Security Issues with Integrated Smart Buildings

Similar documents
White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

ICANWK406A Install, configure and test network security

A Systems Approach to HVAC Contractor Security

COSC 472 Network Security

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Network Security: Introduction

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Potential Targets - Field Devices

Designing a security policy to protect your automation solution

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement... 2

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

What is Really Needed to Secure the Internet of Things?

By David G. Holmberg, Ph.D., Member ASHRAE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Network & Information Security Policy

Data Security Concerns for the Electric Grid

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Banking Security using Honeypot

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

Recommended IP Telephony Architecture

Business Phone Security. Threats to VoIP and What to do about Them

Cisco Advanced Services for Network Security

Building A Secure Microsoft Exchange Continuity Appliance

SCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

KeyLock Solutions Security and Privacy Protection Practices

CS5008: Internet Computing

Basics of Internet Security

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Chapter 9 Firewalls and Intrusion Prevention Systems

Link Layer and Network Layer Security for Wireless Networks

Chapter 6: Fundamental Cloud Security

Managing IT Security with Penetration Testing

1. Computer Security: An Introduction. Definitions Security threats and analysis Types of security controls Security services

Cyber Security Implications of SIS Integration with Control Networks

Closing Wireless Loopholes for PCI Compliance and Security

High Performance, Secure VPN Servers for Remote Utility, Industrial Automation Systems:

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

Wireless Network Security

Introduction. Industry Changes

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

White Paper. April Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks

Information Technology Branch Access Control Technical Standard

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Link Layer and Network Layer Security for Wireless Networks

Firewalls, Tunnels, and Network Intrusion Detection

HANDBOOK 8 NETWORK SECURITY Version 1.0

National Endowment for the Arts Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement Exit Conference...

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Critical Controls for Cyber Security.

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Down the SCADA (security) Rabbit Hole. Alberto Volpatto

E-BUSINESS THREATS AND SOLUTIONS

Information Technology Security Review April 16, 2012

Penetration Testing. Presented by

Payment Card Industry (PCI) Data Security Standard

Passing PCI Compliance How to Address the Application Security Mandates

Getting a Secure Intranet

VOIP SECURITY ISSUES AND RECOMMENDATIONS

Protecting Your Organisation from Targeted Cyber Intrusion

ISO Controls and Objectives

The Trivial Cisco IP Phones Compromise

Global Partner Management Notice

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Notes on Network Security - Introduction

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

1 Purpose Scope Roles and Responsibilities Physical & Environmental Security Access Control to the Network...

Taxonomic Modeling of Security Threats in Software Defined Networking

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Wireless Security and Healthcare Going Beyond IEEE i to Truly Ensure HIPAA Compliance

THE TOP 4 CONTROLS.

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

Adobe ColdFusion. Secure Profile Web Application Penetration Test. July 31, Neohapsis 217 North Jefferson Street, Suite 200 Chicago, IL 60661

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

Cyber Security Where Do I Begin?

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs

Secure Software Programming and Vulnerability Analysis

Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014

DMZ Gateways: Secret Weapons for Data Security

Security in DSL Networks. Issues and Solutions for Small-to-Medium Sized Enterprises

Hengtian Information Security White Paper

Transcription:

Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern regarding the security of building control systems, especially in smart buildings where advanced technology is deployed. We see stories in the news regarding malicious cyber-attacks on private companies, government networks and internet sites and there are questions as to what such an attack would mean for building control systems, building operations, occupants and owners. The apprehension is amplified in newer buildings because there have been increased penetration of IT infrastructure in building control systems and greater integration and interconnection of building controls with other systems. The potential security vulnerability of a building can extend to the smart grid as we move to implement two-way communication between buildings and the grid, and of course could also impact corporate business systems. The overarching security concern is more about network security and less about physical security, although the two are certainly related. Network Attacks Interception Network Sniffing Fabrication Insert Malformed Messages Insert Correct Messages Replay Old Messages Modification Man-In-the-Middle Attacks Alteration Interruption Denial of Service Network Flooding Redirection BAS Security Attacks Device Attacks Software Code Injection Exploiting Algorithm Weakness Availability Attacks Configuration Mechanism Abuse Side-Channel Time Analysis Power Analysis Fault Behavior Analysis Physical Eavesdropping Microprobing Component Replacement The threat simply is that someone can penetrate a building s systems via an unsecured network to cause damage, disruption, theft or possibly even loss of life. For traditional IT systems, the threat may be loss of communications, unauthorized access to sensitive data, theft of intellectual property, disruption of equipment which may include physical security systems such as access control and video surveillance, loss of data, and impediments to business continuity. For the other building systems such as HVAC control, electrical distribution, lighting, elevators, etc., the threat is disruption of critical 1

