An analysis of security issues in building automation systems

The purpose of Building Automation Systems (BAS) is to centralise the management of a wide range of building services, through the use of integrated protocol and communication media. Through the use of IP-based communication and encapsulated protocols, BAS are increasingly being connected to corporate networks and also being remotely accessed for management purposes, both for convenience and emergency purposes. These protocols, however, were not designed with security as a primary requirement, thus the majority of systems operate with sub-standard or non-existent security implementations, relying on security through obscurity. Research has been undertaken into addressing the shortfalls of security implementations in BAS, however defining the threats against BAS, and detection of these threats is an area that is particularly lacking. This paper presents an overview of the current security measures in BAS, outlining key issues, and methods that can be improved to protect cyber physical systems against the increasing threat of cyber terrorism and hacktivism. Future research aims to further evaluate and improve the detection systems used in BAS through first defining the threats and then applying and evaluating machine learning algorithms for traffic classification and IDS profiling capable of operating on resource constrained BAS

Security aspects of sensor-based defence systems

The Australian Defence Force (ADF) has IMAP and JMAP to perform planning prior to the deployment of forces, but there is a knowledge gap for on-ground forces during the execution of an operation. Multi-agent based sensor systems can provide on-ground forces with a significant amount of real-time information that can be used to modify planning due to changed conditions. The issue with such sensor systems is the degree to which they are vulnerable to attack by opposing forces. This paper explores the types of attack that could be successful and proposes defences that could be put in place to circumvent or minimise the effect of an attack

Modelling misuse cases as a means of capturing security requirements

Use cases as part of requirements engineering are often seen as an essential part of systems development in many methodologies. Given that modern, security-oriented software development methods such as SDL , SQUARE and CLASP place security at the forefront of product initiation, design and implementation, the focus of requirements elicitation must now move to capturing security requirements so as not to replicate past errors. Misuse cases can be an effective tool to model security requirements. This paper uses a case study to investigate the generation of successful misuse cases by employing the STRIDE framework as used in the SDL

Threat Modelling with Stride and UML

Threat modelling as part of risk analysis is seen as an essential part of secure systems development. Microsoft’s Security Development Lifecycle (SDL) is a well-known software development method that places security at the forefront of product initiation, design and implementation. As part of SDL, threat modelling produces data flow diagrams (DFDs) as key artefacts and uses those diagrams as mappings with STRIDE to identify threats. This paper uses a standard case study to illustrate the effects of using an alternative process model (UML activity diagrams) with STRIDE and suggests that using a more modern process diagram can generate a more effective threat model

Cloud Security meets Telemedicine

Medical systems are potentially one domain where security is seen as an impediment to patient care and not as an essential part of a system. This is an issue for safety-critical systems where reliability and trust are essential for successful operation. Cloud computing services offer a seamless means to allow medical data to be transferred from patient to medical specialist, whilst maintaining security requirements. This paper uses a case study to investigate the use of cloud computing in a mobile application to assist with diagnostics for patients with Parkinson Disease. It was found that the developers of the app ignored security requirements and standards, preferring to focus on functionality

Security Requirements Engineering-The Reluctant Oxymoron

Security is a focus in many systems that are developed today, yet this aspect of systems development is often relegated when the shipping date for a software product looms. This leads to problems post-implementation in terms of patches required to fix security defects or vulnerabilities. A simplistic answer is that if the code was correct in the first instance, then vulnerabilities would not exist. The reality of a complex software artefact is however, driven by other concerns. Rather than probing programs for coding errors that lead to vulnerabilities, it is perhaps more beneficial to look at the root causes of how and why vulnerabilities come to exist in software. This paper explores the reasons why this might be so, uses two simple case studies to illustrate the effects of failing to specify requirements correctly and suggests that software development methods that build in security concerns at the beginning of a project might be the way forward

I remember Richelieu: Is anything secure anymore?

Petraeus-gate, hacked nude celebrity photos in the cloud and the recent use of a search and seizure warrant in the United States of America to seek production of customer email contents on an extraterritorial server raises important issues for the supposably safe storage of data on the World Wide Web. Not only may there be nowhere to hide in cyberspace but nothing in cyberspace may be private. This paper explores the legal and technical issues raised by the these matters with emphasis on the courts decision “In the Matter of a Warrant to Search a Certain E-Mail Account Controlled and Maintained by Microsoft Corporation” and the subsequent upholding of that decision in it concludes with suggestions for ‘safe’ storage of data

Towards detection and control of civilian unmanned aerial vehicles

Considering the significant number of non‐military unmanned aerial vehicles (UAVs) that can be purchased to operate in unregulated air space and the range of such devices, the potential for security and privacy problems to arise is significant. This can lead to consequent harm for critical infrastructure in the event of these UAVs being used for criminal or terrorist purposes. Further, if these devices are not being detected, there is a privacy problem to be addressed as well. In this paper we test a specific UAV, the Parrot AR Drone version 2, and present a forensic analysis of tests used to deactivate or render the device inoperative. It was found that these devices are open to attack, which means they could be controlled by a third party

Selection of penetration testing methodologies: A comparison and evaluation

Cyber security is fast becoming a strategic priority across both governments and private organisations. With technology abundantly available, and the unbridled growth in the size and complexity of information systems, cyber criminals have a multitude of targets. Therefore, cyber security assessments are becoming common practice as concerns about information security grow. Penetration testing is one strategy used to mitigate the risk of cyber-attack. Penetration testers attempt to compromise systems using the same tools and techniques as malicious attackers thus attempting to identify vulnerabilities before an attack occurs. This research details a gap analysis of the theoretical vs. the practical classification of six penetration testing frameworks and/or methodologies. Additionally, an analysis of two of the frameworks was undertaken to evaluate each against six quality characteristics. The characteristics were derived from a modified version of an ISO quality model

Automated Detection of Vehicles with Machine Learning

Considering the significant volume of data generated by sensor systems and network hardware which is required to be analysed and intepreted by security analysts, the potential for human error is significant. This error can lead to consequent harm for some systems in the event of an adverse event not being detected. In this paper we compare two machine learning algorithms that can assist in supporting the security function effectively and present results that can be used to select the best algorithm for a specific domain. It is suggested that a naive Bayesian classiifer (NBC) and an artificial neural network (ANN) are most likely the best candidate algorithms for the proposed application. It was found that NBC was faster and more accurate than the ANN for the given data set. Future research will look to repeat this process for cyber security specific applications, and also examine teh GPGPU optimisations to the machine learning algorithms