An analysis of security issues in building automation systems

The purpose of Building Automation Systems (BAS) is to centralise the management of a wide range of building services, through the use of integrated protocol and communication media. Through the use of IP-based communication and encapsulated protocols, BAS are increasingly being connected to corporate networks and also being remotely accessed for management purposes, both for convenience and emergency purposes. These protocols, however, were not designed with security as a primary requirement, thus the majority of systems operate with sub-standard or non-existent security implementations, relying on security through obscurity. Research has been undertaken into addressing the shortfalls of security implementations in BAS, however defining the threats against BAS, and detection of these threats is an area that is particularly lacking. This paper presents an overview of the current security measures in BAS, outlining key issues, and methods that can be improved to protect cyber physical systems against the increasing threat of cyber terrorism and hacktivism. Future research aims to further evaluate and improve the detection systems used in BAS through first defining the threats and then applying and evaluating machine learning algorithms for traffic classification and IDS profiling capable of operating on resource constrained BAS

High-frequency collocations of nouns in research articles across eight disciplines

This paper describes a corpus-based analysis of the distribution of the high-frequency collocates of abstract nouns in 320 research articles across eight disciplines: Chemistry, Computer Science, Materials Science, Neuroscience, Economics, Language and Linguistics, Management, and Psychology. Disciplinary variation was also examined – very little previous research seems to have investigated this. The corpus was analysed using WordSmith Tools. The 16 highest-frequency nouns across all eight disciplines were identified, followed by the highest-frequency collocates for each noun. Five disciplines showed over 50% variance from the overall results. Conclusions are that the differing patterns revealed are disciplinary norms and represent standard terminology within the disciplines arising from the topics discussed, research methods, and content of discussions. It is also concluded that the collocations are an important part of the meanings and functions of the nouns, and that this evidence of sharp discipline differences underlines the importance of discipline-specific collocation research

Linking adverbials in research articles across eight disciplines

Biber et al. (1999) contend linking adverbials perform important cohesive and connective functions by signalling connections between units of discourse; however, there has been little previous corpus-based research in this important area of ESP. This paper describes an analysis of linking adverbials, such as “however” and “therefore”, in a corpus of 320 published research articles (RAs) across eight disciplines, four science and four non-science. New lists of linking adverbials were developed and the parameters of frequency, function and disciplinary variation were examined using WordSmith Tools. They were found to be more frequent than previously thought, with numerous statistically significant disciplinary differences, for example between the sciences and non-sciences. Also, they often clustered together in complex sequences. A close examination of RAs in two of the sciences revealed some reasons for the much lower rate of occurrence there. Authors developed claims in a different way, describing methods and results in a more narrative or descriptive style rather than explicitly telling readers the connections between ideas, claims and facts. Conclusions are that linking adverbials are more important in RAs as signalling and cohesive devices, and for helping RA authors construct and strengthen claims, than previously thought by experts in this field. Also, different disciplines achieve this in significantly different ways, confirming the importance of discipline variation when researching their use

Anomaly Detection in BACnet/IP managed Building Automation Systems

Building Automation Systems (BAS) are a collection of devices and software which manage the operation of building services. The BAS market is expected to be a $19.25 billion USD industry by 2023, as a core feature of both the Internet of Things and Smart City technologies. However, securing these systems from cyber security threats is an emerging research area. Since initial deployment, BAS have evolved from isolated standalone networks to heterogeneous, interconnected networks allowing external connectivity through the Internet. The most prominent BAS protocol is BACnet/IP, which is estimated to hold 54.6% of world market share. BACnet/IP security features are often not implemented in BAS deployments, leaving systems unprotected against known network threats. This research investigated methods of detecting anomalous network traffic in BACnet/IP managed BAS in an effort to combat threats posed to these systems. This research explored the threats facing BACnet/IP devices, through analysis of Internet accessible BACnet devices, vendor-defined device specifications, investigation of the BACnet specification, and known network attacks identified in the surrounding literature. The collected data were used to construct a threat matrix, which was applied to models of BACnet devices to evaluate potential exposure. Further, two potential unknown vulnerabilities were identified and explored using state modelling and device simulation. A simulation environment and attack framework were constructed to generate both normal and malicious network traffic to explore the application of machine learning algorithms to identify both known and unknown network anomalies. To identify network patterns between the generated normal and malicious network traffic, unsupervised clustering, graph analysis with an unsupervised community detection algorithm, and time series analysis were used. The explored methods identified distinguishable network patterns for frequency-based known network attacks when compared to normal network traffic. However, as stand-alone methods for anomaly detection, these methods were found insufficient. Subsequently, Artificial Neural Networks and Hidden Markov Models were explored and found capable of detecting known network attacks. Further, Hidden Markov Models were also capable of detecting unknown network attacks in the generated datasets. The classification accuracy of the Hidden Markov Models was evaluated using the Matthews Correlation Coefficient which accounts for imbalanced class sizes and assess both positive and negative classification ability for deriving its metric. The Hidden Markov Models were found capable of repeatedly detecting both known and unknown BACnet/IP attacks with True Positive Rates greater than 0.99 and Matthews Correlation Coefficients greater than 0.8 for five of six evaluated hosts. This research identified and evaluated a range of methods capable of identifying anomalies in simulated BACnet/IP network traffic. Further, this research found that Hidden Markov Models were accurate at classifying both known and unknown attacks in the evaluated BACnet/IP managed BAS network

