1 A Critical Review of Cyber -Physical Security for Building Automation Systems
2025-04-30
0
0
1.7MB
38 页
10玖币
侵权投诉
1
A Critical Review of Cyber-Physical Security for Building
Automation Systems
Guowen Lia, Lingyu Renb, Yangyang Fua, Zhiyao Yanga, Veronica Adetolac, Jin Wend, Qi Zhue, Teresa
Wuf,g, K. Selcuk Candanf,h, Zheng O’Neilla,*
a J. Mike Walker’66 Department of Mechanical Engineering, Texas A&M University, College Station, TX, USA
b Raytheon Technologies Research Center, East Hartford, CT, USA
c Pacific Northwest National Laboratory, Richland, WA, USA
d Department of Civil, Architectural, and Environmental Engineering, Drexel University, Philadelphia, PA, USA
e Department of Electrical and Computer Engineering, Northwestern University, Evanston, IL, USA
f School of Computing and Augmented Intelligence, Arizona State University, AZ, USA
g ASU-Mayo Center for Innovative, Arizona State University, AZ, USA
h Center for Assured and Scalable Data Engineering, Arizona State University, AZ, USA
Abstract
Modern Building Automation Systems (BASs), as the brain that enable the smartness of a smart building,
often require increased connectivity both among system components as well as with outside entities, such
as the cloud, to enable low-cost remote management, optimized automation via outsourced cloud analytics,
and increased building-grid integrations. As smart buildings move towards open communication
technologies, providing access to BASs through the building’s intranet, or even remotely through the
Internet, has become a common practice. However, increased connectivity and accessibility come with
increased cyber security threats. BASs were historically developed as closed environments with limited
cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that
may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected
equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical
security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive
and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection
& defense approaches, and cyber resilient control strategies is currently lacking in the literature. This
review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for
BASs at three levels in commercial buildings: management level, automation level, and field level. The
general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols
(i.e., BACnet, KNX, LonWorks, and Modbus) are reviewed, followed by a discussion on four attack
targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal
corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense
approaches are identified at the three levels. Cyber resilient control strategies for BASs under attack are
categorized into passive and active resilient control schemes. Open challenges and future opportunities
are finally discussed.
Keywords: Cyber-physical Security; Cyber Attacks; Cyber Vulnerabilities; Attack Detection and Defense;
Resilient Control; Building Automation Systems
2
Nomenclature
AEAD
Authenticated Encryption with
Associated Data
LAN
Local Area Network
AHU
Air Handling Unit
IDS
Intrusion Detection System
ANN
Artificial Neural Networks
IoT
Internet of Things
ASHRAE
American Society of Heating,
Refrigerating and Air Conditioning
Engineers
IP
Internet Protocol
ATT&CK
Adversarial Tactics, Techniques, and
Common Knowledge
IPSec
Internet Protocol Security
BACnet
Building Automation and Control
Networking Protocol
IT
Information Technology
BACnet/S
C
BACnet Secure Connect
MPC
Model Predictive Control
BASs
Building Automation Systems
MIMO
Multiple-Input–Multiple-Output
BMSs
Building Management Systems
MITM
Man-In-The-Middle
CPSs
Cyber-Physical Systems
OSI
Open Systems Interconnection
CTD
Cyber Threat Dictionary
OT
Operational Technology
DoS
Denial of Service
SCADA
Supervisory Control And Data
Acquisition
DDoS
Distributed Denial of Service
SMPC
Stochastic Model Predictive Control
FDD
Fault Detection and Diagnosis
SQL
Structured Query Language
FTCS
Fault-Tolerant Control System
SSL/TLS
Secure Sockets Layer and Transport
Layer Security
GAN
Generative Adversarial Networks
SSS
Sub-keyword Synonym Searching
GEBs
Grid-interactive Efficient Buildings
TCP
Transmission Control Protocol
HIL
Hardware-In-the-Loop
NIST
National Institute of Standards and
Technology
HVAC
Heating, Ventilation, and Air
Conditioning
OSI
Open Systems Interconnection
ISP
Internet Service Provider
VPN
Virtual Private Network
ISRA
Information Security Risk Analysis
WAN
Wide Area Network
KPI
Key Performance Index
XSS
Cross-Site Scripting
1. Introduction
According to the Intelligent Building Institute of the United States, an Intelligent Building (or Smart
Building) is one that “provides a productive and cost-effective environment through optimization of its
four basic elements including structures, systems, services and management and the interrelationships
between them (Wigginton & Harris, 2013).” Building Automation System (BAS) serves as the brain for
intelligent buildings. It includes cyber-infrastructure components of sensing, computation, communication,
and control that provide close monitoring and operations for the mechanical and energy systems, and
physical environment in buildings. A BAS is defined as “an automated system where building services,
such as utilities, communicate with each other to exchange digital, analog or other forms of information,
potentially to a central control point (Brooks, Coole, Haskell-Dowland, Griffiths, & Lockhart, 2017).”
