Australian Security and Intelligence Conference

Document Type

Conference Proceeding


secau Security Research Centre, Edith Cowan University, Perth, Western Australia


Originally published in the Proceedings of the 4th Australian Security and Intelligence Conference, Edith Cowan University, Perth Western Australia, 5th -7th December, 2011


Intelligent Buildings (IB) have become increasing popular during the past decade, driven through the need to reduce energy, have more reactive and safer buildings, and increase productivity. IB integrate many systems that were in the past isolated from each other, including fire and life safety, HVAC, lighting, security, etc. Facilities contain commercial-in-confidence material and other valued assets; however, IB are integrated through open and common data communication protocols and hardware, leaving facilities exposed to external and internal threats. The study presents an investigation into IB, based on a defeat evaluation methdology. IB vulnerabilities considered two areas, namely physical and software vulnerabilties. Physical hardware vulnerabilities included physical access to the automation devices or workstations, communication networks, wiretapping, remote connectivity, foreign devices and local field programming. Software vulnerabilities included common connectivity protocols, restricted encryption and limited security considerations. These vulnerabilities could result in such attacks as denial of service, covert facilty entry or espionage. IB risks are contextual, aligned with the facility’s threat exposure; nevertheless, there are generic mitigation strategies that can be taken to protect IB systems. Protection includes situational threat driven security risk management, understanding system criticalities, integration of departments, a degree of network isolation and greater awareness.