Detection and control of small civilian UAVs

With the increasing proliferation of small civilian Unmanned Aerial Vehicles (UAVs), the threat to critical infrastructure (CI) security and privacy is now widely recognised and must be addressed. These devices are easily available at a low cost, with their usage largely unrestricted allowing users to have no accountability. Further, current implementations of UAVs have little to no security measures applied to their control interfaces. To combat the threat raised by small UAVs, being aware of their presence is required, a task that can be challenging and often requires customised hardware. This thesis aimed to address the threats posed by the Parrot AR Drone v2, by presenting a data link signature detection method which provides the characteristics needed to implement a mitigation method, capable of stopping a UAVs movement and video stream. These methods were developed using an experimental procedure and are packaged as a group of Python scripts. A suitable detection method was developed, capable of detecting and identifying a Parrot AR Drone v2 within WiFi operational range. A successful method of disabling the controls and video of a Parrot AR Drone in the air was implemented, with collection of video and control commands also achieved, for after-the-event reconstruction of the video stream. Real-time video monitoring is achievable, however it is deemed detrimental to the flight stability of the Parrot, reducing the effectiveness of monitoring the behaviour of an unidentified Parrot AR Drone v2. Additionally, implementing a range of mitigations for continued monitoring of Parrot AR Drones proved ineffectual, given that the mitigations applied were found to be non-persistent, with the mitigations reverting after control is returned to the controller. While the ability to actively monitor and manipulate Parrot AR Drones was successful, it was not to the degree believed possible during initial research

Palladium-Mediated Formation of Alkyl–Nitrogen Bonds

The following dissertation discusses reactions of palladium complexes to form sp3 carbon–nitrogen bonds. Both stoichiometric reductive elimination reactions to form alkylamines from characterized alkylpalladium(II) complexes and new palladium-catalyzed methods for the synthesis of N-alkylbenzophenone imines are reported.Chapter 1 provides an overview of methods for the N-alkylation of nitrogen nucleophiles. Metal-catalyzed substitution reactions of nitrogen nucleophiles with alkyl electrophiles are discussed with a focus on the fundamental organometallic reactions that may form carbon–nitrogen bonds in these reactions. Examples of reductive elimination reactions from characterized alkylmetal complexes are covered in more detail because of their relevance to later chapters.Chapter 2 discusses continued work in the Hartwig group studying the reductive elimination of norbornylamines from syn-2-methylnorbornylpalladium(II) amido complexes. This work focuses on the effects of phosphine ancillary ligands on the rate of reductive elimination and yield of alkylamine. These studies led to the design of bidentate P,O ligands that stabilize Pd(II) amido complexes while still enabling the reductive elimination of alkylamines to occur in good yield.Chapter 3 presents the reductive elimination of N-neopentyl anilines and N-neopentyl imines from palladium(II) complexes. The P,O ligand structures developed as part of the work described in Chapter 2 proved particularly valuable to the study of neopentylpalladium(II) complexes and enabled the synthesis of stable, four-coordinate Pd(II) anilido and methyleneamido complexes that undergo reductive elimination to form N-neopentyl anilines and N-neopentyl imines in good yields.Chapter 4 discusses the development of palladium catalysts for the cross-coupling of imines and primary alkyl bromides. The addition of fluorinated iminoquinolines as ancillary ligands was found to greatly increase the rate of the reaction. Mechanistic studies suggest that this reaction occurs through a two-electron pathway that may involve oxidative addition to a cyclometallated palladium(II) complex.Chapter 5 expands the palladium-catalyzed cross-coupling of imines to include reactions with synthetically valuable secondary and tertiary alkyl halides. This method was applied to form a variety of imines bearing secondary and tertiary alkyl groups on nitrogen. Mechanistic studies suggest that this reaction occurs through single-electron transfer from a palladium(0) complex to form an alkyl radical intermediate. The intermediacy of this alkyl radical enabled this method to be expanded to include the intramolecular carboamination of unsaturated alkyl bromides

A third wave of selective exposure research? The challenges posed by hyperpartisan news on social media

Hyperpartisan news on social media presents new challenges for selective exposure theory. These challenges are substantial enough to usher in a new era -a third wave- of selective exposure research. In this essay, we trace the history of the first two waves of research in order to better understand the current situation. We then assess the implications of recent developments for selective exposure research

Towards detection and control of civilian unmanned aerial vehicles

Considering the significant number of non‐military unmanned aerial vehicles (UAVs) that can be purchased to operate in unregulated air space and the range of such devices, the potential for security and privacy problems to arise is significant. This can lead to consequent harm for critical infrastructure in the event of these UAVs being used for criminal or terrorist purposes. Further, if these devices are not being detected, there is a privacy problem to be addressed as well. In this paper we test a specific UAV, the Parrot AR Drone version 2, and present a forensic analysis of tests used to deactivate or render the device inoperative. It was found that these devices are open to attack, which means they could be controlled by a third party

An analysis of security issues in building automation systems

The purpose of Building Automation Systems (BAS) is to centralise the management of a wide range of building services, through the use of integrated protocol and communication media. Through the use of IP-based communication and encapsulated protocols, BAS are increasingly being connected to corporate networks and also being remotely accessed for management purposes, both for convenience and emergency purposes. These protocols, however, were not designed with security as a primary requirement, thus the majority of systems operate with sub-standard or non-existent security implementations, relying on security through obscurity. Research has been undertaken into addressing the shortfalls of security implementations in BAS, however defining the threats against BAS, and detection of these threats is an area that is particularly lacking. This paper presents an overview of the current security measures in BAS, outlining key issues, and methods that can be improved to protect cyber physical systems against the increasing threat of cyber terrorism and hacktivism. Future research aims to further evaluate and improve the detection systems used in BAS through first defining the threats and then applying and evaluating machine learning algorithms for traffic classification and IDS profiling capable of operating on resource constrained BAS