems) in Estonia in 2007
(Lesk, 2007); the Chinese led hacking of the US electricity network in 2009 (Hjortdal, 2011); and
the USA led intrusion of Iranian nuclear plant facilities in 2005 (Denning, 2012).
Cyber-space constitutes the global, virtual, computer based and networked environment,
consisting of openand air gappedinternet which directly or indirectly interconnects
systems, networks and other infrastructures critical to societys needs (European
Commission, 2013). Within the vast expanse of cyber-space, Kello (2013) proffers that
three partially overlapping territories coexist, namely: the world wide web of nodes
accessible via URL; the internet consisting of interconnected computers; and the
cyber-archipelagoof computer systems existing in isolation from the internet residing
within a so-called air gap. A CDE hosted on any of the aforementioned territories is
precariously exposed to cyber-physical attack (Figure 1).
Cyber-attack utilizes code to interfere with the functionality of a computer system for
strategic, ambiguous, experimental or political purposes (Nye, 2017). Gandhi et al. (2011)
expand upon this definition, stating that cyber-attack constitutes: any act by an insider or
an outsider that compromises the security expectations of an individual, organization, or
nation.Cyber-attacks can take many forms, for example, from publicized web defacements,
information leaks, denial of service (DoS) attacks, and other cyber actions sometimes related
to national security or military affairs. Cyber-physical attacks can cause disruption or
damage to physical assets thus posing serious threats to public health and safety, and/or the
desecration of the environment (Peng et al., 2015). One of the earliest publicly disclosed
cyber-physical attacks took place during the Cold War period, when a Soviet oil pipeline
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
exploded due to a so-called logic bomb. The NIST (2017) framework for enhancing the
ability of critical infrastructures to withstand cyber-physical attacks proposes that two
distinct dichotomous domains must be secured, namely, information technologies (IT) and
industrial control systems (ICS) (Rittinghouse and Hancock, 2003). Common threats incurred
via IT and ICS include: theft of intellectual property; massive disruption to existing
operations; and destruction, degradation or disablement of physical assets and operational
ability (Szyliowicz, 2013). The European Union Agency for Network and Information
Security outlines multiple common sources of nefarious attacks in its malware taxonomy,
including: viruses; worms; trojans; botnets; spywares; scarewares; roguewares; adwares;
and greywares (Marinos, 2016).
Such attacks are made possible via a huge cyber-attack surface within cyber-space,
where every circa 2,500 lines of code presents a potential vulnerability that is identified by a
hackers reconnaissance (Nye, 2017). Reconnaissance is the first and most important stage
for a successful cyber-attack and seeks to determine the likely strategy for the intrusion
(Marinos, 2016). Strategies vary but prominent methods include: scanning; fingerprinting;
footprinting; sniffing; and social engineering (refer to Table I).
Cyber-attack motivations and cyber-actors and incident analysis
The RISI database contains a comprehensive record of cyber-physical attack incidents
categorized as either confirmed or likely but confirmed (RISI, 2015). However, prominent
commentators contend that attacks are more prevalent than reports suggest and that
victims are often reluctant to disclose malicious cyber-attacks against themselves due to
potential reputational damage being incurred (Reggiani, 2013). Cyber-physical attacks are
therefore shrouded in secrecy by states and private companies, and many states have
already conceded the current digital arms race against a panoply of cyber-actors (or
hackers) including: hacktivists, malware authors, cyber-criminals, cyber-militias,
cyber-terrorists, patriot hackers and script kiddies.
Cyber-actors are frequently classified within one of three thematic categories, namely:
white hats; grey hats; and black hats, where the color of the hat portrays their intrinsic
intentions. White hats are predominantly legitimately employed security researchers who
perform simulated penetration testing hacks to assess the robustness of an organizations
cyber-enabled systems (Cavelty, 2013). They do not have malevolent intentions but rather
LEVELS OF BIM
LOW TO MEDIUM VULNERABILITY MEDIUM TO HIGH VULNERABILITY
BIM
LEVEL 0
LOW
VULNERABILITY
LOW
VULNERABILITY
MEDIUM
VULNERABILITY
HIGH RISK
VULNERABILITY
BIM
LEVEL 1
BIM
LEVEL 2
BIM
LEVEL 3
URL
SQL
SQL DWG XML
DWG XML
INFORMATION
FORMAT 2D CAD 2D CAD+ 3D 3D
LOD 7
ARCHIVED
URL NODES
INTERCONNECTED
COMPUTER
COMPUTER
ARCHIPELAGO
PUBLISHED
SHARED
WORK IN
PROGRESS
LOD 6
LOD 5
LOD 4
LOD 3
LOD 2
LOD 1
INFORMATION
EXCHANGE
PAPER-BASED
COLLABORATION
i
FILE-BASED
COLLABORATION
OBJECT MODEL-BASED
COLLABORATION NETWORK-BASED
COLLABORATION
LOW TO MEDIUM
VULNERABILITY
MEDIUN TO HIGH
VULNERABILITY
Figure 1.
Cyber vulnerabilities
of CDE environment
adapted from BSI
levels of BIM
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Thematic group
Industrial sector Author(s) Journal
National
and global
security
Smart
cities
Critical
infrastructure
Industrial
control
systems
Mobile or
cloud
computing
Digitalization
of built
environment
Percentage frequency across the four journal types 54.7% 40.4% 50% 40.4% 59.5% 28.5%
Architecture, Engineering,
Construction and Owner-
operated (AECO)
Chong et al. (2014) Automation in Construction |||
Howell et al. (2017) Automation in Construction || | |
Kochovski and
Stankovski (2018)
Automation in Construction |||
Fisk (2012) Intelligent Buildings
International
|
Mike (2006) Journal of Facilities
Management
|| |
Eom and Paek (2006) Journal of Information
Technology in Construction
(ITcon)
||
Jaatun et al. (2014) Procedia Engineering ||||
Koo et al. (2015) Procedia Engineering ||||
Nicałand Wodyński
(2016)
Procedia Engineering ||
Wang et al. (2011) Procedia Engineering || |
Percentage frequency in AECO journals 20% 40% 30% 50% 90% 60%
Transport and infrastructure Patel et al. (2009) Communications of the ACM |||
Wang and Lu (2013) Computer Networks || | |
Liu et al. (2012) IEEE, Communications
Surveys & Tutorials
|| |
Jones (2016) IEEE, Engineering &
Technology
|| | | |
Paridari et al. (2016) IEEE, International
Conference on Cyber-Physical
Systems (ICCPS)
||||
Ryan (2017) International Journal of Critical
Infrastructure Protection
|| |
Papa (2013) Transport Policy ||
(continued )
Table I.
Emerging thematic
groups in extant
literature
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Thematic group
Industrial sector Author(s) Journal
National
and global
security
Smart
cities
Critical
infrastructure
Industrial
control
systems
Mobile or
cloud
computing
Digitalization
of built
environment
Reggiani (2013) Transport Policy |
Reniers and Dullaert
(2013)
Transport Policy ||
Szyliowicz (2013) Transport Policy ||
Zamparini and Shiftan
(2013)
Transport Policy |
Percentage frequency in transport and infrastructure journals 54.5% 54.5% 81.8% 27.2% 36.3% 18.1%
Information technology Hunton (2012) Computer Law & Security
Review
|| |
Weber and Studer
(2016)
Computer Law & Security
Review
|| | |
Metke and Ekl (2010) IEEE Transactions on Smart
Grid
||
Tan et al. (2018) IEEE Transactions on Smart
Grid
|| |
Xue et al. (2016) IEEE Trustcom/BigDataSE/
ISPA
|| | |
Ani et al. (2017) Journal of Cyber Security
Technology
|| | | |
Govinda (2015) Procedia Technology || | |
Rasmi and Jantan
(2013)
Procedia Technology ||
Safavi et al. (2013) Procedia Technology |
Shitharth and
Winston (2015)
Procedia Technology || | |
(continued )
Table I.
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Thematic group
Industrial sector Author(s) Journal
National
and global
security
Smart
cities
Critical
infrastructure
Industrial
control
systems
Mobile or
cloud
computing
Digitalization
of built
environment
Percentage frequency in information technology journals 40% 60% 80% 20% 90% 30%
Political science/international
relations
Brantly (2014) Democracy and Security |||
Kello (2013) International Security |
Lindsay (2015) International Security || | | |
Nye (2017) International Security |||
Cavelty (2013) International Studies Review |
Canfil (2016) Journal of International
Affairs
|
Hjortdal (2011) Journal of Strategic Security ||
McGraw (2013) Journal of Strategic Studies ||
Stoddart (2016) Political Science Quarterly ||
Betz and Stevens
(2013)
Security Dialog |||
Lindsay (2013) Security Studies ||
Percentage frequency in political science/international relations journals 100% 9% 18.2% 63.6% 27.2% 9%
Table I.
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
act on behalf of security companies and concomitant public interest (F-Secure, 2014).
Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and act
as vigilantes to puncture prevailing power structures (such as Government) by
embarrassing them with distributed denial of service (DDos) attacks, web defacements,
malware, ransomware and trojans. These hacktivists often dabble with illegal means to
hack but believe that they are addressing a social injustice and/or otherwise supporting a
good cause. Black hats are often affiliated with a criminal fraternity or have other malicious
intent (Cavelty, 2013). These criminals deploy the same tools used by grey and white hat
hackers, but with the deliberate intention to cause harm, vandalism, sabotage, website
shutdown, fraud or other illegitimate activities. Many states have increasingly focused upon
grey hats who have become the new uncontrolled source of hacking (Betz and Stevens,
2013). Table II highlights a number of prominent critical infrastructures hacks extracted
from the RISI database and cross references these against the motivations and cyber-actors.
