BACnet - Bridging the cyber physical divide one HVAC at a time
Institute of Electrical and Electronics Engineers
Place of Publication
School of Science / Security Research Institute
Building Management Systems (BMSs), which centralise the management of building services, are commonly accessed remotely for operational management and emergency purposes. The protocols used in BMSs were not originally designed with security as a requirement, thus the majority of systems operate with sub-standard or non-existent security implementations. Existing signature-based approaches to threat detection typically deal only with known threats or suffer from a high false positive rate (in the case of anomaly-based approaches). In this paper we present an overview of the problem space with respect to BMS, discuss a common protocol in detail (BACnet) and show how a threat that cannot be detected with conventional intrusion detection methods could be mitigated.