building infrastructure which also impedes or can halt normal operations. Depending on the building use and building control system, a security threat may be related to life safety, for example disrupting emergency power, lighting and HVAC in a critical healthcare space. The threat to building systems is not hypothetical; the infamous Stuxnet cyber-attack in 2010 eventually affected programmable logic controllers (PLC), a controller that is often used in industry, commonly in buildings elevators, pumps, drives, and lighting equipment. In general the building automation industry and facility management have treated the security of building control networks as a secondary or tertiary issue, if at all. The most popular security approach for a building management system (BMS) is to isolate the BMS; not letting it connect to any other networks. But that alone is a false sense of security; the BMS at a minimum will have fire systems, HVAC, access control, elevators and possibly lighting connected into it, potentially allowing access from one of those networks or one of the devices on those networks. Minimal or partial security measures may be in place for some buildings but not the comprehensive security measures required to minimize network vulnerability. It s fair to say that most traditional building management systems are not secured. In fact, many legacy BMS systems have back doors allowing the BMS manufacturer or local control contractor to monitor, manage or update the systems. It is interesting that while oftentimes the recent security concern is about newer buildings, it is older buildings with legacy BMS systems that are probably much more vulnerable to attack. The legacy systems are likely to be running older operating systems, databases, and web browsers, some of which may no longer be updated with security patches. In addition, the vulnerabilities of older systems are public knowledge and well known to hackers, thus minimizing the effort and time for an attack. The automation industry has rightfully strived for standards for systems, moving from proprietary implementations by manufacturers to open and transparent communication protocols. There are many benefits to open standards: compatibility of products, customization, avoiding being locked-in to one manufacturer, interoperability, competitive costs, more support options, etc. At the same time open and transparent standards would seem to increase 2

the vulnerability of BAS networks, basically providing all the information hackers would need to assess vulnerabilities and potential approaches for an attack; this may look like something akin to giving the car thief the keys to the car. It is important to note that having a proprietary protocol does not inherently make a system secure. If the attack is performed on the BAS server or workstation rather than directly on a controller then the protocol is irrelevant. There are also tools such as gateways which are used for integration to such systems and which can also provide an avenue for attack. However, one of the upsides of the open standards movement is that it allows those communication protocols to incorporate network security related attributes. Most major BAS standards have incorporated some security mechanisms. The security aspects of BACnet are probably the most advanced, at the other end of the spectrum is Modbus, which has no inherent security capabilities. There are two main attack scenarios to consider: a remote attack originating from outside the building LAN and a local attack from inside the LAN. The first is much more likely but also much easier to mitigate, while the second is potentially much more dangerous and difficult to deal with. A cyber-attack on a BAS network is either going to go after the network, trying to access or disrupt the communication or exchange of data, or the BAS devices, namely the controllers, actuators and sensors. The BAS network could be accessed physically, possible via wireless communication, but also through a network device, such as a compromised controller. The attacks on the devices are likely to emanate from the network or physical manipulation of the device. Tips on Preventing a Security Breach Developing, testing and deploying security measures in buildings needs to be an ongoing process actively built into the operation of the building. Here are some suggestions for the first steps: 3

Assign a dedicated network administrator for building control systems with responsibility for ongoing network security. The network administrator should coordinate security efforts and responses, as well as internal and external assistance. In the event that Facility Management is spearheading the effort coordinate with the IT department early on. Take a comprehensive approach assess every building system, its vulnerabilities and what the loss or disruption of the systems will mean to building operations and occupants as well as the financial impact. Identify probably avenues of attack and monitor for telltale signs of an ongoing attack. Start with the use of IT security measures on the building automation networks. Typical IT Security Measures Strong firewalls User authentication Secured wireless Awareness about physical security Use VPNs in enterprise situations Back-up policy Strong encryption of BAS data communication Network hardware is in secured data center Intrusion detection systems Devices that can capture IP packets Understand that while the IT security measures are valuable they may not apply to all systems or portions of building control systems. For example, at the field or application control level you may find controllers with limited processing power and memory, and utilizing a limited bandwidth network. Not likely candidates for IT-type security. Provide physical security in areas or spaces where BAS equipment is located and BAS network cable runs. Encrypt your network traffic. Secure any wireless network Take into consideration the human aspects of security; the greatest threat is from the inside ; disgruntled employees, those taking shortcuts or bringing in their own laptop, etc. Develop policies regarding passwords, configurations, settings, and a comprehensive training program. 4

Make sure you have secure backups of all databases that cannot be accessed or deleted from the network. In most cases an attacker will start with the easiest targets, so consider creating honeypot systems that are purposely insecure and monitor them for signs of attack in order to let you know when someone is targeting your systems. Perhaps even more importantly, you should also make plans for what to do in case prevention fails and an attack is underway. Develop strategies for identifying ongoing attacks and shutting off web access, VPNs, servers, even ports on network switches that are used by BAS network controllers in response to an attack. In most cases controllers will continue operating on schedules and sensor inputs when disconnected from a management server, which may be a better option than letting the attack continue. There is no point in deploying a security program that only addresses a limited portion of the vulnerabilities; that s simply an admission that some systems are not safe. Comprehensively securing a building not only involves access control and video surveillance or an IT security program, it must also include the building control and automation systems. The control systems are different types of networks and have never had any comprehensive security measures. But the new and changing technology as well as system integration requires the control systems be brought under a security umbrella. If you have comments or feedback about this article, we would like to hear from you at news@smartbuildingnews.com. 5

6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information