Blurred lines: governments and civilians
State and non-state actors represent a two pronged source of malicious attacks or threats
facing the AECO sector; motivations for these actors are fueled by various catalysts,
including patriotism, liberal activism, political ideology, criminal intent and hobby interests
(Hjortdal, 2011; Rahimi, 2011). A state is a political entity (government) that has
sovereignty over an area of territory and the people within it (Rahimi, 2011). Within this
entity, state actors are persons who are authorized to act on its behalf and are therefore
subject to regulatory control measures (Betz and Stevens, 2013). A state actors role can be
myriad but often it strives to create positive policy outcomes through approaches such as
social movement coalitions (cf. Stearns and Almeida, 2004). Conversely, non-state actors are
persons or organizations who have sufficient political influence to act or participate in
international relations for the purpose of exerting influence or causing change even though
they are not part of government or an established institution (Betz and Stevens, 2013). Three
key types of legitimate non-state actors exist: intergovernmental organizations such as the
United Nations, World Bank Group and International Monetary Fund, which are established
by a state usually through a treaty (Betz and Stevens, 2013); international non-government
organizations such as Amnesty International, Oxfam and Greenpeace which are non-profit,
voluntary organizations that advocate or otherwise pursue the public good (i.e. economic
development and humanitarian aid) (UN); and multinational corporations who pursue their
own business interests largely outside the control of national states (UN). Illegitimate
non-state actors include terrorist groups and hacktivists acting upon a range of different
motivations including personal gain, digital coercion, malevolence and indoctrination of
others using ideological doctrine (Brantly, 2014). Since the millennium, governments
globally have become increasingly aware of cyber-crime and threats stemming from such
non-state actors. Some of the more notable actors include: Anonymous (Betz and Stevens,
2013); Ghost Net (Hunton, 2012); The Red Hacker Alliance (Fisher, 2018); Fancy Bear
Прикольный медведь(Canfil, 2016); and Iranian Cyber Army (Rahimi, 2011).
However, the boundary delineation between state actors and non-state actors engaging
in cyber-physical attacks has become increasingly blurred (Betz and Stevens, 2013; Papa,
2013). Such attribution has wider implications for the national security of states and
national responsibility for non-state actors who often act on behalf of the state, under
incitement of nationalistic and ideological motivation (Brantly, 2014). Henderson (2008)
aptly describes such blurred lines between governments and civilians by using Chinese
cyber-patriot hackers as an exemplar:
The alliance is exactly who and what they claim to be: an independent confederation of patriotic
youth dedicated to defending China against what it perceives as threats to national pride.
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Standard Title Description
BS ISO/IEC
29100:2011
(ISO, 2011)
Information Technology.
Security Techniques. Privacy
Framework
This standard is applicable to organizations and businesses,
providing a privacy framework for those involved in
specifying, procuring, architecting, designing, developing,
testing, maintaining, administering, and operating
information and communication technology systems or
serviceswith personally identifiable information (PII)
BS ISO/IEC
27001:2013
(ISO, 2013)
Information Technology.
Security Techniques.
Information Security
Management Systems.
Requirements
This international standard provides a framework for the
management of an information security management system
(ISMS) in order to keep digital information assets secure from
cyber-criminal activities and information breaches; it
encompasses procedures for creating, implementing,
operating, auditing and maintaining an ISMS. The standard
can be applied within organizations of any size, nature or type
IET/CPNI
Technical
Briefing
(IET, 2013)
Resilience and Cyber Security
of Technology in the Built
Environment
This document applies to professionals involved in the
development, procurement and operation of intelligent or
smart buildings. The guidance considers the whole building
lifecycle and examines the potential threats to resilience and
cyber security arising from the merging of technical
infrastructure and computer-based systems and their
connection in cyber-space. Case studies are provided plus a
set of 20 critical measures which could be applied to reduce
threats
PAS
555:2013
(BSI, 2013)
Cyber Security Risk.
Governance and Management.
Specification
The specification uses a business-led, outcomes-based
approachwhich studies physical, cultural and behavioral
features alongside technical ones, to aid organizations in
detecting which of their business assets need most protection,
e.g., corporate and customer data, intellectual property, brand
or reputation. The approach can be applied to any size/type of
organization, throughout its business activities
PAS
754:2014
(BSI, 2014c)
Software Trustworthiness.
Governance and Management.
Specification
This document identifies five principles of software
trustworthiness (safety, reliability, availability, resilience and
security) which should be attained when implementing
software on distributed applications in order to reduce the
risks from potential malicious threats. These principles are
based upon four concepts: governance measures; risk
assessment; control application for risk management
(physical, procedural and technical) and a compliance regime
to ensure execution of the first three
IET
Standards
(IET, 2014)
Code of Practice for Cyber
Security in the Built
Environment
This book provides good practice guidance on the need for,
and development of, cyber security strategy and policy
related to a buildings complete lifecycle as an integral part of
an organizations management systems, with particular
emphasis on cyber physically connected building-related
systems. The pertinence of cyber security to each of the
multidisciplinary roles and responsibilities within an
organization is provided
PAS
1192-5:2015
(BSI, 2015)
Specification for Security-
minded Building Information
Modeling, Digital Built
Environments and Smart Asset
Management
This is the first standard published for security minded use of
BIM and digitalization of built assets. Relevant to all owners
and stakeholders of digitally built assets, it assists in
assessing security risks to the asset and implementing
measures to reduce the risk of loss or disclosure of
information which could impact on the safety and security of:
the built asset; personnel and other users of the asset and its
services; and commercial and other asset data and
information
Table II.
Industry standards
and codes of best
practice on cyber
security in the
AECO sector
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
A componential analysis of literature
From an operational perspective, the review protocol sourced published journal materials
contained within Science Direct, Web of Science, Scopus and Research Gate databases.
Keyword search terms used included: cyber security, hacking and any of the following
variations of the word cyber crime/cybercrime/or cyber-crime. Following a comprehensive
review of the journals, four prominent and pertinent clusters of industrial settings were
selected to provide the contextual sampling framework and knowledge base for the
analysis, namely: AECO; transport and infrastructure; information technology; and political
science/international relations. These clusters were selected because they contained the
majority of the journal publications on cyber-crime. Within the clusters, six recurrent
leitmotifs were identified: national and global security; smart cities; critical infrastructure;
ICS; mobile or cloud computing; and digitalization of the built environment. A cross
comparative componential analysis was then conducted (refer to Table III).
The componential analysis reveals: the percentage frequency that each of the identified
thematic groups occur across the four industrial classifications; and the percentage
frequency that each thematic group occurs within each individual industrial classification.
In ascending order of frequency across all four sectors, the most popular discussed topics
were: mobile cloud computing (59.5 percent); national global security (54.7 percent) and
critical infrastructure (50 percent); smart cities (40.4 percent); ICS (40.4 percent); and
digitization of the built environment (28.5 percent). Yet curiously within the AECO sector, an
inordinate amount of effort was input into mobile and cloud computing (90 percent); and
digitization of the built environment (60 percent) while far less attention was paid to critical
infrastructure (30 percent); and national and global security (20 percent). Moreover, none of
the papers reviewed were heavily focused upon expounding the virtues and concomitant
benefits of digitization but were similarly obvious to the omnipresent threat of cyber-crime
posed via the vulnerable CDE portal.
A CDE is commonly established during the feasibility or concept design phases of a
building/infrastructure project (BSI, 2014a, b). An information manager will then manage and
validate the processes and procedures for the exchange of information across a network for
each key decision gateway stage (including: work in progress, shared, published and archive
stages). Cloud-based CDE platforms are ubiquitous but common solutions include: ProjectWise;
Viewpoint (4P); Aconex; Asite; and SharePoint (Shafiq et al., 2013). The internal work flow and
typical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passing
between hosts, or passive manner to transmit specially
created packets to the target machine and analyze the
response (Peng et al., 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering from
a computer system. Prior knowledge of the operating system (OS) is
combined with the use of one of a plethora of readily available tools,
in order to identify and map out potential vulnerabilities on a target
network
Port scan
Network Mapping
Fingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URL
developers by revealing user actions and anonymity. It utilizes the
information collected from a remote computing device for the purpose
of uniquely identifying the device (Formby et al., 2016). Fingerprinting
can be used to identify the OS used on the target system
Footprinting is a process of obtaining as much information about the
target to be hacked as possible by drawing down open source
information from the internet. Footprinting is the most convenient way
of gathering information about a computer system and/or parties such
belong to
Sniffing has been likened to wiretapping and can be used to obtain
sensitive information that is being transferred over a network, such as:
FTP passwords; e-mail traffic; web traffic; telnet passwords; router
configurations; chat sessions; and DNS traffic. “Industrial Control
Systems (ICS)/Supervisory Control and Data Acquisition (SCADA)
sniffing” activites pose an imminent threat to cyber-physical connected
devices in buildings, factories and large industrial plants
Social engineering is an attack vector that relies upon tricking people
into breaking security procedures. Consequently, these are used to
exploit an individual’s weaknesses, typically employees and other
individuals who are familiar with the system. When successfully
implemented, hackers can help obtain information about the targeted
system
Techniques include: port scanning to identify the
available and open ports, DNS enumeration to locate the
domain name server and IP address, and PING sweeping
to map the IP address to a live host (Rittinghouse and
Hancock, 2003)
During footprinting a hacker can use passive or active
means to obtain information such as: domain name; IP
addresses; namespaces; employee information; phone
numbers; e-mails; and job information
“Havex” Malware reported, by F-Secure laboratories, is the
first of its kind since STUXNET and attempts to “sniff”
factory automation gear such as ICS and SCADA systems
(F-Secure Labs, 2014). Anonymized victims have included:
two major educational institutions in France; two German
industrial machine producers; one French industrial machine
producer; and a Russian structural engineering construction
company (F-Secure Labs, 2014)
Two common methods adopted are the physical gaining
of access to a computer through deception or the use of
phishing e-mails, which involves sending personalized
e-mails to targeted employees in an attempt to make them
click malicious links contained within
Table III.
