Security Assessment of a Distributed, Modbus-Based Building Automation System

Building automation systems were designed in an era when security was not a concern as the systems were closed from outside access. However, multiple benefits can be found in connecting such systems over the Internet and controlling a number of buildings from a single location. Security breaches towards building automation systems are increasing and may cause direct or indirect damages to the target organization or even the residents of the building. This work presents an approach to apply a method of data flow recognition and environment analysis to building automation through a case study on a distributed building automation system utilizing the Modbus protocol at the sites and presents suggested methods for mitigating the risks.

[1]  Thomas Mundt,et al.  Security in building automation systems - a first analysis , 2016, 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security).

[2]  Deborah L. Cooper Data security: data breaches , 2015, InfoSecCD.

[3]  Eleni Stroulia,et al.  A Hierarchical Security-Auditing Methodology for Cloud Computing , 2015, 2015 IEEE International Conference on Services Computing.

[4]  Security audit of data flows across enterprise systems and networks , 2014, The 9th International Conference for Internet Technology and Secured Transactions (ICITST-2014).

[5]  Lyazzat Atymtayeva,et al.  Expert systems for information security management and audit. Implementation phase issues , 2014, 2014 Joint 7th International Conference on Soft Computing and Intelligent Systems (SCIS) and 15th International Symposium on Advanced Intelligent Systems (ISIS).

[6]  Alessandro Barenghi,et al.  Security challenges in building automation and SCADA , 2014, 2014 International Carnahan Conference on Security Technology (ICCST).

[7]  Chris I. Djamaludin,et al.  Practical Modbus Flooding Attack and Detection , 2014, AISC.

[8]  Alessandro Barenghi,et al.  Security Analysis of Building Automation Networks - Threat Model and Viable Mitigation Techniques , 2013, NordSec.

[9]  Yue Zhang,et al.  Intelligent Building Automation and Control Based on IndasIBMS , 2013, 2013 International Conference on Service Sciences (ICSS).

[10]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[11]  Chen Wang,et al.  Research and design of security audit system for compliance , 2012, 2012 International Symposium on Information Technologies in Medicine and Education.

[12]  Pavel Celeda,et al.  Flow-Based Security Issue Detection in Building Automation and Control Networks , 2012, EUNICE.

[13]  Wolfgang Kastner,et al.  Integrating Building Automation Systems and IPv6 in the Internet of Things , 2012, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[14]  Pavel Celeda,et al.  Traffic Measurement and Analysis of Building Automation and Control Networks , 2012, AIMS.

[15]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[16]  Wolfgang Granzer,et al.  Security in Building Automation Systems , 2010, IEEE Transactions on Industrial Electronics.

[17]  Aiko Pras,et al.  An Overview of IP Flow-Based Intrusion Detection , 2010, IEEE Communications Surveys & Tutorials.

[18]  Aiko Pras,et al.  Intrusion Detection in SCADA Networks , 2010, AIMS.

[19]  Qiang Huang,et al.  A framework for business-oriented security audit , 2008, 2008 6th IEEE International Conference on Industrial Informatics.

[20]  Songwu Lu,et al.  Characterizing flows in large wireless data networks , 2004, MobiCom '04.

[21]  Konstantina Papagiannaki,et al.  Structural analysis of network traffic flows , 2004, SIGMETRICS '04/Performance '04.

[22]  E.C. Lo,et al.  Security audit: a case study [information systems] , 2004, Canadian Conference on Electrical and Computer Engineering 2004 (IEEE Cat. No.04CH37513).

[23]  M. Z. Jamaludin,et al.  Third party security audit procedure for network environment , 2003 .

[24]  N. Md. Tahir,et al.  Third party security audit procedure for network environment , 2003, 4th National Conference of Telecommunication Technology, 2003. NCTT 2003 Proceedings..

[25]  Philippe Owezarski,et al.  A flow-based model for internet backbone traffic , 2002, IMW '02.

[26]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[27]  Edward Finch Is IP everywhere the way ahead for building automation , 2001 .