An analysis of security issues in building automation systems

The purpose of Building Automation Systems (BAS) is to centralise the management of a wide range of building services, through the use of integrated protocol and communication media. Through the use of IP-based communication and encapsulated protocols, BAS are increasingly being connected to corporate networks and also being remotely accessed for management purposes, both for convenience and emergency purposes. These protocols, however, were not designed with security as a primary requirement, thus the majority of systems operate with sub-standard or non-existent security implementations, relying on security through obscurity. Research has been undertaken into addressing the shortfalls of security implementations in BAS, however defining the threats against BAS, and detection of these threats is an area that is particularly lacking. This paper presents an overview of the current security measures in BAS, outlining key issues, and methods that can be improved to protect cyber physical systems against the increasing threat of cyber terrorism and hacktivism. Future research aims to further evaluate and improve the detection systems used in BAS through first defining the threats and then applying and evaluating machine learning algorithms for traffic classification and IDS profiling capable of operating on resource constrained BAS

Security aspects of sensor-based defence systems

The Australian Defence Force (ADF) has IMAP and JMAP to perform planning prior to the deployment of forces, but there is a knowledge gap for on-ground forces during the execution of an operation. Multi-agent based sensor systems can provide on-ground forces with a significant amount of real-time information that can be used to modify planning due to changed conditions. The issue with such sensor systems is the degree to which they are vulnerable to attack by opposing forces. This paper explores the types of attack that could be successful and proposes defences that could be put in place to circumvent or minimise the effect of an attack

Modelling misuse cases as a means of capturing security requirements

Use cases as part of requirements engineering are often seen as an essential part of systems development in many methodologies. Given that modern, security-oriented software development methods such as SDL , SQUARE and CLASP place security at the forefront of product initiation, design and implementation, the focus of requirements elicitation must now move to capturing security requirements so as not to replicate past errors. Misuse cases can be an effective tool to model security requirements. This paper uses a case study to investigate the generation of successful misuse cases by employing the STRIDE framework as used in the SDL

Augmenting Postgraduate Student Problem-Solving Ability by the Use of Critical Thinking Exercises

This paper describes the results of a research programme whose focus was critical thinking and explores how information technology (IT) postgraduate students model problems. Some results from the programme show that IT students appear to improve their problem-solving ability by undertaking structured critical thinking exercises. An AC Nielsen survey commissioned by DETYA in 2000 sought to gauge employer satisfaction with graduates using a variety of methods including questionnaires, focus groups and in-depth interviews. A key finding was that ‗the skills employers consider to be most important in graduates are creativity and flair, enthusiasm and the capacity for independent and critical thinking‘. Similar conclusions were drawn in earlier work from the UK and USA. Generally, critical thinking, if it is taught in a university, is taught as a formal or symbolic logic subject, usually by the philosophy or mathematics department. While there is nothing inherently wrong with teaching students the syllogisms of Aristotle, as formal logic has its uses, that does not necessarily equate to critical thinking. The assessment of critical thinking skills is also somewhat problematic. There are several generic assessment tools available but if critical thinking is discipline-specific, then such tools may not be particularly useful. One solution is to use a formal critical thinking assessment instruments in a pre/post treatment experiment, the treatment being the exercises. This study evaluated the critical thinking skills of Masters-level students. The participants were a class of coursework Master students at an Australasian university. These students were administered two Mensa-style tests that targeted critical thinking skills regarded as essential elements in a university education. The design was a classic pre/post treatment experiment, with the treatment being the intervening structured critical thinking exercises. The results indicate that the students‘ problem-solving ability improved over time which suggests that the exercises were effective

Threat Modelling with Stride and UML

Threat modelling as part of risk analysis is seen as an essential part of secure systems development. Microsoft’s Security Development Lifecycle (SDL) is a well-known software development method that places security at the forefront of product initiation, design and implementation. As part of SDL, threat modelling produces data flow diagrams (DFDs) as key artefacts and uses those diagrams as mappings with STRIDE to identify threats. This paper uses a standard case study to illustrate the effects of using an alternative process model (UML activity diagrams) with STRIDE and suggests that using a more modern process diagram can generate a more effective threat model

Cloud Security meets Telemedicine

Medical systems are potentially one domain where security is seen as an impediment to patient care and not as an essential part of a system. This is an issue for safety-critical systems where reliability and trust are essential for successful operation. Cloud computing services offer a seamless means to allow medical data to be transferred from patient to medical specialist, whilst maintaining security requirements. This paper uses a case study to investigate the use of cloud computing in a mobile application to assist with diagnostics for patients with Parkinson Disease. It was found that the developers of the app ignored security requirements and standards, preferring to focus on functionality

Security Requirements Engineering-The Reluctant Oxymoron

Security is a focus in many systems that are developed today, yet this aspect of systems development is often relegated when the shipping date for a software product looms. This leads to problems post-implementation in terms of patches required to fix security defects or vulnerabilities. A simplistic answer is that if the code was correct in the first instance, then vulnerabilities would not exist. The reality of a complex software artefact is however, driven by other concerns. Rather than probing programs for coding errors that lead to vulnerabilities, it is perhaps more beneficial to look at the root causes of how and why vulnerabilities come to exist in software. This paper explores the reasons why this might be so, uses two simple case studies to illustrate the effects of failing to specify requirements correctly and suggests that software development methods that build in security concerns at the beginning of a project might be the way forward

Environmental policy, innovation and performance : new insights on the Porter hypothesis

Jaffe and Palmer (1997) present three distinct variants of the so-called Porter Hypothesis. The “weak” version of the hypothesis posits that environmental regulation will stimulate certain kinds of environmental innovations. The “narrow” version of the hypothesis asserts that flexible environmental policy regimes give firms greater incentive to innovate than prescriptive regulations, such as technology-based standards.Finally, the “strong” version posits that properly designed regulation may induce cost-saving innovation that more than compensates for the cost of compliance. In this paper, we test the significance of these different variants of the Porter Hypothesis using data on the four main elements of the hypothesised causality chain (environmental policy, research and development, environmental performance and commercial performance). The analysis is based upon a unique database which includes observations from approximately 4200 facilities in seven OECD countries. In general, we find strong support for the “weak” version, qualified support for the “narrow” version, and qualified support for the “strong” version as well.PORTHER HYPOTHESIS;ENVIRONMENTAL POLICY;INNOVATION;ENVIRONMENTAL PERFORMANCE;BUSINESS PERFORMANCE