Common
reconnaissance
techniques
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
in a CDE. Integrating BIM (and other file databases, e.g., IFC, GBXML, CSV, DWG, XML)
within a CDE ensures a smooth flow of information between all stakeholders and is specified
and articulated through its levels of development or design (Eastman et al., 2011; Lin and
Su, 2013). The level of design (LOD) is classified on a linear scale ranging from LOD 1 (covering
a conceptual low definitiondesign) to LOD 7 (for an as-built high definitionmodel). With
each incremental increase in LOD, the range and complexity of asset information within models
built begins to swell and the data contained within becomes accessible to an increased amount
of stakeholders. As a consequence, the magnitude of potential cyber-crime also increases and it
is imperative therefore, that effective cyber security deterrence measures are set.
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (also
known as tracebacking or source tracking); where attribution seeks to determine the
identity or location of an attacker or attackers intermediary (Brantly, 2014). Affiliation
further exacerbates attribution rates, for example, nefarious and malicious attacks on
critical infrastructure by non-state patriotactors who proclaim cyber-warfare in the name
of nationalist ideologies can create ambiguity with state actors (Lindsay, 2015). Extant
literature widely acknowledges that states actively recruit highly skilled hackers to
counter-attack other state governed cyber-activities, in particular against critical
infrastructure assets (Thomas, 2009). Yet the paucity of identification or disclosure of
attacker identities has made the hacking culture even more enticing for both non-state
actors and state actors. Whilst network attribution or IP address traceability to a particular
geographical region is possible, lifting the cyber veil to reveal the affiliation between the
attacker and their government remains difficult (Canfil, 2016). In the case of potential threats
to the AECO sector, attribution of industrial cyber-espionage remains an imminent threat
not only to the business in operation but also for the nation state security.
Cyber-deterrence
Cyber-deterrence measures rely largely upon good practice adopted from standards ISO
27001 and ISO 27032 (ISO, 2012, 2013). In the context of the digital built environment (and
specifically BIM), recently published cyber security good practice manual PAS 1198-Part 5
suggests deploying five measures of deterrence: a built asset security manager; a built asset
security strategy; a built asset security management plan; a security breach/incident
management plan; and built asset security information requirements. For other sources of
cyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existing
legislative documentation refer to Table IV.
Other ambiguous guidance notes that refer to taking appropriate mitigation strategies
have largely ignored the increased vulnerability of semantic and geometric information that
is sustained within a BIM (BSI, 2013, 2014c). For example, Institute of Engineering and
Technology (Boyes, 2013b) report, entitled: Resilience and Cyber Security of Technology in
the Built Environment, states that:
Unauthorised access to BIM data could jeopardise security of sensitive facilities, such as banks,
courts, prisons and defence establishments, and in fact most of the Critical National Infrastructure.
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM data
contained within a CDE and the onslaught of cyber-physical connectivity in critical
infrastructures (Liu et al., 2012). Currently, the most common means of deterrence for
cyber-physical connectivity in critical BMS infrastructures is via network segregation (the
firewall) (Mayo, 2016) and secure gateway protection (encryption) for securing from external
threats complicit with ANSI/ISA-99 (ANSI, 2007). However, in a digital economy where over
50bn devices are continuously communicating, neither firewalls nor encryption alone can
guarantee effective cyber security. Hence, a more robust systemic means of data integrity is
required in the digital built environment.
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Block chain a new frontier for cyber-deterrence
Under the alias Satoshi Namamoto, the Bitcoin (crypto currency) was published as the first
block chain application on the internet (Turk and Klinc, 2017). This advancement opened a
springboard of applications that utilize block chain technology to remove third party
distribution of digital assets using peer-to-peer sharing (Turk and Klinc, 2017). While the
majority of current applications have utilized crypto currency and smart contracts, the
applications for digital asset transference seem limitless. Block chains earliest applications
were in economics (Huckle et al., 2016); software engineering (Turk and Klinc, 2017); Internet
of Things (Zhang and Wen, 2016); and medicine (Yue et al., 2016) albeit, more recently
applications within the built environment have been explored (Sun et al., 2016). Block chain
technology has the potential to overcome the aforementioned cyber security challenges
faced in the digital environment, as a result of its distributed, secure and private nature of
data distribution. A positive correlation exists between an increasing number of
collaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peer
environment which thrives and increases in security.
Block chain technology is suitable for sectors with increased risk of: fraud such as
susceptible, crucial infrastructures containing sensitive industrial information that is at risk
from industrial espionage, intermediaries for example, providers of BMS systems and
other IT software vendors hosting sensitive infrastructure asset details; throughput such
as operators updating and sharing asset information in a CDE; and stable data for
instance, data generated for built assets can be utilized for up to 40 years post project
inception. Block chain technology offers better encryption against hacking than any other
current deterrence measures available and is commonly suggested in the cyber security
standards available (Turk and Klinc, 2017).
The application of block chain technology within digital built asset information
exchange is suggested due to its secure framework for data transference. Block chain
technology has been hailed as a hacker/tamper safe ecosystem for digital asset transfers
(Turk and Klinc, 2017). Figure 2 delineates a ten stage process to demonstrate how the
existing functionality of block chain technology can be harnessed in a CDE environment
when sharing sensitive digital information about assets namely: asset information is
securely shared via a network (e.g. URL nodes, interconnected computer networks or an air
Motivation Actor Example
Black Hat Hacktivists USA, 2014 – Power and utilities – Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenance
Poland, 2008 – Transport – A 14-year old Polish student hacked into the tram system, enabling him to change track points in Lodz. 4 trams were
derailed and as a consequence 12 people were injured
USA, 2001 – Petroleum – The network monitoring personal computer (PC) provided a path from the internet, via the company business network,
onto the automation network. This made the company vulnerable to the Code Red Worm, used to deface the automation web pages of a large
oil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cyber
criminals
Ego, personal animosity,
economic gain
Grey Hat
Ambiguous
White Hat
Idealism,
creativity,
respect for the
law
Spain, 2011 – Traffic – Spanair flight 5,022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivors.
Trojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail to
deliver power to the take-off early warning system and detect three technical problems with the aircraft
Iran, 2012 – Petroleum – Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internal
computer systems at Iran’s oil ministry and its national oil company
USA and Europe, 2014 – Energy sector – Operating since 2011, the Dragonfly group has targeted defence and aviation companies in USA
and Canada cyber-espionage with the likely intention of sabotage. In 2013, the group targeted USA and European energy firms, gaining entry
through: spear phishing e-mails, malware, watering hole attacks and infecting legitimate software from three different industrial control systems
(ICS) equipment manufacturers
Canada, 2012 – Energy sector – Telvent Canada Ltd., provider of software and services for remote administration of large sections of the
energy industry, was subject to information theft. Installed malware was used to steal project files related to one of its key products. The digital
fingerprints were traced to a Chinese hacking group (the “Comment Group”), linked to cyber-espionage against Western interests
Iran, 2010 – Nuclear – The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at the
Natanz nuclear plant causing it to be shut down for week. This remains as one of the most profilic cyber-physical attacks in an exemplified
case of government and civilian blurred lines and created a new forefront of cyber militia, becoming the first proclaimed cyber weapon
USA, 2012 – Water/waste management – A former employee of the Key Largo Wastewater Treatment District hacked the company resulting
in modification and deletion of files
Venezuela, 2002 – Petroleum – Venezuela’s state oil company became embroiled in a bitter strike when it was extensively sabotaged by an
employee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada, 2002 – Petroleum – A white hat hacker simulated an attack on a data center security (DCS), where network access to the control local
area network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges. This was accomplished
through the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA, 2014 – Traffic – One of the first hacks on a traffic management system was incurred on road signs in San Francisco, where the signs
were photographed flashing “Godzilla Attack! Turn Back”
Source: Available online at www.risidata.com
Table IV.
Snapshot of cyber-
physical hacking
examples from the
RISI online incident
database
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
gapped internet); asset data (whether a 3D or digital model) are converted into a block which
represent a digital transaction of asset data; stakeholder interaction within a federated CDE
environment will receive a tracked record of the individual transaction created by nodes
sharing the block; block chain miners (usually computer scientists) validate and maintain
the newly created block chain; payment methods for block chain miners vary but a group of
miners enter into a competitive process where the first to validate the block chain receives
payment; the federated block chain environment is approved; the new block is added to the
existing chain of digital transactions to extend the block chain; the digital asset can now be
securely shared upon validation; to hack the network, assailants would need to hack every
single node within the block chain, thus making the task far more difficult; the network of
nodes created by multiple stakeholderstransactions provides a more sophisticated and
secure approach to protecting digital assets when compared to encryption and firewalls.
Herein lies the novelty of this review blockchain technology can offer a potential
framework to future AECO software applications and systems designed to secure the
transfer of sensitive project data in a BIM and CDE environment.
Limitations and future work
Contrary to within the fields of computer science, political science/international relations
and international law, cyber security is far less understood within the AECO sector (Mayo,
2016). Consequently, existing controls are inadequate and poorly managed. Key findings
emanating from these other eminent fields provide invaluable insights into the cyber
security technologies and developments (such as block chain) that can be successfully
transferred and applied to critical infrastructure within the AECO sector to address current
deficiencies (Baumeister, 2010). However, successful practitioner alignment and knowledge
enhancement requires time and investment for additional research and testing of such
concepts (Metke and Ekl, 2010) such exceeded the current confines of this review paper.
Within the international security research realm, the following predispositions have
ASSET NEEDS TO BE
SHARED SECURELY
ASSET IS CONVERTED
INTO A BLOCK
BLOCK IS BROADCAST TO ALL
NODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERS
COMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDED
WITH NEW DIGITAL ASSET
XML DWG
DWG
XML
FEDERATED CDE
ENVIRONMENT APPROVES
BLOCK CHAIN MINER
VALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSET
IS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TO
BE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF
SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2.
