DOI QR코드

DOI QR Code

A Study on security characteristics and vulnerabilities of BAS(Building Automation System)

BAS의 보안 특성 및 취약점에 관한 연구

  • 최연석 (호서대학교 컴퓨터정보공학부)
  • Received : 2016.11.17
  • Accepted : 2017.04.07
  • Published : 2017.04.30

Abstract

Recently, due to the importance of information security, security vulnerability analysis and various information protection technologies and security systems are being introduced as a countermeasure against cyber-attacks in new as well as existing buildings, and information security studies on high-rise buildings are also being conducted. However, security system introduction and research are generally performed from the viewpoint of general IT systems and security policies, so there is little consideration of the infrastructure of the building. In particular, the BAS or building infrastructure, is a closed system, unlike typical IT systems, but has unique structural features that accommodate open functions. Insufficient understanding of these system structures and functions when establishing a building security policy makes the information security policies for the BAS vulnerable and increases the likelihood that all of the components of the building will be exposed to malicious cyber-attacks via the BAS. In this paper, we propose an architecture reference model that integrates three different levels of BAS structure (from?) different vendors. The architectures derived from this study and the security characteristics and vulnerabilities at each level will contribute to the establishment of security policies that reflect the characteristics of the BAS and the improvement of the safety management of buildings.

최근 정보 보안의 중요성으로 인하여 신규 빌딩은 물론 기존 빌딩에서도 사이버 공격에 대한 대비책으로 보안 취약점 분석, 정보 보호 기술 및 시스템이 도입되는 추세이며, 초고층 건축물에 대한 정보 보안 연구들도 이루어지고 있다. 그러나 일반적인 IT 시스템의 관점 및 보안 정책에 따라 보안 시스템 도입과 연구들이 이루어지다 보니, 빌딩의 기반 시설에 대한 고려가 미비한 편이다. 특히, 빌딩 기반 시설인 BAS는 일반적인 IT 시스템과 달리 폐쇄적 시스템이지만 개방형 기능들을 수용하는 독특한 구조적 특징을 가지고 있다. 빌딩 보안 정책을 수립할 때 이러한 시스템 구조와 기능에 대한 이해가 부족하면 BAS에 대한 정보 보안 정책이 미진하게 되고 이로 인해 빌딩 전체 구성 요소들이 BAS를 통한 악의적인 사이버 공격에 노출될 가능성이 커진다. 본 논문은 공급 업체별로 상이한 BAS 구조를 3단계 레벨로 통합 분류한 구조 참고 모델을 제시하였고, 레벨별로 정보 보안 특성 및 취약점을 도출하였다. 본 연구를 통해 도출된 BAS 구조와 레벨별 보안 취약점 및 특성들은 BAS 특징을 반영한 보안 정책 수립과 빌딩의 안전 관리 능력 향상에 기여할 것으로 사료된다.

Keywords

References

  1. Pramod E. F. Dribble, Raphael Imhof, Udo Drafz, " Cyber security in Smart Buildings: Preventing Vulnerability While Increasing Connectivity", CABA Intelligent & Integrated Buildings Council(IIBC), 2015.
  2. Cheol-Won Lee, "Major Control Facilities Cyber Security Trends", NST, 2007.
  3. Sung-Mo Jung, Jae-gu Song, