SEABASS: Symmetric-keychain Encryption and Authentication for Building Automation Systems

There is an increasing security risk in Building Automation Systems (BAS) in that its communication is unprotected, resulting in the adversary having the capability to inject spurious commands to the actuators to alter the behaviour of BAS. The communication between the Human-Machine-Interface (HMI) and the controller (PLC) is vulnerable as there is no secret key being used to protect the authenticity, confidentiality and integrity of the sensor data and commands. We propose SEABASS, a lightweight key management scheme to distribute and manage session keys between HMI and PLCs, providing a secure communication channel between any two communicating devices in BAS through a symmetric-key based hash-chain encryption and authentication of message exchange. Our scheme facilitates automatic renewal of session keys periodically based on the use of a reversed hash-chain. A prototype was implemented using the BACnet/IP communication protocol and the preliminary results show that the symmetric keychain approach is lightweight and incurs low latency

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

A nearly zero-energy microgrid testbed laboratory: Centralized control strategy based on SCADA system

Currently, despite the use of renewable energy sources (RESs), distribution networks are facing problems, such as complexity and low productivity. Emerging microgrids (MGs) with RESs based on supervisory control and data acquisition (SCADA) are an effective solution to control, manage, and finally deal with these challenges. The development and success of MGs is highly dependent on the use of power electronic interfaces. The use of these interfaces is directly related to the progress of SCADA systems and communication infrastructures. The use of SCADA systems for the control and operation of MGs and active distribution networks promotes productivity and efficiency. This paper presents a real MG case study called the LAMBDA MG testbed laboratory, which has been implemented in the electrical department of the Sapienza University of Rome with a centralized energy management system (CEMS). The real-time results of the SCADA system show that a CEMS can create proper energy balance in a LAMBDA MG testbed and, consequently, minimize the exchange power of the LAMBDA MG and main grid

A critical review of cyber-physical security for building automation systems

Modern Building Automation Systems (BASs), as the brain that enables the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as optimized automation via outsourced cloud analytics and increased building-grid integrations. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber-secure resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber-secure resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro

A Survey on Industrial Control System Testbeds and Datasets for Security Research

The increasing digitization and interconnection of legacy Industrial Control Systems (ICSs) open new vulnerability surfaces, exposing such systems to malicious attackers. Furthermore, since ICSs are often employed in critical infrastructures (e.g., nuclear plants) and manufacturing companies (e.g., chemical industries), attacks can lead to devastating physical damages. In dealing with this security requirement, the research community focuses on developing new security mechanisms such as Intrusion Detection Systems (IDSs), facilitated by leveraging modern machine learning techniques. However, these algorithms require a testing platform and a considerable amount of data to be trained and tested accurately. To satisfy this prerequisite, Academia, Industry, and Government are increasingly proposing testbed (i.e., scaled-down versions of ICSs or simulations) to test the performances of the IDSs. Furthermore, to enable researchers to cross-validate security systems (e.g., security-by-design concepts or anomaly detectors), several datasets have been collected from testbeds and shared with the community. In this paper, we provide a deep and comprehensive overview of ICSs, presenting the architecture design, the employed devices, and the security protocols implemented. We then collect, compare, and describe testbeds and datasets in the literature, highlighting key challenges and design guidelines to keep in mind in the design phases. Furthermore, we enrich our work by reporting the best performing IDS algorithms tested on every dataset to create a baseline in state of the art for this field. Finally, driven by knowledge accumulated during this survey's development, we report advice and good practices on the development, the choice, and the utilization of testbeds, datasets, and IDSs

Building energy metering and environmental monitoring - A state-of-the-art review and directions for future research