Block chain
technology application
with digital built asset
information exchange
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attacks
on critical infrastructure. These limitations require future work, namely:
(1) Improved understanding of motivations an inordinate amount of attention is paid
to cyber-threatsunder the guise of malevolent lines of code. Yet finding a
resolution to the root cause of cyber-crime requires a deeper understanding of the
motivations behind such malicious scripts and attacks.
(2) Address the specific operational threats to bespoke critical infrastructure each
individual critical infrastructure project (e.g. hospitals, nuclear facilities, traffic
management systems) has bespoke operational functionality and hence different
vulnerabilities. Mapping of these vulnerabilities is required as a first step to
developing efficient and effective risk mitigation strategies to better secure assets.
(3) Distinguish between physical destruction and theft literature and standards have
predominantly focused upon data protection within the context of cyber-attack.
However, physical damage has received far less attention even though such could lead
to catastrophic economic damage. Greater distinction between physical destruction
and theft is therefore needed to delineate the scale and magnitude of cyber-crime.
(4) Consolidate greater international governmental collaboration cyber-attacks can
readily cross international borders and national law enforcement agencies often find it
difficult to take action in jurisdictions where limited extradition arrangements are
available. Although standard international agreements have been made on such
issues (cf. the Budapest Convention on Cyber-crime), which seek to criminalize
malevolent cyber-activities, notable signatories (such as China and Russia) are absent.
Far greater cooperation between sovereign states is therefore urgently needed to
develop robust international agreements that are supported by all major governments.
(5) Gauge practitioner awareness future work should seek to identify existing
predispositions and awareness of cyber-attack and cyber-crime amongst AECO
professionals either through in depth interviews or practitioner surveys. Case
studies are also required to measure and report upon contemporary industry
practice and how any cyber-crime incidents were managed.
(6) Proof of concept development and testing of an innovative proof of concept
blockchain application specifically designed for AECO professionals. Such
developmental work would allow the thorough testing of blockchain technology
in practice to confirm or otherwise its effectiveness.
Future work
To reconcile the challenges of future work, researchers and practitioners within the AECO
sector will have to investigate how to adopt cyber-deterrence approaches applied within more
technologically advanced and sensitive industries such as aerospace and automotive. Such
knowledge transference may propagate readily available solutions to challenges posed. Cyber
security awareness and deterrence measures within the BIM and CDE process will help secure
critical infrastructure, developed, built and utilized the challenges and opportunities identified
here require innovative solutions such as block chain technologies to transform standard
industry practice and should be augmented with far greater industry-academic collaboration.
Conclusion
Infrastructure provides the essential arteries and tributaries of a digital built environment
that underpins a contemporary digital economy. However, cyber-attack threatens the
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
availability and trustworthiness of interdependent networked services on both corporate
and national security levels. At particular risk are the critical infrastructure assets (such
as energy networks, transport and financial services) hosted on large networks connected
to the internet (via a CDE) to enable cost-efficient remote monitoring and maintenance.
Any disruption or damage to these assets could have an immediate and widespread
impact by jeopardizing the well-being, safety and security of citizens. To combat the
potential threat posed, greater awareness among AECO stakeholders is urgently
needed; this must include governments internationally and private sector partners
collaborating together to expand upon existing ISO and BIM-related standards for
improved response to a cyber-incident. As well as preventative measures, reactive
national plans are required (i.e. raising cyber security awareness on government funded
BIM projects) to quickly deal with breaches in security and ensure services are provided
with minimum disruption.
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as a
springboard for the wider stakeholder engagement with networked data sharing in a
centralized manner yielding such systems vulnerable for future cyber-physical attacks. The
pinnacle of cyber security research breakthroughs in cryptography have resulted in the
development of decentralized block chain technology. It is hypothesized that block chain
technology offers a novel and secure approach to storing information, making data
transactions, performing functions and establishing trust, making it suitable for sensitive
digital infrastructure data contained in BIM and CDE environment high security
requirements. While block chain applications are largely at a nascent stage of development
within the AECO sector, this review paper has highlighted its novel application to fortify
security of digital assets residing within a BIM and CDE environment thus extending
applications beyond its origins in crypto currency. Future research will be required to prove,
modify or disprove this hypothesis presented. However, block chain alone cannot guarantee
total immunity to cyber-attacks so additional research is required to: understand the
motivations for cyber-attack/crime; identify the specific operational threats to bespoke
critical infrastructure and develop appropriate strategies to mitigate these; develop more
exhaustive international standards (or enhance existing standards) to distinguish between
physical destruction and theft; and establish measures needed to consolidate greater
international governmental collaboration.
References
Ani, U.P.D., He, H. and Tiwari, A. (2017), Review of cybersecurity issues in industrial critical
infrastructure: manufacturing in perspective,Journal of Cyber Security Technology, Vol. 1 No. 1,
pp. 32-74.
ANSI (2007), ISA-99.00.01-2007 security for industrial automation and control systems; part 1:
terminology, concepts, and models, ISA, available at: https://web.archive.org/web/20110312
111418/www.isa.org/Template.cfm?Section=Shop_ISA&Template=%2FEcommerce%
2FProductDisplay.cfm&Productid=9661 (accessed February 9, 2019).
Baumeister,T.(2010),Literature review on smart grid cyber security, collaborative software
development laboratory at the University of Hawaii, available at: www.tbaumeist.com/
publications/LiteratureReviewOnSmartGridCyberSecurity_2010.pdf (accessed February 9, 2019).
Bessis, N. and Dobre, C. (2014), Big Data and Internet of Things: A Roadmap for Smart Environments,
ISBN: 978-3-319-05029-4, Springer International Publishing, London.
Betz, D.J. and Stevens, T. (2013), Analogical reasoning and cyber security,Security Dialogue, Vol. 44
No. 2, pp. 147-164.
Boyes, H. (2013a), Cyber security of intelligent buildings,8th IET International System Safety
Conference Incorporating the Cyber Security Conference,Cardiff.
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Boyes, H. (2013b), Resilience and Cyber Security of Technology in the Built Environment the Institution of
Engineering and Technology, IET Standards Technical Briefing, London, available at: www.
theiet.org/resources/standards/-files/cyber-security.cfm?type=pdf (accessed February 9, 2019).
Bradley, A., Li, H., Lark, R. and Dunn, S. (2016), BIM for infrastructure: an overall review and
constructor perspective,Automation in Construction, Vol. 71 No. 2, pp. 139-152.
Brantly, A.F. (2014), The cyber losers,Democracy & Security, Vol. 10 No. 2, pp. 132-155.
BSI (2013), PAS 555:2013 cyber security risk, Governance and Management Specification, available at:
https://shop.bsigroup.com/ProductDetail/?pid=000000000030261972 (accessed February 9, 2019).
BSI (2014a), PAS 180 Smart Cities, Vocabulary, British Standards Institution, London, available at:
www.bsigroup.com/en-GB/smart-cities/Smart-Cities-Standards-and-Publication/PAS-180-smart-
cities-terminology/ (accessed February 9, 2019).
BSI (2014b), PAS 1192-3 Specification for Information Management for the Operational Phase of Assets
using Building Information Modelling, British Standards Institution, London, available at:
https://shop.bsigroup.com/ProductDetail/?pid=000000000030311237 (accessed February 9, 2019).
BSI (2014c), PAS 754:2014 software trustworthiness: governance and management, Specification,
available at: https://shop.bsigroup.com/ProductDetail/?pid=000000000030284608 (accessed
February 9, 2019).
BSI (2015), PAS 1192-5 (2015) Specification for Security Minded Building Information Modelling,
Digital Built Environments and Smart Asset Management, British Standards Institution,
London, available at: https://shop.bsigroup.com/ProductDetail/?pid=000000000030314119
(accessed February 9, 2019).
Canfil, J.K. (2016), Honing cyber attribution: a framework for assessing foreign state complicity,Journal
of International Affairs, Vol. 70 No. 1, pp. 217-226, available at: www.questia.com/read/1G1-
476843518/honing-cyber-attribution-a-framework-for-assessing (accessed February 9, 2019).
Cavelty, M.D. (2013), From cyber-bombs to political fallout: threat representations with an impact in
the cyber-security discourse,International Studies Review, Vol. 15 No. 1, pp. 105-122.
Chong, H.Y., Wong, J.S. and Wang, X. (2014), An explanatory case study on cloud computing
applications,Automation in Construction, Vol. 44, pp. 152-162.
Clarke, R. and Youngstein, T. (2017), Cyberattack on Britains national health service,New England
Journal of Medicine, Vol. 377, August, pp. 409-411.
DBIS (2013), Smart city market: opportunities for the UK, Department for Business, Innovation and
Skills, BIS Research Papers Ref: BIS/13/1217, DBIS, London, available at: www.gov.uk/
government/publications/smart-city-market-uk-opportunities (accessed February 9, 2019).
Denning, D. (2012), Stuxnet: what has changed?,Future Internet, Vol. 4 No. 3, pp. 672-687.
Eastman, C., Eastman, C.M., Teicholz, P., Sacks, R. and Liston, K. (2011), BIM Handbook: A Guide to
Building Information Modeling for Owners, Managers, Designers, Engineers and Contractors,
ISBN: 978-0-470-54137-1, John Wiley & Sons, Hoboken, NJ.
Edwards, D.J., Pärn, A.E., Love, P.E.D. and El-Gohary, H. (2017), Research note: machinery,
manumission, and economic machinations,Journal of Business Research, Vol. 70, January,
pp. 391-394.
Eom, S.-J. and Paek, J.-H. (2006), Planning digital home services through an analysis of customers
acceptance, ITcon, Vol. 11, Special issue IT in Facility Management, pp. 697-710, available at:
www.itcon.org/2006/49 (accessed February 9, 2019).
