fraunhof er-insti tut f Ür kommunikat i on, inf ormati...
TRANSCRIPT
Building automation systems (BAS) are concerned with control and monitoring of buildings, while aiming to achieve different goals such as: • provide safety for inhabitants (e.g. by integrating fire
alarm systems or physical access control), • control the climate in the building/supervise and control
the heating, ventilation, and air conditioning equipment • perform facility management (indicate problem by
generating reports, graphs and annunciating alarms) • perform energy management strategies to reduce
operating and energy costs
Realization and Experiences with a Low-Cost Building Automation Security Testbed for Educational Purposes
BUILDING AUTOMATION SYSTEMS
Building automation systems dearth the aspect of security as they originated at the time when security was not an utmost concern. Some security challenges concerned with building automation systems (Granzer et al., 2010) are: • Network attacks: Manipulation, fabrication or interruption
of the transmitted data over the network • Device attacks:
Software level: code injection, exploiting algorithm Physical level: component replacement, microprobing
• Network steganography: Hidden exfiltration of sensor data (e.g. monitoring of inhabitants or employees) (Wendzel, 2012)
SECURITY IN BUILDING AUTOMATION SYSTEMS
Benefits: • Very simple, cheap solution and available as open source • Easy to get hands-on with the logic and code • Dynamically show the behavior and relationship of the
components involved • Comprehensive testing can be done effectively without
damaging the real hardware • Results in reduced training time • Efficient monitoring of network flow with the help of
Wireshark
VIRTUAL TESTBED
Major goal: Allow teaching of BAS fundamentals and BAS security for students and employees in a highly configurable way without requiring expensive BAS hardware. Defensive mechanism: Traffic Normalization We realized traffic normalization as a protection measure for one of the widely used BAS protocols BACnet. • Sits on the communication path between the BACnet
devices and monitors the traffic exchanged between the devices in order to detect anomalies
• Reports malicious activity and perform actions (drop/modify) as per normalization rules
Jaspreet Kaur and Steffen Wendzel
Linux Machines with BACnet stack (act as BACnet devices)
Linux machine with Snort (acts as Traffic
Normalizer) Messages sent via Scapy (Protocol Fuzzer)
System structure of the virtual testbed for traffic normalization between BACnet devices
[email protected], [email protected]
FR
AU
NH
OF
ER
-IN
ST
ITU
T F
ÜR
KO
MM
UN
IKA
TIO
N,
INF
OR
MA
TIO
NS
VE
RA
RB
EIT
UN
G U
ND
ER
GO
NO
MIE
FK
IE /
JA
HR
ES
BE
RIC
HT
20
12
/13
F R A U N H O F E R - I N S T I T U T F Ü R K O M M U N I K AT I O N , I N F O R M AT I O N S V E R A R B E I T U N G U N D E R G O N O M I E F K I E
12/13JAHRESBER I CH T