Authors:
Matthew Peacock
;
Michael N. Johnstone
and
Craig Valli
Affiliation:
Edith Cowan University, Australia
Keyword(s):
Building Automation, State Modeling, Security, Heating Ventilation, Air Conditioning.
Related
Ontology
Subjects/Areas/Topics:
Computer-Supported Education
;
Enterprise Information Systems
;
Information Systems Analysis and Specification
;
Information Technologies Supporting Learning
;
Security
;
Security and Privacy
Abstract:
Building automation systems, or building management systems, control services such as heating, air-conditioning
and security access in facilities. A common protocol used to transmit data regarding the status
of components is BACnet. Unfortunately, whilst security is included in the BACnet standard, it is rarely
implemented by vendors of building automation systems. This lack of attention to security can lead to vulnerabilities
in the protocol being exploited with the result that the systems and the buildings they control can be
compromised. This paper describes a proof-of-concept protocol attack on a BACnet system and examines the
potential of modeling the basis of the attack.