European Commission (2013), Cybersecurity Strategy of the European Union: An Open, Safe and Secure
Cyberspace, JOIN 1 Final, European Commission, Brussels, available at: https://eeas.europa.eu/
archives/docs/policies/eu-cyber-security/cybsec_comm_en.pdf (accessed February 9, 2019).
Ficco, M., Choraś, M. and Kozik, R. (2017), Simulation platform for cyber-security and vulnerability
analysis of critical infrastructures,Journal of Computational Science, Vol. 22, September,
pp. 179-186.
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Fisher, R.D. (2018), Cyber warfare challenges and the increasing use of American and European dual-use
technology for military purposes by the peoples Republic of China (PRC), United States House of
Representatives, Committee on Foreign Affairs, Birmingham, available at: http://archives-
republicans-foreignaffairs.house.gov/112/Fis041511.pdf (accessed February 9, 2019).
Fisk, D. (2012), Cyber security, building automation, and the intelligent building,Intelligent Buildings
International, Vol. 4 No. 3, pp. 169-181.
Formby, D., Srinivasan, P., Leonard, A., Rogers, J. and Beyah, R.A. (2016), Whos in control of your
control system? Device fingerprinting for cyber-physical systems,Network and Distributed
System Security Symposium (NDSS),February 26March 1,San Diego, CA.
F-Secure Labs (2014), Havex hunts for ICS and SCADA systems, available at: www.f-secure.com/
weblog/archives/00002718.html (accessed February 9, 2019).
Gandhi, R., Sharma, A., Mahoney, W., Sousan, W., Zhu, Q. and Laplante, P. (2011), Dimensions of
cyber-attacks: cultural, social, economic, and political,IEEE Technology and Society Magazine,
Vol. 30 No. 1, pp. 28-38.
Govinda, K. (2015), Design of smart meter using Atmel 89s52 microcontroller,Procedia Technology,
Vol. 21, pp. 376-380, available at: https://doi.org/10.1016/j.protcy.2015.10.053
Henderson, S. (2008), Beijings rising hacker stars: how does mother China react?, IO Sphere Journal,
Birmingham, February 28, available at: www.noexperiencenecessarybook.com/jplV6/beijing-39-
s-rising-hacker-stars-how-does-mother-china-react.html (accessed February 9, 2019).
Hjortdal, M. (2011), Chinas use of cyber warfare: espionage meets strategic deterrence,Journal of
Strategic Security, Vol. 4 No. 2, pp. 1-24.
HM Government (2013), Building Information Modeling Industrial Strategy: Government and Industry
in Partnership, Government Construction Strategy, London, available at: www.gov.uk/
government/uploads/system/uploads/attachment_data/file/34710/12-1327-building-information-
modelling.pdf (accessed February 9, 2019).
HM Government (2015), Digital Built Britain: Level 3 Building Information Modelling Strategic Plan,
26 February 2015, HM Publications, London, available at: www.gov.uk/government/
publications/uk-construction-industry-digital-technology (accessed February 9, 2019).
Howell, S., Rezgui, Y. and Beach, T. (2017), Integrating building and urban semantics to
empower smart water solutions,Automation in Construction, Vol. 81, September,
pp. 434-448.
Huckle, S., Bhattacharya, R., White, M. and Beloff, N. (2016), Internet of things, blockchain and shared
economy applications,Procedia Computer Science, Vol. 98, pp. 461-466, available at: https://doi.
org/10.1016/j.procs.2016.09.074
Hunton, P. (2012), Data attack of the cybercriminal: investigating the digital currency of cybercrime,
Computer Law & Security Review, Vol. 28 No. 2, pp. 201-207.
IET (2013), Resilience and cyber security of technology in the built environment, Institution of
Engineering and Technology, Birmingham, available at: www.theiet.org/resources/standards/
cyber-buildings.cfm?origin=pr (accessed February 9, 2019).
IET (2014), Code of practice for cyber security in the built environment, Institution of Engineering
and Technology, Birmingham, available at: https://electrical.theiet.org/books/standards/cyber-
cop.cfm? (accessed February 9, 2019).
ISO (2011), ISO/IEC 29100:2011 information technology security techniques privacy framework,
available at: www.iso.org/standard/45123.html (accessed February 2018).
ISO (2012), 27032 Information Technology Security Techniques Guidelines for Cybersecurity,
International Organization for Standardization (ISO), Geneva, available at: www.itgovernance.
co.uk/shop/product/iso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9, 2019).
ISO (2013), 27001 The International Information Security Standard, International Organization for
Standardization (ISO), Geneva, available at: www.itgovernance.co.uk/iso27001 (accessed
February 9, 2019).
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Jaatun, M.G., Røstum, J., Petersen, S. and Ugarelli, R. (2014), Security checklists: a compliance alibi, or a
useful tool for water network operators?,Procedia Engineering, Vol. 70, pp. 872-876.
Jones, L. (2016), Securing the smart city: built environment cyber security,Engineering and
Technology, Vol. 11 No. 5, pp. 30-33, doi: 10.1049/et.2016.0501.
Kello, L. (2013), The meaning of the cyber revolution: perils to theory and statecraft,International
Security, Vol. 38 No. 2, pp. 7-40.
Kochovski, P. and Stankovski, V. (2018), Supporting smart construction with dependable edge
computing infrastructures and applications,Automation in Construction, Vol. 85, January,
pp. 182-192.
Koo, D., Piratla, K. and Matthews, C.J. (2015), Towards sustainable water supply: schematic
development of big data collection using internet of things (IoT),Procedia Engineering,
Vol. 118, pp. 489-497.
Lesk, M. (2007), The new front line: Estonia under cyber assault,IEEE Security & Privacy, Vol. 5
No. 4, pp. 76-79.
Levy, Y. and Ellis, T.J. (2006), A systems approach to conduct an effective literature review in support
of information systems research,Informing Science, Vol. 9, pp. 181-212, available at: http://
inform.nu/Articles/Vol9/V9p181-212Levy99.pdf (accessed February 9, 2019).
Lin, S., Gao, J. and Koronios, A. (2006), Key data quality issues for enterprise asset management in
engineering organisations,International Journal of Electronic Business Management, Vol. 4
No. 1, pp. 96-110, available at: http://ijebm.ie.nthu.edu.tw/IJEBM_Web/IJEBM_static/Paper-V4_
N1/A10-E684_3.pdf (accessed February 2018).
Lin, Y.C. and Su, Y.C. (2013), Developing mobile-and BIM-based integrated visual facility maintenance
management system,The Scientific World Journal, Vol. 2013, 10pp., available at: https://doi.org/
10.1155/2013/124249
Lindsay, J.R. (2013), Stuxnet and the limits of cyber warfare,Security Studies, Vol. 22 No. 3, pp. 365-404.
Lindsay, J.R. (2015), The impact of China on cybersecurity: fiction and friction,International Security,
Vol. 39 No. 3, pp. 7-47.
Liu, J., Xiao, Y., Li, S., Liang, W. and Chen, C.P. (2012), Cyber security and privacy issues in smart
grids,IEEE Communications Surveys & Tutorials, Vol. 14 No. 4, pp. 981-997.
McGraw, G. (2013), Cyber war is inevitable (unless we build security in),Journal of Strategic Studies,
Vol. 36 No. 1, pp. 109-119.
McNulty (2011), Realising the potential of GB Rail final independent report of the rail value for
money study summary report, Department for Transport, London, available at: www.gov.uk/
government/uploads/system/uploads/attachment_data/file/4203/realising-the-potential-of-gb-
rail-summary.pdf (accessed February 9, 2019).
Marinos, L. (2016), ENISA Threat Taxonomy: A Tool for Structuring Threat Information,
European Union Agency for Network and Information Security, Birmingham, available at:
www.enisa.europa.eu/topics/threat-risk-management/threats-and-trends/enisa-threat-
landscape/etl2015/enisa-threat-taxonomy-a-tool-for-structuring-threat-information/view
(accessed February 9, 2019).
Markets and Markets (2014), Smart HVAC controls market by product type, components, application,
operation & geography analysis and forecast to 20142020, Birmingham, available at:
http://goo.gl/Ay2LjI (accessed February 9, 2019).
Mayo, G. (2016), Bas and cyber security: a multiple discipline perspective, in Long, S., Ng, E.-H.,
Downing, C. and Nepal, B. (Eds), Proceedings of the American Society for Engineering Management
2016 International Annual Conference, American Society for Engineering Management, Concord,
NC, available at: www.researchgate.net/publication/309480358_BAS_AND_CYBER_SECURITY_
A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018).
Metke, A.R. and Ekl, R.L. (2010), Security technology for smart grid networks,IEEE Transactions on
Smart Grid, Vol. 1 No. 1, pp. 99-107.
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Mike, T. (2006), Integrated building systems: strengthening building security while decreasing
operating costs,Journal of Facilities Management, Vol. 4 No. 1, pp. 63-71.
Mokyr, J. (1992), Technological inertia in economic history,The Journal of Economic History, Vol. 52
No. 2, pp. 325-338.
Nicał, A.K. and Wodyński, W. (2016), Enhancing facility management through BIM 6D,Procedia
Engineering, Vol. 164, pp. 299-306, available at: https://doi.org/10.1016/j.proeng.2016.11.623
NIST (2017), Framework for improving critical infrastructure cybersecurity, National Institute of
Standards and Technology, Draft Vesion 1.1, January 10, Birmingham, available at: www.google.co.
uk/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&ved=0ahUKEwiq0orLhOHUAhVkBsAKHf
JLB6oQFgg8MAE&url=https%3A%2F%2Fwww.nist.gov%2Fdocument%2Fdraft-cybersecurity-
framework-v11pdf&usg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NA&cad=rjt (accessed
February 9, 2019).
