A critical review of cyber-physical security for building automation systems

IF 7.3 2区 计算机科学 Q1 AUTOMATION & CONTROL SYSTEMS
Guowen Li , Lingyu Ren , Yangyang Fu , Zhiyao Yang , Veronica Adetola , Jin Wen , Qi Zhu , Teresa Wu , K.Selcuk Candan , Zheng O'Neill
{"title":"A critical review of cyber-physical security for building automation systems","authors":"Guowen Li ,&nbsp;Lingyu Ren ,&nbsp;Yangyang Fu ,&nbsp;Zhiyao Yang ,&nbsp;Veronica Adetola ,&nbsp;Jin Wen ,&nbsp;Qi Zhu ,&nbsp;Teresa Wu ,&nbsp;K.Selcuk Candan ,&nbsp;Zheng O'Neill","doi":"10.1016/j.arcontrol.2023.02.004","DOIUrl":null,"url":null,"abstract":"<div><p>Modern Building Automation Systems (BASs), as the brain that enable the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as the cloud, to enable low-cost remote management, optimized automation via outsourced cloud analytics, and increased building-grid integrations. As smart buildings move towards open communication technologies, providing access to BASs through the building's intranet, or even remotely through the Internet, has become a common practice. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection &amp; defense approaches, and cyber resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols (i.e., BACnet, KNX, LonWorks, and Modbus) are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.</p></div>","PeriodicalId":50750,"journal":{"name":"Annual Reviews in Control","volume":"55 ","pages":"Pages 237-254"},"PeriodicalIF":7.3000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Annual Reviews in Control","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1367578823000032","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"AUTOMATION & CONTROL SYSTEMS","Score":null,"Total":0}
引用次数: 8

Abstract

Modern Building Automation Systems (BASs), as the brain that enable the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as the cloud, to enable low-cost remote management, optimized automation via outsourced cloud analytics, and increased building-grid integrations. As smart buildings move towards open communication technologies, providing access to BASs through the building's intranet, or even remotely through the Internet, has become a common practice. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols (i.e., BACnet, KNX, LonWorks, and Modbus) are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.

楼宇自动化系统的网络物理安全综述
现代建筑自动化系统(BAS)作为实现智能建筑智能化的大脑,通常需要增加系统组件之间以及与外部实体(如云)的连接,以实现低成本的远程管理、通过外包云分析优化自动化,并增加建筑网格集成。随着智能建筑向开放通信技术迈进,通过建筑内部网,甚至通过互联网远程访问BAS已成为一种常见做法。然而,连接和可访问性的增加也带来了网络安全威胁的增加。BAS在历史上是作为封闭环境开发的,网络安全考虑有限。因此,许多建筑中的BAS容易受到网络攻击,这些攻击可能会造成不利后果,如居住者不适、过度能源使用和设备意外停机。因此,迫切需要提高BAS的网络物理安全技术,并为建筑物中的攻击缓解提供实用的解决方案。然而,对BAS漏洞、潜在网络攻击以及影响评估、检测和;防御方法和网络弹性控制策略目前在文献中缺乏。这篇综述论文填补了这一空白,从管理层、自动化层和现场层三个层面对商业建筑BAS的网络物理安全进行了全面的最新综述。审查了四种主要BAS协议(即BACnet、KNX、LonWorks和Modbus)的通用BAS漏洞和协议特定漏洞,然后讨论了四个攻击目标和七种潜在攻击场景。网络攻击对BAS的影响概括为信号破坏、信号延迟和信号阻塞。典型的网络攻击检测和防御方法分为三个层次。针对受到攻击的BAS的网络弹性控制策略分为被动和主动弹性控制方案。最后讨论了开放的挑战和未来的机遇。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Annual Reviews in Control
Annual Reviews in Control 工程技术-自动化与控制系统
CiteScore
19.00
自引率
2.10%
发文量
53
审稿时长
36 days
期刊介绍: The field of Control is changing very fast now with technology-driven “societal grand challenges” and with the deployment of new digital technologies. The aim of Annual Reviews in Control is to provide comprehensive and visionary views of the field of Control, by publishing the following types of review articles: Survey Article: Review papers on main methodologies or technical advances adding considerable technical value to the state of the art. Note that papers which purely rely on mechanistic searches and lack comprehensive analysis providing a clear contribution to the field will be rejected. Vision Article: Cutting-edge and emerging topics with visionary perspective on the future of the field or how it will bridge multiple disciplines, and Tutorial research Article: Fundamental guides for future studies.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信