A Taxonomy for the Security Assessment of IP-Based Building Automation Systems: The Case of Thread

Motivated by the proliferation of wireless building automation systems (BAS) and increasing security-awareness among BAS operators, in this paper, we propose a taxonomy for the security assessment of BASs. We apply the proposed taxonomy to Thread, an emerging native IP-based protocol for BAS. Our analysis reveals a number of potential weaknesses in the design of Thread. We propose potential solutions for mitigating several identified weaknesses and discuss their efficacy. We also provide suggestions for improvements in future versions of the standard. Overall, our analysis shows that Thread has a well-designed security control for the targeted use case, making it a promising candidate for communication in next generation BASs.

[1]  Wolfgang Granzer,et al.  Security in Building Automation Systems , 2010, IEEE Transactions on Industrial Electronics.

[2]  Wolfgang Granzer,et al.  Security Analysis of Open Building Automation Systems , 2010, SAFECOMP.

[3]  Hsiao-Chun Wu,et al.  Physical layer security in wireless networks: a tutorial , 2011, IEEE Wireless Communications.

[4]  Stamatis Karnouskos,et al.  Commercial Building Automation , 2014 .

[5]  Chris McDonald,et al.  Secure Routing Protocols for Mobile Ad-Hoc Wireless Networks , 2005 .

[6]  Fabrice Benhamouda,et al.  Security of the J-PAKE Password-Authenticated Key Exchange Protocol , 2015, 2015 IEEE Symposium on Security and Privacy.

[7]  W. Granzer,et al.  Security in networked building automation systems , 2006, 2006 IEEE International Workshop on Factory Communication Systems.

[8]  Athanasios V. Vasilakos,et al.  Secure Smart Homes , 2017, ACM Comput. Surv..

[9]  Luigi Coppolino,et al.  My Smart Home is Under Attack , 2015, 2015 IEEE 18th International Conference on Computational Science and Engineering.

[10]  A VaniB.,et al.  Security Attacks and its Countermeasures in Wireless Sensor Networks , 2014 .

[11]  Víctor Juan Expósito Jiménez,et al.  An overview of wireless IoT protocol security in the smart home domain , 2017, 2017 Internet of Things Business Models, Users, and Networks.

[12]  Carles Gomez,et al.  Wireless home automation networks: A survey of architectures and technologies , 2010, IEEE Communications Magazine.

[13]  Victor C. M. Leung,et al.  Intrusion Detection and Prevention for ZigBee-Based Home Area Networks in Smart Grids , 2018, IEEE Transactions on Smart Grid.

[14]  Antonio Moreno-Muñoz,et al.  Building lighting automation through the integration of DALI with wireless sensor networks , 2012, IEEE Transactions on Consumer Electronics.

[15]  Hassan B. Kazemian,et al.  Identification of probe request attacks in WLANs using neural networks , 2013, Neural Computing and Applications.

[16]  Depeng Li,et al.  A solution based analysis of attack vectors on smart home systems , 2015, 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC).

[17]  Yu Cheng,et al.  Ghost-in-ZigBee: Energy Depletion Attack on ZigBee-Based Wireless Networks , 2016, IEEE Internet of Things Journal.

[18]  Ivana Tomić,et al.  A Survey of Potential Security Issues in Existing Wireless Sensor Network Protocols , 2017, IEEE Internet of Things Journal.

[19]  Nei Kato,et al.  A survey of routing attacks in mobile ad hoc networks , 2007, IEEE Wireless Communications.

[20]  Thomas Mundt,et al.  Security in building automation systems - a first analysis , 2016, 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security).

[21]  Jorge Sá Silva,et al.  Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues , 2015, IEEE Communications Surveys & Tutorials.

[22]  Md. Azmi Bin Karnain,et al.  A Review on ZigBee Security Enhancement in Smart Home Environment , 2015, ICISS 2015.

[23]  David A. Wagner,et al.  Security considerations for IEEE 802.15.4 networks , 2004, WiSe '04.

[24]  Yasmin Mahmoud Amin,et al.  Classification and analysis of IEEE 802.15.4 PHY layer attacks , 2016, 2016 International Conference on Selected Topics in Mobile & Wireless Networking (MoWNeT).

[25]  Cristina Alcaraz,et al.  A Security Analysis for Wireless Sensor Mesh Networks in Highly Critical Systems , 2010, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[26]  Marco Tiloca,et al.  On improving resistance to Denial of Service and key provisioning scalability of the DTLS handshake , 2017, International Journal of Information Security.

[27]  Amr T. Abdel-Hamid,et al.  Classification and analysis of IEEE 802.15.4 MAC layer attacks , 2015, 2015 11th International Conference on Innovations in Information Technology (IIT).

[28]  Jianguo Yang,et al.  A Logic Resistive Memory Chip for Embedded Key Storage With Physical Security , 2016, IEEE Transactions on Circuits and Systems II: Express Briefs.

[29]  Sneha Kumar Kasera,et al.  Detecting malicious nodes in RSS-based localization , 2011, 2011 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks.

[30]  Xianbin Wang,et al.  Security and privacy considerations for Wireless Sensor Networks in smart home environments , 2012, Proceedings of the 2012 IEEE 16th International Conference on Computer Supported Cooperative Work in Design (CSCWD).

[31]  Richard Kelsey Mesh Link Establishment , 2014 .

[32]  Niraj K. Jha,et al.  A Comprehensive Study of Security of Internet-of-Things , 2017, IEEE Transactions on Emerging Topics in Computing.