An analysis of security issues in building automation systems

The purpose of Building Automation Systems (BAS) is to centralise the management of a wide range of building services, through the use of integrated protocol and communication media. Through the use of IP-based communication and encapsulated protocols, BAS are increasingly being connected to corporate networks and also being remotely accessed for management purposes, both for convenience and emergency purposes. These protocols, however, were not designed with security as a primary requirement, thus the majority of systems operate with sub-standard or non-existent security implementations, relying on security through obscurity. Research has been undertaken into addressing the shortfalls of security implementations in BAS, however defining the threats against BAS, and detection of these threats is an area that is particularly lacking. This paper presents an overview of the current security measures in BAS, outlining key issues, and methods that can be improved to protect cyber physical systems against the increasing threat of cyber terrorism and hacktivism. Future research aims to further evaluate and improve the detection systems used in BAS through first defining the threats and then applying and evaluating machine learning algorithms for traffic classification and IDS profiling capable of operating on resource constrained BAS

CoReDac: Collision-Free Command-Response Data Collection

Intenerg

An analysis of security issues in building automation systems

The purpose of Building Automation Systems (BAS) is to centralise the management of a wide range of building services, through the use of integrated protocol and communication media. Through the use of IP-based communication and encapsulated protocols, BAS are increasingly being connected to corporate networks and also being remotely accessed for management purposes, both for convenience and emergency purposes. These protocols, however, were not designed with security as a primary requirement, thus the majority of systems operate with sub-standard or non-existent security implementations, relying on security through obscurity. Research has been undertaken into addressing the shortfalls of security implementations in BAS, however defining the threats against BAS, and detection of these threats is an area that is particularly lacking. This paper presents an overview of the current security measures in BAS, outlining key issues, and methods that can be improved to protect cyber physical systems against the increasing threat of cyber terrorism and hacktivism. Future research aims to further evaluate and improve the detection systems used in BAS through first defining the threats and then applying and evaluating machine learning algorithms for traffic classification and IDS profiling capable of operating on resource constrained BAS

Building energy metering and environmental monitoring - A state-of-the-art review and directions for future research

Buildings are responsible for 40% of global energy use and contribute towards 30% of the total CO2 emissions. The drive to reduce energy consumption and associated greenhouse gas emissions from buildings has acted as a catalyst in the increasing installation of meters and sensors for monitoring energy use and indoor environmental conditions in buildings. This paper reviews the state-of-the-art in building energy metering and environmental monitoring, including their social, economic, environmental and legislative drivers. The integration of meters and sensors with existing building energy management systems (BEMS) is critically appraised, especially with regard to communication technologies and protocols such as ModBus, M-Bus, Ethernet, Cellular, ZigBee, WiFi and BACnet. Findings suggest that energy metering is covered in existing policies and regulations in only a handful of countries. Most of the legislations and policies on energy metering in Europe are in response to the Energy Performance of Buildings Directive (EPBD), 2002/91/EC. However, recent developments in policy are pointing towards more stringent metering requirements in future, moving away from voluntary to mandatory compliance. With regards to metering equipment, significant developments have been made in the recent past on miniaturisation, accuracy, robustness, data storage, ability to connect using multiple communication protocols, and the integration with BEMS and the Cloud – resulting in a range of available solutions, selection of which can be challenging. Developments in communication technologies, in particular in low-power wireless such as ZigBee and Bluetooth LE (BLE), are enabling cost-effective machine to machine (M2M) and internet of things (IoT) implementation of sensor networks. Privacy and data protection, however, remain a concern for data aggregators and end-users. The standardization of network protocols and device functionalities remains an active area of research and development, especially due to the prevalence of many protocols in the BEMS industry. Available solutions often lack interoperability between hardware and software systems, resulting in vendor lock-in. The paper provides a comprehensive understanding of available technologies for energy metering and environmental monitoring; their drivers, advantages and limitations; factors affecting their selection and future directions of research and development – for use a reference, as well as for generating further interest in this expanding research area

An IoT system for a smart campus: Challenges and solutions illustrated over several real-world use cases

