An analysis of security issues in building automation systems

The purpose of Building Automation Systems (BAS) is to centralise the management of a wide range of building services, through the use of integrated protocol and communication media. Through the use of IP-based communication and encapsulated protocols, BAS are increasingly being connected to corporate networks and also being remotely accessed for management purposes, both for convenience and emergency purposes. These protocols, however, were not designed with security as a primary requirement, thus the majority of systems operate with sub-standard or non-existent security implementations, relying on security through obscurity. Research has been undertaken into addressing the shortfalls of security implementations in BAS, however defining the threats against BAS, and detection of these threats is an area that is particularly lacking. This paper presents an overview of the current security measures in BAS, outlining key issues, and methods that can be improved to protect cyber physical systems against the increasing threat of cyber terrorism and hacktivism. Future research aims to further evaluate and improve the detection systems used in BAS through first defining the threats and then applying and evaluating machine learning algorithms for traffic classification and IDS profiling capable of operating on resource constrained BAS

CoReDac: Collision-Free Command-Response Data Collection

Intenerg

Project Hydra: Designing & Building a Reusable Framework for Multipurpose, Multifunction, Multi-institutional Repository-Powered Solutions

4th International Conference on Open RepositoriesThis presentation was part of the session : Fedora User Group PresentationsDate: 2009-05-20 03:30 PM – 05:00 PMThere is a clear business need in higher education for a flexible, reusable application framework that can support the rapid development of multiple systems tailored to distinct needs, but powered by a common underlying repository. Recognizing this common need, Stanford University, the University of Hull and the University of Virginia are collaborating on "Project Hydra", a three-year effort to create an application and middleware framework that, in combination with an underlying Fedora repository, will create a reusable environment for running multifunction, multipurpose repository-powered solutions. This paper details the collaborators' functional and technical design for such a framework, and will demonstrate the progress made to date on the initiative.JIS

A survey on subjecting electronic product code and non-ID objects to IP identification

Over the last decade, both research on the Internet of Things (IoT) and real-world IoT applications have grown exponentially. The IoT provides us with smarter cities, intelligent homes, and generally more comfortable lives. However, the introduction of these devices has led to several new challenges that must be addressed. One of the critical challenges facing interacting with IoT devices is to address billions of devices (things) around the world, including computers, tablets, smartphones, wearable devices, sensors, and embedded computers, and so on. This article provides a survey on subjecting Electronic Product Code and non-ID objects to IP identification for IoT devices, including their advantages and disadvantages thereof. Different metrics are here proposed and used for evaluating these methods. In particular, the main methods are evaluated in terms of their: (i) computational overhead, (ii) scalability, (iii) adaptability, (iv) implementation cost, and (v) whether applicable to already ID-based objects and presented in tabular format. Finally, the article proves that this field of research will still be ongoing, but any new technique must favorably offer the mentioned five evaluative parameters.Comment: 112 references, 8 figures, 6 tables, Journal of Engineering Reports, Wiley, 2020 (Open Access

Cognitive barriers during monitoring-based commissioning of buildings

Monitoring-based commissioning (MBCx) is a continuous building energy management process used to optimize energy performance in buildings. Although monitoring-based commissioning (MBCx) can reduce energy waste by up to 20%, many buildings still underperform due to issues such as unnoticed system faults and inefficient operational procedures. While there are technical barriers that impede the MBCx process, such as data quality, the focuses of this paper are the non-technical, behavioral and organizational, barriers that contribute to issues initiating and implementing MBCx. In particular, this paper discusses cognitive biases, which can lead to suboptimal outcomes in energy efficiency decisions, resulting in missed opportunities for energy savings. This paper provides evidence of cognitive biases in decisions during the MBCx process using qualitative data from over 40 public and private sector organizations. The results describe barriers resulting from cognitive biases, listed in descending order of occurrence, including: risk aversion, social norms, choice overload, status quo bias, information overload, professional bias, and temporal discounting. Building practitioners can use these results to better understand potential cognitive biases, in turn allowing them to establish best practices and make more informed decisions. Researchers can use these results to empirically test specific decision interventions and facilitate more energy efficient decisions

ISO/EPC Addressing Methods to Support Supply Chain in the Internet of Things

RFID systems are among the major infrastructures of the Internet of Things, which follow ISO and EPC standards. In addition, ISO standard constitutes the main layers of supply chain, and many RFID systems benefit from ISO standard for different purposes. In this paper, we tried to introduce addressing systems based on ISO standards, through which the range of things connected to the Internet of Things will grow. Our proposed methods are addressing methods which can be applied to both ISO and EPC standards. The proposed methods are simple, hierarchical, and low cost implementation. In addition, the presented methods enhance interoperability among RFIDs, and also enjoys a high scalability, since it well covers all of EPC schemes and ISO supply chain standards. Further, by benefiting from a new algorithm for long EPCs known as selection algorithm, they can significantly facilitate and accelerate the operation of address mapping.Comment: arXiv admin note: text overlap with arXiv:1807.0217