Title

Security issues with BACnet value handling

Document Type

Conference Proceeding

Publisher

SciTePress

School

Security Research Institute

RAS ID

26084

Comments

Originally published as: Peacock, M., Johnstone, M. N., Valli, C., Camp, O., Mori, P., & Furnell, S. (2017, February). Security Issues with BACnet Value Handling. In ICISSP (pp. 546-552). Original article available here

Abstract

Building automation systems, or building management systems, control services such as heating, airconditioning and security access in facilities. A common protocol used to transmit data regarding the status of components is BACnet. Unfortunately, whilst security is included in the BACnet standard, it is rarely implemented by vendors of building automation systems. This lack of attention to security can lead to vulnerabilities in the protocol being exploited with the result that the systems and the buildings they control can be compromised. This paper describes a proof-of-concept protocol attack on a BACnet system and examines the potential of modeling the basis of the attack.

DOI

10.5220/0006263405460552

Access Rights

free_to_read

Share

 
COinS