3
With the increasing usage of remote/mobile access, integrated wearable technologies, data exchange, and
cloud-based data analytics in modern intelligent buildings, the BAS moves towards open communication
technologies. Providing access to the BAS through the building’s intranet, or even remotely through the
Internet, has become a common practice.
BASs were historically developed as closed environments. BACnet (Liaisons, et al., 2012), the most
popular communication protocol for BAS in commercial buildings, was not designed with security as a
primary requirement because: (1) the original intention and implementation of BASs were isolated from
external connections (Peacock, 2019); and (2) physical wiring was typically installed without easily
accessible sockets as we find today with Ethernet installations. Hence, security did not play a particular
role in the original design of BAS. Today, it is challenging to enhance the legacy BAS protocols with
appropriate mechanisms because the existing BAS architecture does not provide sufficient hardware and
software resources for these adaptations. For example, a challenging problem for implementing security
approaches is the limitation of BAS field devices. Even when existing standards allow for extensions, full-
blown security mechanisms need computing resources and time for execution, which are typically
unavailable on field devices (Sauter, Soucek, Kastner, & Dietrich, 2011).
Since the originally isolated BASs were designed with little cyber-security considerations, BASs could be
attack targets. Several known real-world cyber-attacks (Griffiths, 2014, Higgins, 2021, Koh, 2018, Kumar,
2016, McMullen, Sanchez, & Reilly-Allen, 2016, Molina, 2015, Zetter, 2013) on buildings were reported
from 2013 to 2021, as shown in Figure 1. In May 2013, the BAS of Google Australia Office was hacked
by two security researchers by exploiting BAS software vulnerabilities (Zetter, 2013). In November 2013,
Target Corporation, a large retailer in the United States, saw its network hacked and broken into. The
attacker utilized network credentials stolen from a vendor of refrigeration, heating and air conditioning
equipment (McMullen, et al., 2016). In July 2014, the St. Regis Shenzhen 5-star hotel was hacked by a
hacker who took control of around a hundred rooms in the hotel (Griffiths, 2014). The hotel’s BAS had
several flaws that allowed Molina (Molina, 2015) to create a remote control to access the hotel rooms. In
October 2016, hackers used Distributed Denial of Service (DDoS) attack to shut down two apartments’
heating systems in Finland (Kumar, 2016). In August 2018, a security engineer hacked into the WiFi of a
hotel while attending a cybersecurity conference in Singapore. The engineer hacked into the server and
blogged about it online, where he published the hotel administrator’s server passwords (Koh, 2018). In
December 2021, a firm located in Germany discovered that three-quarters of the BAS devices in the office
building system network had been mysteriously locked down with the system’s own digital security key,
which was under the attackers’ control. It suddenly lost contact with hundreds of its BAS devices including
light switches, motion detectors, shutter controllers, etc. The firm had to revert to manually flipping on
and off the central circuit breakers in order to power on the lights in the building (Higgins, 2021). As of
2019, 37.8% of computers used to control BASs were subject to some kind of malicious attacks according
to Kaspersky's report (Kaspersky, 2019). The growing interest from adversary individuals and agents in
BAS is driven by the deep integration of building services, especially the safety-critical (e.g., fire or social
alarm systems) and security-critical (e.g., access control systems) services (Granzer, Praus, & Kastner,
2009). This integration enables low-cost functionality improvement via data sharing and cooperative
control. However, it also breaks the physical isolation of the subsystems and thus enlarges the BAS cyber-
attack surface (King, 2016). Furthermore, modern buildings are also capable of providing grid ancillary
services, such as demand response and frequency regulation (Fu, O'Neill, Wen, Pertzborn, & Bushby,
4
2021). These buildings, also called Grid-interactive Efficient Buildings (GEBs), provide open doors to
grid operations, which raise new security concerns. Therefore, there is a strong need to advance the state-
of-the-art in cyber-physical security for intelligent buildings and provide solutions for attack mitigation.
