Dominik Meyer, Jan Haase, Marcel Eckert, B. Klauer
{"title":"A threat-model for building and home automation","authors":"Dominik Meyer, Jan Haase, Marcel Eckert, B. Klauer","doi":"10.1109/INDIN.2016.7819280","DOIUrl":null,"url":null,"abstract":"Security and privacy are very important assets within building and home automation because the System Control Unit (SCU) stores and processes a huge amount of data about the inhabitants or employees of the building. This data is necessary for managing the building and increasing the convenience of persons within. But this data can also be used to create a movement profile, monitor working times, and draw conclusions about people's health situation. Modern smart home implementations also control many actuators within the building including doors, windows, locks, and fire extinguisher. These increase security and safety, but unauthorized control can reduce the security and can even be harmful to persons. Therefore, identifying the different security and privacy threats is very important and helps system engineers and system managers to develop and deploy secure systems. This work presents an abstract model of a building automation system and some attack trees which simplify threat identification. Attack trees are common in secure software development and secure system deployment. An example smart home deployment is evaluated using the proposed model and attack trees to show the feasibility.","PeriodicalId":421680,"journal":{"name":"2016 IEEE 14th International Conference on Industrial Informatics (INDIN)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"26","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE 14th International Conference on Industrial Informatics (INDIN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INDIN.2016.7819280","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 26
Abstract
Security and privacy are very important assets within building and home automation because the System Control Unit (SCU) stores and processes a huge amount of data about the inhabitants or employees of the building. This data is necessary for managing the building and increasing the convenience of persons within. But this data can also be used to create a movement profile, monitor working times, and draw conclusions about people's health situation. Modern smart home implementations also control many actuators within the building including doors, windows, locks, and fire extinguisher. These increase security and safety, but unauthorized control can reduce the security and can even be harmful to persons. Therefore, identifying the different security and privacy threats is very important and helps system engineers and system managers to develop and deploy secure systems. This work presents an abstract model of a building automation system and some attack trees which simplify threat identification. Attack trees are common in secure software development and secure system deployment. An example smart home deployment is evaluated using the proposed model and attack trees to show the feasibility.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