Nye, J.S. (2017), Deterrence and dissuasion in cyberspace,International Security, Vol. 41 No. 3, pp. 44-71.
Papa, P. (2013), US and EU strategies for maritime transport security: a comparative perspective,
Transport Policy, Vol. 28, pp. 75-85.
Paridari, K., Mady, A.E., La Porta, S., Chabukswar, R., Blanco, J., Teixeira, A., Sandberg, H. and
Boubekeur, M. (2016), Cyber-physical-security framework for building energy management
system,ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS), Vienna,
pp. 1-9, doi: 10.1109/ICCPS.2016.7479072.
Pärn, E.A. and Edwards, D.J. (2017), Conceptualizing the FINDD API plug-in: a case study of BIM/FM
integration,Automation in Construction, Vol. 80, August, pp. 11-21.
Patel, S.C., Bhatt, G.D. and Graham, J.H. (2009), Improving the cyber security of SCADA
communication networks,Communications of the ACM, Vol. 52 No. 7, pp. 139-142.
Peng, Y., Wang, Y., Xiang, C., Liu, X., Wen, Z. and Chen, D. (2015), Cyber-physical attack-oriented
Industrial Control Systems (ICS) modeling, analysis and experiment environment,International
Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 322-326.
Rahimi, B. (2011), The agonistic social media: cyberspace in the formation of dissent and consolidation
of state power in postelection Iran,The Communication Review, Vol. 14 No. 3, pp. 158-178.
Rasmi, M. and Jantan, A. (2013), A new algorithm to estimate the similarity between the intentions of
the cyber crimes for network forensics,Procedia Technology, Vol. 11, pp. 540-547.
Reggiani, A. (2013), Network resilience for transport security: some methodological considerations,
Transport Policy, Vol. 28, July, pp. 63-68.
Reniers, G.L.L. and Dullaert, W. (2013), A method to assess multi-modal hazmat transport security
vulnerabilities: hazmat transport SVA,Transport Policy, Vol. 28, July, pp. 103-113.
Rid, T. (2012), Cyber war will not take place,Journal of Strategic Studies, Vol. 35 No. 1, pp. 5-32.
RISI (2015), The repository of industrial security incidents database, Birmingham, available at:
www.risidata.com/Database (accessed February 9, 2019).
Rittinghouse, J. and Hancock, W.M. (2003), Cybersecurity Operations Handbook, Elsevier Science,
Amsterdam, ISBN: 978-1-55558-306-4.
Ryan, D.J. (2017), Engineering sustainable critical infrastructures,International Journal of Critical
Infrastructure Protection, Vol. 17, pp. 28-29.
Safavi, S., Shukur, Z. and Razali, R. (2013), Reviews on cybercrime affecting portable devices,
Procedia Technology, Vol. 11, pp. 650-657.
Shafiq, M.T., Matthews, J. and Lockley, S.R. (2013), A study of BIM collaboration requirements and
available features in existing model collaboration systems,Journal of Information Technology
in Construction (ITcon), Vol. 18, pp. 148-161.
Shitharth, S. and Winston, D.P. (2015), A comparative analysis between two countermeasure
techniques to detect DDoS with sniffers in a SCADA network,Procedia Technology, Vol. 21,
pp. 179-186.
Common data
environment
vulnerabilities
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
Stearns, L.B. and Almeida, P.D. (2004), The formation of state actor-social movement coalitions and
favorable policy outcomes,Social Policy, Vol. 51 No. 4, pp. 478-504.
Stoddart, K. (2016), Live free or die hard: US-UK cybersecurity policies,Political Science Quarterly,
Vol. 131 No. 4, pp. 803-842.
Sun, J., Yan, J. and Zhang, K.Z. (2016), Blockchain-based sharing services: what blockchain technology
can contribute to smart cities,Financial Innovation, Vol. 2 No. 1, pp. 1-26, doi: 10.1186/s40854-
016-0040-y.
Szyliowicz, J.S. (2013), Safeguarding critical transportation infrastructure: the US case,Transport
Policy, Vol. 28 No. C, pp. 69-74.
Tan, S., Song, W.Z., Stewart, M., Yang, J. and Tong, L. (2018), Online data integrity attacks against
real-time electrical market in smart grid,IEEE Transactions on Smart Grid, Vol. 9 No. 1,
pp. 313-322.
Thomas, N. (2009), Cyber security in East Asia: governing anarchy,Asian Security,Vol.5No.1,pp.3-23.
Toy, S. (2006), History of Fortification from 3000 BC to AD 1700 (No. 75), Pen and Sword Military
Classics, Barnsley, ISBN: 1-88415-358-4.
Turk, Ž. and Klinc, R. (2017), Potentials of blockchain technology for construction management,
Procedia Engineering, Vol. 196, pp. 638-645.
UN (2014a), 2014 revision of the world urbanization prospects, Birmingham, available at: https://goo.gl/x
wOSDS (accessed February 9, 2019).
UN (2014b), World urbanization trends 2014: key facts, Statistical Papers United Nations (Ser. A),
Population and Vital Statistics Report, United Nations, New York, NY.
UN (2015), World population projected to reach 9.7 billion by 2050, Birmingham, available at: www.
un.org/en/development/desa/news/population/2015-report.html (accessed February 9, 2019).
Walsham, G. (1995), The emergence of interpretivism in is research,Information Systems Research,
Vol. 6 No. 4, pp. 376-394.
Wang, S., Zhang, G., Shen, B. and Xie, X. (2011), An integrated scheme for cyber-physical building
energy management system,Procedia Engineering, Vol. 15, pp. 3616-3620.
Wang, W. and Lu, Z. (2013), Cyber security in the smart grid: survey and challenges,Computer
Networks, Vol. 57 No. 5, pp. 1344-1371.
Weber, R.H. and Studer, E. (2016), Cybersecurity in the internet of things: legal aspects,Computer
Law & Security Review, Vol. 32 No. 5, pp. 715-728.
Xue, N., Huang, X. and Zhang, J. (2016), S2Net: a security framework for software defined intelligent
building networks, IEEE Trustcom/BigDataSE/ISPA, Tianjin, August 23-26, pp. 654-661.
Yue, X., Wang, H., Jin, D., Li, M. and Jiang, W. (2016), Healthcare data gateways: found healthcare
intelligence on blockchain with novel privacy risk control,Journal of Medical Systems, Vol. 40
No. 10, pp. 218-229.
Zamparini, L. and Shiftan, Y. (2013), Special issue transport security: theoretical frameworks and
empirical applications,Transport Policy, Vol. 28, pp. 61-62.
Zhang, Y. and Wen, J. (2016), The IoT electric business model: using blockchain technology for IoT,
Peer-to-Peer Networking and Applications, Vol. 10 No. 4, pp. 1-12.
Corresponding author
Erika A. Parn can be contacted at: erikaparn@gmail.com
For instructions on how to order reprints of this article, please visit our website:
www.emeraldgrouppublishing.com/licensing/reprints.htm
Or contact us for further details: permissions@emeraldinsight.com
ECAM
Downloaded by Ms erika parn At 03:58 18 March 2019 (PT)
... Due to the risks and challenges outlined above, construction companies are significantly vulnerable to cyberattacks (Doss and Saul Ewing Arnstein & Lehr LLP, 2019;Mantha et al., 2020Mantha et al., , 2021Mantha and García de Soto, 2019;Pärn and Edwards, 2019;Pärn and García de Soto, 2020;Richey and Sawyer, 2015) and should be proactive in implementing strategies and educating employees to secure data. However, the reality is that awareness and investment in high-level security in the industry are still very low, making this industry susceptible and particularly attractive to hackers (Ghadiminia et al., 2021;Mohamed Shibly and García de Soto, 2020). ...
... Blockchain can also be used to share sensitive digital information of an asset in a CDE environment, limiting unauthorized redistribution of data and, therefore, making collaborative workflows more secure. The asset data (e.g., a BIM object) can be validated by or converted into a block representing a digital transaction, and there can be stakeholder interaction within a federated project in the CDE environment as they receive a track record of the individual transaction created by the nodes sharing the block (Pärn and Edwards, 2019). Erri Pradeep et al. (2021) focused on the potential cybersecurity improvements in data exchange systems in construction networks that blockchain can provide. ...
... Doss and Saul Ewing Arnstein & Lehr LLP, 2019;Gambill and Giszczak, 2017;Jones, 2016;Mantha et al., 2021;Mantha and García de Soto, 2019;Pärn and Edwards, 2019) and should be considered by all of the stakeholders and project participants. ...
Article
Full-text available
One of the key concepts of Construction 4.0 is cyber-physical systems. The construction industry is increasingly creating valuable digital assets, but it is also gradually using digital technology to plan, design, build, monitor, and control the physical ones. This makes construction sites and operations vulnerable to cyber-attacks. While the damage to digital assets can have financial implications, attacks on digitally-controlled physical assets may impact people's well-being and, in worst-case scenarios, result in casualties. The problem is amplified by the emerging cyber-physical nature of the systems, where the human checks may be left out. The construction industry could draw inspiration from the work done in critical infrastructures (CI). Construction is the prelude of any socio-technical asset tagged as a CI. While most assets may not be critical in the CI sense, they are essential to a business' operations and the people directly or indirectly associated with them. This study presents a literature review on the previous CI protection (CIP) efforts and construction cybersecurity studies to show their synergy. Recommendations based on well-established CIP processes to make construction more cyber-secure are provided. It is expected that this study will create awareness about cybersecurity practices within the construction industry. Ongoing work includes understanding where construction stands and developing a framework to address cybersecurity throughout the different project phases.
... Aside from the cost associated with training, the cost of acquiring and maintaining digital technologies has also been noted as a crucial deterring factor, especially in developing countries riddled with small and medium organisations that struggle financially [2,40,48,49]. The construction industry has, over time, been berated for its slow adoption of technologies required for the successful delivery of construction products [50]. ...