Figure 1. Timeline of recently reported cyberattacks on buildings and their physical impacts.
The International Telecommunications Union defines cyber security as “the collection of tools, policies,
security concepts, security safeguards, guidelines, risk management approaches, actions, training, best
practices, assurance and technologies that can be used to protect the cyber environment and organization
and user’s assets” (Von Solms & Van Niekerk, 2013). Cyber-physical security aims to address security
concerns for physical systems including the Internet of Things (IoT), industrial control systems, and BASs.
One early effort to establish BAS cyber security terminology defines two major classes of cyber-attacks
based on the attack target: network attacks and device attacks (Granzer, Praus, et al., 2009). Network
attacks refer to compromised access to either network medium or network devices, while device attacks
refer to any direct physical or software attacks on edge devices. Subsequently, a three-level classification
(management level, communication level, and automation level) model was presented in (Kharchenko,
Ponochovnyi, Boyarchuk, & Qahtan, 2017) considering attacks and physical faults. Giraldo et al. (Giraldo,
Sarkar, Cardenas, Maniatakos, & Kantarcioglu, 2017) also mentioned that the user privacy issue is one of
the security concerns. For example, the SHODAN search engine (Matherly, 2015) can list BAS systems
connected to the Internet, which could make them easy attack targets. Attackers can be motivated to attack
a BAS so that they can gain access to the surveillance system (e.g., IP cameras) and thus violate user
privacy. Qi et al. (Qi, Kim, Chen, Lu, & Wang, 2017) reviewed the cyber security challenges for the GEBs
providing demand response services. The main concern is the potential physical influences on the power
grid operation induced by malicious BAS control commands.
The rising demand for enhancing BAS cyber-security calls for a comprehensive understanding of the BAS
cyber landscape. A few publications have been focused on cyber-physical security on BASs, which mainly
cover cyber-attacks, detection, and defense related topics. dos Santos et al. (dos Santos, Dagrada, &
Costante, 2021) demonstrated how to attack a BAS workstation via a smart lighting system and
5
surveillance system, proving how deep integration increased the attack vectors. Wendzel et al. (Wendzel,
Zwanger, Meier, & Szlósarczyk, 2014) presented a botnet scenario where compromised BAS devices are
used as bots to allow massive aggregated attacks. Kaur et al. (Kaur, Tonejc, Wendzel, & Meier, 2015)
focused on BACnet protocols and listed potential attacks in the BACnet network, such as network flooding,
traffic redirection, and re-routing Denial-of-Service (DoS) attacks. Raiyn (Raiyn, 2014) discussed
different types of cyber-attacks and listed typical attack detection strategies including intrusion detection
systems (IDS), misuse detection, misbehavior detection, anomaly detection, and signature-based detection
approaches. Yurekten and Demirci (Yurekten & Demirci, 2021) presented a systematic review of cyber
threat categories and related defense approaches including defense against network scanning attacks,
spoofing attacks, network-level DoS attacks, sniffer attacks, malware, and web application attacks.
