Skip to main content
Article
Intelligent buildings: an investigation into current and emerging security vulnerabilities in automated building systems using an applied defeat methodology
Australian Security and Intelligence Conference
  • David J Brooks, Edith Cowan University
Publication Date
1-1-2011
Document Type
Conference Proceeding
Publisher
secau Security Research Centre, Edith Cowan University, Perth, Western Australia
Comments

Originally published in the Proceedings of the 4th Australian Security and Intelligence Conference, Edith Cowan University, Perth Western Australia, 5th -7th December, 2011

Abstract

Intelligent Buildings (IB) have become increasing popular during the past decade, driven through the need to reduce energy, have more reactive and safer buildings, and increase productivity. IB integrate many systems that were in the past isolated from each other, including fire and life safety, HVAC, lighting, security, etc. Facilities contain commercial-in-confidence material and other valued assets; however, IB are integrated through open and common data communication protocols and hardware, leaving facilities exposed to external and internal threats. The study presents an investigation into IB, based on a defeat evaluation methdology. IB vulnerabilities considered two areas, namely physical and software vulnerabilties. Physical hardware vulnerabilities included physical access to the automation devices or workstations, communication networks, wiretapping, remote connectivity, foreign devices and local field programming. Software vulnerabilities included common connectivity protocols, restricted encryption and limited security considerations. These vulnerabilities could result in such attacks as denial of service, covert facilty entry or espionage. IB risks are contextual, aligned with the facility’s threat exposure; nevertheless, there are generic mitigation strategies that can be taken to protect IB systems. Protection includes situational threat driven security risk management, understanding system criticalities, integration of departments, a degree of network isolation and greater awareness.

Citation Information
David J Brooks. "Intelligent buildings: an investigation into current and emerging security vulnerabilities in automated building systems using an applied defeat methodology" (2011)
Available at: http://works.bepress.com/david_brooks/7/