A critical review of cyber-physical security for building automation systems

IF 7.3 2区计算机科学 Q1 AUTOMATION & CONTROL SYSTEMS Annual Reviews in Control Pub Date : 2023-01-01 DOI:10.1016/j.arcontrol.2023.02.004

Guowen Li , Lingyu Ren , Yangyang Fu , Zhiyao Yang , Veronica Adetola , Jin Wen , Qi Zhu , Teresa Wu , K.Selcuk Candan , Zheng O'Neill

{"title":"A critical review of cyber-physical security for building automation systems","authors":"Guowen Li , Lingyu Ren , Yangyang Fu , Zhiyao Yang , Veronica Adetola , Jin Wen , Qi Zhu , Teresa Wu , K.Selcuk Candan , Zheng O'Neill","doi":"10.1016/j.arcontrol.2023.02.004","DOIUrl":null,"url":null,"abstract":"<div><p>Modern Building Automation Systems (BASs), as the brain that enable the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as the cloud, to enable low-cost remote management, optimized automation via outsourced cloud analytics, and increased building-grid integrations. As smart buildings move towards open communication technologies, providing access to BASs through the building's intranet, or even remotely through the Internet, has become a common practice. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols (i.e., BACnet, KNX, LonWorks, and Modbus) are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.</p></div>","PeriodicalId":50750,"journal":{"name":"Annual Reviews in Control","volume":null,"pages":null},"PeriodicalIF":7.3000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Annual Reviews in Control","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1367578823000032","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"AUTOMATION & CONTROL SYSTEMS","Score":null,"Total":0}

引用次数: 8

Abstract

Modern Building Automation Systems (BASs), as the brain that enable the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as the cloud, to enable low-cost remote management, optimized automation via outsourced cloud analytics, and increased building-grid integrations. As smart buildings move towards open communication technologies, providing access to BASs through the building's intranet, or even remotely through the Internet, has become a common practice. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols (i.e., BACnet, KNX, LonWorks, and Modbus) are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

楼宇自动化系统的网络物理安全综述

现代建筑自动化系统（BAS）作为实现智能建筑智能化的大脑，通常需要增加系统组件之间以及与外部实体（如云）的连接，以实现低成本的远程管理、通过外包云分析优化自动化，并增加建筑网格集成。随着智能建筑向开放通信技术迈进，通过建筑内部网，甚至通过互联网远程访问BAS已成为一种常见做法。然而，连接和可访问性的增加也带来了网络安全威胁的增加。BAS在历史上是作为封闭环境开发的，网络安全考虑有限。因此，许多建筑中的BAS容易受到网络攻击，这些攻击可能会造成不利后果，如居住者不适、过度能源使用和设备意外停机。因此，迫切需要提高BAS的网络物理安全技术，并为建筑物中的攻击缓解提供实用的解决方案。然而，对BAS漏洞、潜在网络攻击以及影响评估、检测和；防御方法和网络弹性控制策略目前在文献中缺乏。这篇综述论文填补了这一空白，从管理层、自动化层和现场层三个层面对商业建筑BAS的网络物理安全进行了全面的最新综述。审查了四种主要BAS协议（即BACnet、KNX、LonWorks和Modbus）的通用BAS漏洞和协议特定漏洞，然后讨论了四个攻击目标和七种潜在攻击场景。网络攻击对BAS的影响概括为信号破坏、信号延迟和信号阻塞。典型的网络攻击检测和防御方法分为三个层次。针对受到攻击的BAS的网络弹性控制策略分为被动和主动弹性控制方案。最后讨论了开放的挑战和未来的机遇。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Annual Reviews in Control 工程技术-自动化与控制系统

CiteScore

19.00

自引率

2.10%

发文量

审稿时长

36 days

期刊介绍： The field of Control is changing very fast now with technology-driven “societal grand challenges” and with the deployment of new digital technologies. The aim of Annual Reviews in Control is to provide comprehensive and visionary views of the field of Control, by publishing the following types of review articles: Survey Article: Review papers on main methodologies or technical advances adding considerable technical value to the state of the art. Note that papers which purely rely on mechanistic searches and lack comprehensive analysis providing a clear contribution to the field will be rejected. Vision Article: Cutting-edge and emerging topics with visionary perspective on the future of the field or how it will bridge multiple disciplines, and Tutorial research Article: Fundamental guides for future studies.