Buildings are responsible for 40% of global energy use and contribute towards 30% of the total CO2 emissions. The drive to reduce energy consumption and associated greenhouse gas emissions from buildings has acted as a catalyst in the increasing installation of meters and sensors for monitoring energy use and indoor environmental conditions in buildings. This paper reviews the state-of-the-art in building energy metering and environmental monitoring, including their social, economic, environmental and legislative drivers. The integration of meters and sensors with existing building energy management systems (BEMS) is critically appraised, especially with regard to communication technologies and protocols such as ModBus, M-Bus, Ethernet, Cellular, ZigBee, WiFi and BACnet. Findings suggest that energy metering is covered in existing policies and regulations in only a handful of countries. Most of the legislations and policies on energy metering in Europe are in response to the Energy Performance of Buildings Directive (EPBD), 2002/91/EC. However, recent developments in policy are pointing towards more stringent metering requirements in future, moving away from voluntary to mandatory compliance. With regards to metering equipment, significant developments have been made in the recent past on miniaturisation, accuracy, robustness, data storage, ability to connect using multiple communication protocols, and the integration with BEMS and the Cloud – resulting in a range of available solutions, selection of which can be challenging. Developments in communication technologies, in particular in low-power wireless such as ZigBee and Bluetooth LE (BLE), are enabling cost-effective machine to machine (M2M) and internet of things (IoT) implementation of sensor networks. Privacy and data protection, however, remain a concern for data aggregators and end-users. The standardization of network protocols and device functionalities remains an active area of research and development, especially due to the prevalence of many protocols in the BEMS industry. Available solutions often lack interoperability between hardware and software systems, resulting in vendor lock-in. The paper provides a comprehensive understanding of available technologies for energy metering and environmental monitoring; their drivers, advantages and limitations; factors affecting their selection and future directions of research and development – for use a reference, as well as for generating further interest in this expanding research area

BRICKS: Building’s reasoning for intelligent control knowledge-based system

Building energy management systems have been largely implemented, focusing on specific domains. When installed together, they lack interoperability to make them work correctly and to achieve a centralized user interface. The Building's Reasoning for Intelligent Control Knowledge-based System (BRICKS) overcomes these issues by developing an interoperable building management system able to aggregate different interest domains. It is a context-aware semantic rule-based system for intelligent management of buildings' energy and security. Its output can be a set of alarms, notifications, or control actions to take. BRICKS itself, and its features are the innovative contribution of the present paper. It is very important for buildings' energy management, namely in the scope of demand response programs. In this paper, it is shown how semantics is used to enable the knowledge exchange between different devices, algorithms, and models, without the need for reprogramming the system. A scenario is deployed in a real building for demonstration.This work has received funding from the European Union’s Horizon 2020 research and innovation programme under project DOMINOES (grant agreement No 771066) and from FEDER Funds through COMPETE program and from National Funds through FCT under the projects UID/EEA/00760/2019, PTDC/EEI-EEE/28954/2017 (MAS-Society), and SFRH/BD/118487/2016.info:eu-repo/semantics/publishedVersio

A Semantics-Rich Information Technology Architecture for Smart Buildings

The design of smart homes, buildings and environments currently suffers from a low maturity of available methodologies and tools. Technologies, devices and protocols strongly bias the design process towards vertical integration, and more flexible solutions based on separation of design concerns are seldom applied. As a result, the current landscape of smart environments is mostly populated by defectively designed solutions where application requirements (e.g., end-user functionality) are too often mixed and intertwined with technical requirements (e.g., managing the network of devices). A mature and effective design process must, instead, rely on a clear separation between the application layer and the underlying enabling technologies, to enable effective design reuse. The role of smart gateways is to enable this separation of concerns and to provide an abstracted view of available automation technology to higher software layers. This paper presents a blueprint for the information technology (IT) architecture of smart buildings that builds on top of established software engineering practices, such as model-driven development and semantic representation, and that avoids many pitfalls inherent in legacy approaches. The paper will also present a representative use case where the approach has been applied and the corresponding modeling and software tools

Implementation of Secure DNP3 Architecture of SCADA System for Smart Grids

With the recent advances in the power grid system connecting to the internet, data sharing, and networking enables space for hackers to maliciously attack them based on their vulnerabilities. Vital stations in the smart grid are the generation, transmission, distribution, and customer substations are connected and controlled remotely by the network. Every substation is controlled by a Supervisory Control and Data Acquisition (SCADA) system which communicates on DNP3 protocol on Internet/IP which has many security vulnerabilities. This research will focus on Distributed Network Protocol (DNP3) communication which is used in the smart grid to communicate between the controller devices. We present the DNP3 SAv5 and design a secure architecture with Public Key Infrastructure (PKI) on Asymmetric key encryption using a Certificate Authority (CA). The testbed provides a design architecture between customer and distribution substation and illustrates the verification of the public certificate. We have added a layer of security by giving a password to a private key file to avoid physical tampering of the devices at the customer substations. The simulation results show that the secure communication on the TLS layer provides confidentiality, integrity, and availability