ATA-BASED SECURITY ASSESSMENT OF SMART BUILDING AUTOMATION SYSTEMS

The information and control system of smart building is considered as a set of subsystems including building automation system (BAS). BAS security and availability during its life cycle are assessed using the technique Attack Tree Analysis (ATA), and Failure Modes and Effects Analysis (FMECA). The FMECA is applied at the initial stage of analysis to assess criticality of BAS hardware/software failures and failed connections between components on the different levels of system design. Modification of FMECA is IMECA allowing to analyze modes and effects of attacks/intrusions. The ATA is applied to investigate any intrusions into the BAS by analyzing system probability of a failure caused by faults and vulnerabilities during operation time. The ATA is applied for different BAS subsystems and results of analysis are combined

DEVELOPMENT OF PSMECA ANALYSIS TECHNIQUE APPLYING IoT COMPONENTS IN PHYSICAL SECURITY SYSTEMS

Physical security systems are applied to alert in advance a well-known vector of attacks. This paper presents an analysis of the research and assessment of physical security systems applying the PSMECA technique (analysis of modes, efforts, and criticality of physical security). The object of research and analysis is the physical security system of the Ministry of Education and Science of Iraq (as the infrastructure of the region's objects), as well as the area of the compact living of students and co-workers (campus). This paper discusses the organization of physical security systems, which are based on devices with low power consumption and function in the Internet of things environment. The main aim is to describe and develop a physical security system that functions in the Internet of things environment, as well as the development of a scheme for the research and development of models and methods for risk analysis, models of functions and components, models of failures and conducting research and analysis of occurrence failures of PSS. The generalized structural and hierarchical scheme of the physical security system of the infrastructure of the region is presented, as well as the applied application of the scheme is illustrated by the example of the physical security system of a student campus of one of the universities of Baghdad. The functional modeling scheme of the object is provided and is based on the use of the Raspberry Pi microcomputer and the Arduino microcontroller. The set-theoretical models of functions, components, and failures of the system under study, as well as the projection of a hierarchical failure structure in the table of the basic structural elements of the system, are presented. The IDEF0 diagram, showing a power outage scenario (accidental or intentional) in connection with lighting and video subsystems, is presented. The scheme of research and development of models and methods of analysis of risks of PSS is carried out in the paper. A PSMECA table for the CCTV system has been created, which allows you to more precisely determine the cause of the failure in the physical security system and the importance of failure criticalit

Метод IMECA для оценивания кибербезопасности: пример для информационно-управляющей системы умного дома

The information and control system of smart building is considered as a set of subsystems including building automation system (BAS), communication and controllers considering their failure rates. BAS security and system availability during life cycle are assessed using IMECA, FMECA, Markov’s model. IMECA is applied to investigate any intrusions into BAS by analyze of vulnerabilities and effects of attacks using criticality matrix. FMECA is applied to assess criticality of BAS hardware failures. Markov’s model is used to calculate BAS availability considering the possibility of recovery and different kinds of the faults.Аналізується комунікаційна система як частина ІУС розумного будинку (РБ) з високою інтенсивністю відмов. Досліджуються питання оцінювання кібербезпеки й готовності ІУС РБ на етапах життєвого циклу з використанням методів IMECA, FMECA, а також марківських моделей. IMECA застосовується щоб проаналізувати вплив будь-яких вторгнень у систему, її різні компоненти подібно тому, як FMECA показує вплив відмов апаратних засобів. Марківські моделі використовуються для отримання аналітичних оцінок готовності ІУС РБ з урахуванням можливості відновлення і різних видів відмов.Анализируется коммуникационная система как часть ИУС умного дома (УД) с высокой интенсивностью отказов. Исследуются вопросы оценивания кибербезопасности и готовности ИУС УД на этапах жизненного цикла с использованием методов IMECA, FMECA, а также марковских моделей. IMECA применяется, чтобы проанализировать влияние любых вторжений в систему и ее различные компоненты подобно тому, как FMECA показывает влияние отказов аппаратных средств. Марковские модели используются для получения аналитических оценок готовности ИУС УД с учетом возможности восстановления и всех видов отказов