[Abstract]: This article discusses the development of an IoT system for monitoring and controlling various devices and systems from different vendors. The authors considered key challenges in IoT projects, such as interoperability and integration, scalability, and data storage, processing, and visualization, during the design and deployment phases. In addition to these general challenges, the authors also delve into the specific integration challenges they encountered. Various devices and systems were integrated into the system and five real-world scenarios in a university campus environment are used to illustrate the challenges encountered. The scenarios involve monitoring various aspects of a university campus environment, including air quality, environmental parameters, energy efficiency, solar photovoltaic energy, and energy consumption. The authors analyzed data and CPU usage to ensure that the system could handle the large amount of data generated by the devices. The platform developed uses open source projects such as Home Assistant, InfluxDB, Grafana, and Node-RED. All developments have been published as open source in public repositories. In conclusion, this work highlights the potential and feasibility of IoT systems in various real-world applications, the importance of considering key challenges in IoT projects during the design and deployment phases, and the specific integration challenges that may be encountered.This work was supported in part by grants PID2022-137099NB-C42 (MADDIE) and TED2021-130240B-I00 (IVRY) funded by MCIN/AEI/10.13039/501100011033; and in part by the European Union NextGenerationEU/PRTR. Funding for open access charge: Universidade da Coruña/CISUG.Financiado para publicación en acceso aberto: Universidade da Coruña/CISU

Future strategic plan analysis for integrating distributed renewable generation to smart grid through wireless sensor network: Malaysia prospect

AbstractIntegration of Distributed Renewable Generation (DRG) to the future Smart Grid (SG) is one of the important considerations that is highly prioritized in the SG development roadmap by most of the countries including Malaysia. The plausible way of this integration is the enhancement of information and bidirectional communication infrastructure for energy monitoring and controlling facilities. However, urgency of data delivery through maintaining critical time condition is not crucial in these facilities. In this paper, we have surveyed state-of-the-art protocols for different Wireless Sensor Networks (WSNs) with the aim of realizing communication infrastructure for DRG in Malaysia. Based on the analytical results from surveys, data communication for DRG should be efficient, flexible, reliable, cost effective, and secured. To meet this achievement, IEEE802.15.4 supported ZigBee PRO protocol together with sensors and embedded system is shown as Wireless Sensor (WS) for DRG bidirectional network with prospect of attaining data monitoring facilities. The prospect towards utilizing ZigBee PRO protocol can be a cost effective option for full integration of intelligent DRG and small scale Building-Integrated Photovoltaic (BIPV)/Feed-in-Tariff (FiT) under SG roadmap (Phase4: 2016–2017) conducted by Malaysia national utility company, Tenaga Nasional Berhad (TNB). Moreover, we have provided a direction to utilize the effectiveness of ZigBee-WS network with the existing optical communication backbone for data importing from the end DRG site to the TNB control center. A comparative study is carried out among developing countries on recent trends of SG progress which reveals that some common projects like smart metering and DRG integration are on priority

Metodología de Diseño Conceptual de Sistemas Automatizados para Ambientes Educativos y de Servicios Tecnológicos

(Eng) This article shows the results of an applied investigation aimed to establish a general design methodology for the modernization of automated systems oriented to modernization of physical and technological infrastructure of the “Servicio Nacional de Aprendizaje” (SENA) in Colombia, with systems, equipment and applications oriented to sustainability, efficiency and energy savings. The objective of this work is to "Propose a method - ology for the conceptual design of automated building systems". The methodology was applied to the design of the automated system of the Technological Services Laboratory (LST) of the Center for Electricity and Industrial Automation (CEAI)- SENA and its implementation constitutes a reference model for the other SENA training centers to apply in order to improve the conditions of safety, comfort and energy management in their facilities.(Spa) Este artículo es uno de los resultados de una investigación aplicada, realizada con el propósito de establecer una metodología general de diseño de sistemas automatizados orientados a la modernización de la infraestructura física y tecnológica del Servicio Nacional de Aprendizaje (SENA) en Colombia, con sistemas, equipos y aplica - ciones encaminadas a la sostenibilidad, la eficiencia y el ahorro. El reporte tiene como objetivo “Proponer una metodología de diseño conceptual de sistemas automatizados de edificaciones”. La metodología propuesta fue aplicada al diseño del sistema automatizado del Laboratorio de Servicios Tecnológicos (LST) del Centro de Elec - tricidad y Automatización Industrial CEAI – SENA y su implementación constituye en un modelo de referencia para que los demás centros de formación del SENA la apliquen con el fin de mejorar las condiciones de seguridad, confort y gestión energética en sus instalaciones

A critical review of cyber-physical security for building automation systems

Modern Building Automation Systems (BASs), as the brain that enables the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as optimized automation via outsourced cloud analytics and increased building-grid integrations. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber-secure resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber-secure resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro