High-Confidence Computing (Sep 2024)
On Building Automation System security
Abstract
Building Automation Systems (BASs) are seeing increased usage in modern society due to the plethora of benefits they provide such as automation for climate control, HVAC systems, entry systems, and lighting controls. Many BASs in use are outdated and suffer from numerous vulnerabilities that stem from the design of the underlying BAS protocol. In this paper, we provide a comprehensive, up-to-date survey on BASs and attacks against seven BAS protocols including BACnet, EnOcean, KNX, LonWorks, Modbus, ZigBee, and Z-Wave. Holistic studies of secure BAS protocols are also presented, covering BACnet Secure Connect, KNX Data Secure, KNX/IP Secure, ModBus/TCP Security, EnOcean High Security and Z-Wave Plus. LonWorks and ZigBee do not have security extensions. We point out how these security protocols improve the security of the BAS and what issues remain. A case study is provided which describes a real-world BAS and showcases its vulnerabilities as well as recommendations for improving the security of it. We seek to raise awareness to those in academia and industry as well as highlight open problems within BAS security.