Ciholas et al. (Ciholas, Lennie, Sadigova, & Such, 2019) presented a systematic literature review of cyber-
attacks, vulnerabilities, and defense approaches for smart buildings in terms of three levels (i.e.,
management, automation, and field levels), where common cyber-attacks (e.g., wireless attacks, DoS
attacks, protocol-specific attacks, privacy attacks) and corresponding defense approaches were illustrated
in detail. Graveto et al. (Graveto, Cruz, & Simöes, 2022) provided a systematic survey of the typical three-
level BAS architecture with dominant protocols, BAS security risks with possible cyber-attacks, and
proposals for BAS security enhancement including security monitoring, anomaly detection, IDS, etc. To
maintain acceptable levels of system operation in the presence of cyber-attacks, the concept of cyber
resilient control is proposed for cyber-physical systems. But few publications have focused on cyber
resilient control strategies specifically for BASs in commercial buildings. Generally speaking, in contrast
to other domains that recently received substantial attention such as industrial control and automation
systems (Graveto, et al., 2022), the security of BASs has been discussed in a less structured manner. An
in-depth analysis is still needed to systemically address the cyber-security issues of BASs in the context
of the emerging openness and connectivity of intelligent buildings.
Although there are several reviews on cyber-physical security for BASs as mentioned above, to the authors’
best knowledge, a holistic overview integrating BAS vulnerabilities, potential threats with impact
assessment, cyber-attack detection & defense, and cyber resilient control is still missing in this field. To
fill the research gap, this paper aims to provide insights into the following significant questions:
1. Why are BASs vulnerable to cyber-attacks?
2. What are the common cyber-attacks and their impact on BASs?
3. What are the existing approaches of cyber-attack detection and defense?
4. How do the existing cyber resilient control strategies work?
5. What are the research challenges and future opportunities?
The remainder of this paper is organized as shown in Figure 2. Section 2 introduces the literature review
and evaluation method. Section 3 summarizes the literature review results of vulnerabilities, potential
threats, detection & defense approaches, and resilient control strategies. Section 4 discusses the open
challenges and future opportunities. Section 5 concludes this review work.
摘要:
展开>>
收起<<
1ACriticalReviewofCyber-PhysicalSecurityforBuildingAutomationSystemsGuowenLia,LingyuRenb,YangyangFua,ZhiyaoYanga,VeronicaAdetolac,JinWend,QiZhue,TeresaWuf,g,K.SelcukCandanf,h,ZhengO’Neilla,*aJ.MikeWalker’66DepartmentofMechanicalEngineering,TexasA&MUniversity,CollegeStation,TX,USAbRaytheonTechnologie...
声明:本站为文档C2C交易模式,即用户上传的文档直接被用户下载,本站只是中间服务平台,本站所有文档下载所得的收益归上传人(含作者)所有。玖贝云文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私,请立即通知玖贝云文库,我们立即给予删除!
相关推荐
-
【词汇变形总汇】2025高考词汇变形总汇 - 教师版VIP免费
2024-12-06 3 -
【超简37页】新课标高考英语考纲3500词汇VIP免费
2024-12-06 4 -
《高考英语3500词详解》(WORD版)VIP免费
2024-12-06 18 -
《高考英语3500词详解》VIP免费
2024-12-06 14 -
高中英语-[教师版]80天通关高考3500词汇VIP免费
2024-12-06 16 -
高中人教选修7课文逐句翻译VIP免费
2024-12-06 8 -
高中人教选修7课文原文及翻译VIP免费
2024-12-06 19 -
高中人教必修4课文逐句翻译VIP免费
2024-12-06 8 -
高中人教必修4课文原文及翻译VIP免费
2024-12-06 22 -
高考英语核心高频688词汇VIP免费
2024-12-06 11
分类:图书资源
价格:10玖币
属性:38 页
大小:1.7MB
格式:PDF
时间:2025-04-30
作者详情
相关内容
-
主题班会:责任与我同行(1)
分类:中学教育
时间:2025-06-01
标签:无
格式:PPT
价格:10 玖币
-
主题班会:责任——我们共同的需要ppt
分类:中学教育
时间:2025-06-01
标签:无
格式:PPT
价格:10 玖币
-
主题班会:预防爱滋病
分类:中学教育
时间:2025-06-01
标签:无
格式:PPT
价格:10 玖币
-
主题班会:远离毒品,珍爱生命ppt1
分类:中学教育
时间:2025-06-01
标签:无
格式:PPT
价格:10 玖币
-
韶关市2024届高三综合测试(一)英语答案
分类:中学教育
时间:2025-06-05
标签:无
格式:PDF
价格:10 玖币
渝公网安备50010702506394
