A critical review of cyber-physical security for building automation systems
Journal Article
·
· Annual Reviews in Control
- Texas A&M University, College Station, TX (United States); Texas A&M University
- Raytheon Technologies Research Center, East Hartford, CT (United States)
- Texas A&M University, College Station, TX (United States)
- Pacific Northwest National Laboratory (PNNL), Richland, WA (United States)
- Drexel University, Philadelphia, PA (United States)
- Northwestern University, Evanston, IL (United States)
- Arizona State University, Tempe, AZ (United States)
Modern Building Automation Systems (BASs), as the brain that enable the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as the cloud, to enable low-cost remote management, optimized automation via outsourced cloud analytics, and increased building-grid integrations. As smart buildings move towards open communication technologies, providing access to BASs through the building's intranet, or even remotely through the Internet, has become a common practice. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols (i.e., BACnet, KNX, LonWorks, and Modbus) are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. Furthermore, the impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.
- Research Organization:
- Pacific Northwest National Laboratory (PNNL), Richland, WA (United States); Texas A & M Univ., College Station, TX (United States); Texas A&M Engineering Experiment Station, Bryan, TX (United States)
- Sponsoring Organization:
- USDOE; USDOE Office of Energy Efficiency and Renewable Energy (EERE), Energy Efficiency Office. Building Technologies Office
- Grant/Contract Number:
- AC05-76RL01830; EE0009150
- OSTI ID:
- 2331291
- Alternate ID(s):
- OSTI ID: 2439376
OSTI ID: 1975451
OSTI ID: 2567486
- Report Number(s):
- PNNL-SA--179500
- Journal Information:
- Annual Reviews in Control, Journal Name: Annual Reviews in Control Vol. 55; ISSN 1367-5788
- Publisher:
- International Federation of Automatic Control - ElsevierCopyright Statement
- Country of Publication:
- United States
- Language:
- English
Similar Records
Development of A Hardware-In-the-Loop (HIL) Testbed for Cyber-Physical Security in Smart Buildings
Conference
·
Tue Feb 07 04:00:00 UTC 2023
·
OSTI ID:2331282