... Since the VM process is rooted in properly gathering and analysing information, ensuring that the information is safe and retrieved correctly is important. As such, the issue of data insecurity that has characterised most digital tools [29,50,62] can serve as a severe drawback for the deployment of these technologies in the VM process. ...
... This culture is the belief and assumptions that shape the behaviour of the individuals and their understanding of the role of the technology being introduced [64]. Past studies have noted that the construction industry has a poor digital culture [50,62]. However, the improvement in the embrace of technological advancement within the industry as a whole will drive the use of digital tools in VM practices. ...
Article
Full-text available
In the quest to promote constant value for money, value management (VM) has been proposed and adopted within the construction industry of countries across the world. To improve the VM process for a more effective outcome, pervasive digital technologies can be employed throughout a project and in the VM process. However, developing countries like South Africa are still lagging in using these emerging technologies. Therefore, this study assessed the digital technologies that can improve the VM process and the barriers hindering their usage within the construction industry. The study adopted a postpositivism philosophical stance with a questionnaire used to gather quantitative data from construction professionals that have participated in VM exercises within the South African construction industry. The data gathered were analysed using mean item score, standard deviation, the Kruskal-Wallis H-test, multiple linear regression and exploratory factor analysis. The study found with high predictive accuracy that digital technologies such as computer-based software, BIM, mobile devices, electronic meeting tools, cloud computing, augmented and virtual realities will significantly impact the overall success of VM practices. Furthermore, the barriers to the effective deployment of these technologies in the VM process can be categorised into (1) cost and awareness, (2) complexities of the VM and digital tools, (3) the construction industry’s digital culture, and (4) the availability of technology and expertise. This study provides a theoretical backdrop for future studies exploring the use of digital technologies for VM practices—an aspect that has not gained significant attention in VM discourse in the construction industry.
... Networking, data communication and message encrypting are several areas where certain kind of information can be transmitted among nodes in the network.The wormhole, virus, malware, SQL and cryptographic are various examples of cyber threats that are again divided into various types of threats. Generally, cyber attacks are difficult to detect and stop but one can be safe by following some required practices, such as by training individuals in how cyber crimes work, updating antivirus and antispyware software, using firewalls with adequate policies, updating operating system patches, backing up information, ensuring physical security, securing WiFi connections, providing separate accounts for all users, limiting access to the information, regular password changing, etc. [5,6]. Following these practices is not the only solution but it can reduce the danger of cyber attacks. ...
Article
Full-text available
Smart social systems are ones where a number of individuals share and interact with each other via various networking devices. There exist a number of benefits to including smart-based systems in networks such as religions, economy, medicine, and other networks. However, the involvement of several cyber threats leads to adverse effects on society in terms of finance, business, liability, economy, psychology etc. The aim of this paper is to present a secure and efficient medical Internet of Things communication mechanism by preventing various cyber threats. The proposed framework uses Artificial Intelligence-based techniques such as Levenberg–Marquardt (LM) and Viterbi algorithms to prevent various social cyber threats during interaction and sharing of messages. The proposed mechanism is simulated and validated with various performance metrics compared with the traditional mechanism.
... A recent challenge in the integration of BIM is cybersecurity (Boyes, 2014). The need for security measures is growing, especially as the number of people involved in a collaborative work environment increases (Parn & Edwards, 2019). PAS 1192-5:2015(BSI, 2015 states: "The employer or asset owner shall appreciate that in respect of a built asset, a holistic approach needs to address security around the aspects of people and process, as well as physical and technological security". ...
Article
Full-text available
Digitalisation of the construction industry is exposing it to cybersecurity risks. All phases of construction can be affected. Particularly vulnerable are information-intensive phases such as building design and building operation. Construction is among the last industries that are discovering its cybersecurity risks and can rely on frameworks developed for other contexts. In this paper, we evaluate the cybersecurity risks of the design phase of construction using the Cyber Assessment Framework from the National Cybersecurity Centre (NCSC) of the UK. The goal of this study is twofold. First, to examine cybersecurity risks themselves, and second, to evaluate the applicability of the NCSC framework for construction to see if and how construction is specific. The analysis shows that the cybersecurity risks follow the information impact curve that has been motivating the introduction of Building Information Modelling (BIM). The framework is applicable but is weak in addressing the specifics of the construction industrial ecosystem, which involves a multitude of dynamically connected actors, their overlapping authorities, and conflicting motives. It is suggested that a specialized constructionrelated framework should be developed.
... In the use of BIM for construction processes, the architectural design process has been the primary benefactor in terms of implementation as the BIM ecosystem allows for the incorporation of different architectural design software to achieve the desired project design in 2D or 3D formats (Dakhli, Lafhaj, and Mossman 2019;Nawari and Ravindran 2019a;Zheng et al. 2019). BIM 360 has been adopted in some developed countries for project managing construction projects which centre around information management (Bilal et al. 2015;Hilal, Maqsood, and Abdekhodaee 2019;Li, Greenwood, and Kassem 2019;Parn and Edwards 2019;Wang and Jim 2012). With the introduction of blockchain technology into BIM, information management will be easier and more secure so that transparency in construction professionals coordination can be achieved. ...
Article
Blockchain technology has gained attention across the globe within the last 10 years and has taken centre stage in the financial technology sector. Even though innovation that applies to the construction industry is sometimes different from what is obtainable in other sectors, they share the same unique features. Therefore, this makes blockchain technology relevant to the built environment. This study aims to assess the research studies carried out on blockchain technology in the built environment domain in a bid to draw knowledge from the present focus of these studies while identifying research gaps for future studies. To achieve this, a scientometric review was carried out, and SCOPUS database was searched for studies related to blockchain technology in the built environment. The retrieved documents showed the first publication on this study area was made in 2017. Hence, this study covered research publications from 2017 to 2021. The findings revealed that most of these studies are not experimental as they only rely on literature from other sectors to draw conclusions for the built environment. The study further revealed that most of the publications in this domain are from the USA, Australia, India and the United Kingdom with only two publications from the African continent. This shows a research gap that can be explored from the African perspective. From the cluster analysis, research in this domain has focused primarily on blockchain technology components and only a few practical fields of its application. It was thus recommended that experimental and case study research should be carried out on its application in asset management and transfer, smart city development, land use, data/information management, cyber-physical systems, among others. Practically, the study highlighted blockchain technology usefulness in promoting social and economic sustainability of the built environment through its different applicabilities.
... Moreover, there is great potential for blockchain in the banking industry to enhance transparency and security of financial transactions has explored its applications. Parn and Edwards [35] proposed the integration of blockchain into the common data environment (CDE) to automate record changes in the status of documents and represent all information as a set of verified blocks. Shojaei et al. [36] examined the blockchain's validity to develop construction contracts by converting clauses to smart contract functions. ...
Article
Full-text available
This paper proposes a novel interconnected financial management system based on Hyperledger fabric and chaincode solutions to address endemic problems with financial management practices adopted within construction projects. Increasingly complex construction projects have necessitated a corresponding evolvement of financial management tools and systems to augment security and control. A decentralised financial management system is introduced to deal with all financial tasks across various construction stages using blockchain technology. Under different delivery approaches and payment methods, the proposed system enables parties to record/invoke their transactions safely and automatically, with no third party involvement. Moreover, the proposed approach allows non-owner parties to control remaining financial rights during the Defects Liability Period (DLP) automatically through a pre-agreed endorsement policy. The proposed system is tested on a real-life case project, where results corroborate its ability and workability in providing a secure and scalable platform for all project parties.
Conference Paper
Full-text available
This case study researches a non-invasive forensic approach in order to identify anomalies related to the production and presence of antagonistic components operating in the maritime sector. In accordance with the internal and external consistency that regulates the port development plans, the cyber threat has recently obtained its own acknowledgment within the Port Facility Security Plans (PFSPs), as sealed in principle by the EU Directive 2005/65, becoming key to the Operators of Essential Services (OES). The study is focused on the spectral emissivity of non-contact, active, and Non-Destructive Techniques (NDT), ground and aerial, to be implemented in conjunction with histogram equalizations, transform waveforms, and segmentation image analysis following object detection by template matching. The hyper-parameterization overcomes the environmental limits that easily occur in likely electronic warfare scenarios. According to an emerging bibliography on the subject of modern strategic-military conception for Port Security Authorities (PSAs), a cyber-physical system (CPS) is strictly addressed to the emissivity of the physical theory of semiconductors in the matter of smart-grid. Due to Electronic Data interchange (EDi), which mostly consists of volatile and unidentifiable stress agents in the digital environment, the malicious drivers are often under-recognized, i.e. non-IP based networking, that requires an urgent response in order to prevent alteration of the Internet of Things (IoT) supply-chain devices, by downgrading their performances or taking possession of their maneuverability. To entrust controllability, unmanned solutions can deliver immediate enforcement with the addition of infrared cameras, to detect electronic agents that cast suspicion and predict breaches across the latest Building Information Model (BIM) levels, all at a safe distance. In defense of water-space, harbor infrastructure pitfalls have demonstrated the upcoming necessity of adopting simultaneous strategies, jointly with private stakeholders and the Departments of Transport (DfT), that corresponds to the critical domain and require adaptation of usage according to international codes of behavior of safety. Sea-surface domain has been gradually analyzed and addressed as a physical area of interest due to its unique phenomena. The research proposes: (1) a set of multi-scalar parametric evaluations, (2) an in-depth theory dissertation, (3) a versatile open-source strategy, and (4) a risk-management implementation concerning maritime cyber security. Due to the limits of research, the author has included a list of references that are susceptible to adaptation to the engaged novel open-source solutions, within the cited optimizations for the Green Build System of the Build Information Model (BIM) techniques. Moreover, because of Unmanned and Infrared systems cost, the work-study implements a licensed aerial dataset for research and a thermal ground camera possessed by the author. Port Authorities are critical non-flying zones whose maneuverability is not granted unless specific designations. The licensed dataset reconciles this missing opportunity, by including specific urban issues and infrastructures.
