A critical review of cyber-physical security for building automation systems
- Texas A&M University, College Station, TX (United States)
- Raytheon Technologies Research Center, East Hartford, CT (United States)
- Pacific Northwest National Laboratory (PNNL), Richland, WA (United States)
- Drexel University, Philadelphia, PA (United States)
- Northwestern University, Evanston, IL (United States)
- Arizona State University, Tempe, AZ (United States)
Modern Building Automation Systems (BASs), as the brain that enable the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as the cloud, to enable low-cost remote management, optimized automation via outsourced cloud analytics, and increased building-grid integrations. As smart buildings move towards open communication technologies, providing access to BASs through the building's intranet, or even remotely through the Internet, has become a common practice. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols (i.e., BACnet, KNX, LonWorks, and Modbus) are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. Furthermore, the impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.
- Research Organization:
- Texas A&M Engineering Experiment Station, Bryan, TX (United States)
- Sponsoring Organization:
- USDOE Office of Energy Efficiency and Renewable Energy (EERE), Energy Efficiency Office. Building Technologies Office
- Grant/Contract Number:
- EE0009150
- OSTI ID:
- 2331291
- Alternate ID(s):
- OSTI ID: 1975451
- Journal Information:
- Annual Reviews in Control, Vol. 55; ISSN 1367-5788
- Publisher:
- International Federation of Automatic Control - ElsevierCopyright Statement
- Country of Publication:
- United States
- Language:
- English
Similar Records
Maximum-impact Adversary Design for Network-based Control System: A Case Study on Grid-interactive Efficient Buildings
CYDRES: CYber Defense and REsilient System for securing grid-interactive efficient buildings