Article
Digitisation is gaining importance with 3D workflow for architecture-specific annotation of built heritage. The objective is to use the Building Information Modeling (BIM) methodology in order to carry out a study of alternatives of impact on environmental sustainability associated with the potential allergenicity with green infrastructure on a new housing, located in Mérida (SW Spain). It is intended to simulate the meteorology (direction and speed of the wind) in the study city with the compass rose for 18 years (2003−2020) to assess the meteorological pattern associated with the wind on the studied housing. 3 green infrastructure garden alternatives (considering 5 ornamental species of cypress trees) were designed to evaluate the potential impact of allergenicity on the housing. AIROT index was applied to project the results on the frontage of the housing. This index was developed in the field of large areas of urban environments. The calculation was carried out in the most exact way possible in specific sections of the frontage of the housing and automatically with tools associated with the BIM environment (such as Autodesk Revit, Dynamo, Enscape, Wrplot and Bim One) to the discipline of Architecture (such as Autodesk Autocad and Autodesk Flow Design). The obtained results were applied to evaluate 3 scenario designs, trying to minimize the potential exposure to urban green infrastructure (focus on cypress trees) in this current project, and offering a health reference guide in future projects, from the design phase considering appropriate measures and proposing recommendations.
Article
This article provides a detailed introduction to China's launching of a digital currency. We conduct a comparative analysis concerning whether digital currency is a more stable and reliable currency than cryptocurrency and investigate whether a digital renminbi (or yuan) could replace the US dollar as a medium of exchange in international transactions. China has gained a first-mover advantage by rolling out a central bank digital currency (CBDC). But the outcome will depend on the US response as well as the future evolution of the US and Chinese economies. Most other articles on this topic focus on domestic use of the Chinese CBDC. But this study is unique in analyzing the prospects of a digital renminbi as a replacement for the US dollar in international commerce.
Article
Full-text available
Blockchain technology enables distributed, encrypted and secure logging of digital transactions. It is the underlying technology of Bitcoin and other cryptocurrencies. Blockchain is expected to revolutionize computing in several areas, particularly where centralization was unnatural and privacy was important. In the paper, we present research on where and how this technology could be useful in the construction industry. The work is based on the study of literature on open issues that exist in construction process management. These are than matched to the capabilities of blockchain. We are motivated by the fact that construction projects involve a dynamic grouping of several companies. We study the degree to which the relationships among them are hierarchical or peer-to-peer and note that particularly in information intensive phases, centralization of information management was necessary because of technology. When using un-constraining technology, communication patterns among participants show a peer-to-peer nature of the relationships. In such environment, blockchain can provide a trustworthy infrastructure for information management during all building life-cycle stages. Even if building information modelling (BIM) is used, which assumes a centralized building information model, there is a role for blockchain to manage information on who did what and when and thus provide a basis for any legal arguments that might occur. On the construction site blockchain can improve the reliability and trustworthiness of construction logbooks, works performed and material quantities recorded. In the facility maintenance phase, blockchain's main potential is the secure storage of sensor data which are sensitive to privacy. We conclude that blockchain provides solutions to many current problems in construction information management. However, it is more likely that it will be built into generic IT infrastructure on top of which construction applications are built, rather than used directly by authors of construction related software. It has a potential to make construction processes less centralized which opens needs for research in that direction.
Article
Full-text available
The progressive advances in information and communication technology have lend modern critical infrastructures to become more and more complex and interconnected, and in continuous evolution. The increasing complex interrelation among such critical systems creates new security vulnerabilities, which can be exploited by malicious users to compromise sensible data and other systems also very far from the impact zone. Identifying and analyzing these complex interactions represent a challenge to the evaluation of the real vulnerability of each critical system. On the other hand, the evaluation of this complex and large-scale systems requires expensive and sophisticated modeling practices, simulation tools, and experimentation infrastructure. Therefore, we present a hybrid and distributed simulation platform for cyber-security analysis of large-scale critical infrastructure systems. It enables testers to assemble complex and distributed experimental scenarios in the cloud, by integrating different simulated environments, on which perform sophisticated vulnerability analysis, by exploiting penetration testing and monitoring facilities.
Article
Full-text available
Current urban water research involves intelligent sensing, systems integration, proactive users and data-driven management through advanced analytics. The convergence of building information modeling with the smart water field provides an opportunity to transcend existing operational barriers. Such research would pave the way for demand-side management, active consumers, and demand-optimized networks, through interoperability and a system of systems approach. This paper presents a semantic knowledge management service and domain ontology which support a novel cloud-edge solution, by unifying domestic socio-technical water systems with clean and waste networks at an urban scale, to deliver value-added services for consumers and network operators. The web service integrates state of the art sensing, data analytics and middleware components. We propose an ontology for the domain which describes smart homes, smart metering, telemetry, and geographic information systems, alongside social concepts. This integrates previously isolated systems as well as supply and demand-side interventions, to improve system performance. A use case of demand-optimized management is introduced, and smart home application interoperability is demonstrated, before the performance of the semantic web service is presented and compared to alternatives. Our findings suggest that semantic web technologies and IoT can merge to bring together large data models with dynamic data streams, to support powerful applications in the operational phase of built environment systems.
Book
This book presents current progress on challenges related to Big Data management by focusing on the particular challenges associated with context-aware data-intensive applications and services. The book is a state-of-the-art reference discussing progress made, as well as prompting future directions on the theories, practices, standards and strategies that are related to the emerging computational technologies and their association with supporting the Internet of Things advanced functioning for organizational settings including both business and e-science. Apart from inter-operable and inter-cooperative aspects, the book deals with a notable opportunity namely, the current trend in which a collectively shared and generated content is emerged from Internet end-users. Specifically, the book presents advances on managing and exploiting the vast size of data generated from within the smart environment (i.e. smart cities) towards an integrated, collective intelligence approach. The book also presents methods and practices to improve large storage infrastructures in response to increasing demands of the data intensive applications. The book contains 19 self-contained chapters that were very carefully selected based on peer review by at least two expert and independent reviewers and is organized into the three sections reflecting the general themes of interest to the IoT and Big Data communities: Section I: Foundations and Principles Section II: Advanced Models and Architectures Section III: Advanced Applications and Future Trends The book is intended for researchers interested in joining interdisciplinary and transdisciplinary works in the areas of Smart Environments, Internet of Things and various computational technologies for the purpose of an integrated collective computational intelligence approach into the Big Data era.
Article
The Internet of Things (IoT) such as the use of robots, sensors, actuators, electronic signalization and a variety of other Internet enabled physical devices may provide for new advanced smart applications to be used in construction in the very near future. Such applications require real-time responses and are therefore time-critical. Therefore, in order to support collaboration, control, monitoring, supply management, safety and other construction processes, they have to meet dependability requirements, including requirements for high Quality of Service (QoS). Dependability and high QoS can be achieved by using adequate number and quality of computing resources, such as processing, memory and networking elements, geographically close to the smart environments. The goal of this study is to develop a practical edge computing architecture and design, which can be used to support smart construction environments with high QoS. This study gives particular attention to the solution design, which relies on latest cloud and software engineering approaches and technologies, and provides elasticity , interoperability and adaptation to companies' specific needs. Two edge computing applications supporting video communications and construction process documentation are developed and demonstrate a viable edge computing design for smart construction.
Article
The recent ransomware attack exposed physicians’ relative lack of consideration of the harm that could befall patients in such a crisis. We need to educate ourselves about this emerging threat and demand that our software is as up to date as the medicines we prescribe.
Article
This research paper reports upon a client driven approach to iteratively develop the FinDD application programming interface (API) plug-in. FinDD integrates building information modelling (BIM) and facilities management (FM) via the novel development and application of totems. Totems visualise rich semantic FM data in a 3D object to extend the use and application of COBie thereby minimising costs incurred by the FM team to update and maintain the as-built BIM. Participatory action research was used to develop the proof of concept and involved a study of two multi-storey, mixed-use educational buildings (with a contract value worth ≥£150 million UK Sterling) located within Birmingham, UK. The lead researcher worked for the client's estates department and was instrumental in liaising with members of the project management team, synthesising their semantic data requirements and developing the FinDD API plug-in for Autodesk Revit. Research findings reveal that whilst FinDD was positively received as a bespoke extension of COBie (that was tailored to specifically meet client needs), further development is required to mitigate software inflexibility and augment automation of semantic data transfer, storage and analysis. Future work will validate the API plug-in via user experience and integrate additional databases such as post occupancy evaluations (POE).
Article
Understanding deterrence and dissuasion in cyberspace is often difacult because our minds are captured by Cold War images of massive retaliation to a nuclear attack by nuclear means. The analogy to nuclear deterrence is misleading, however, because many aspects of cyber behavior are more like other behaviors, such as crime, that states try (imperfectly) to deter. Preventing harm in cyberspace involves four complex mechanisms: threats of punishment, denial, entanglement, and norms. Even when punishment is used, deterrent threats need not be limited to cyber responses, and they may address general behavior as well as speciac acts. Cyber threats are plentiful, often ambiguous, and difacult to attribute. Problems of attribution are said to limit deterrence and dissuasion in the cyber domain, but three of the major means—denial by defense, entanglement, and normative taboos—are not strongly hindered by the attribution problem. The effectiveness of different mechanisms depends on context, and the question of whether deterrence works in cyberspace depends on “who and what.” Not all cyberattacks are of equal importance; not all can be deterred; and not all rise to the level of signiacant national security threats. The lesson for policymakers is to focus on the most important attacks and to understand the context in which such attacks may occur and the full range of mechanisms available to prevent them.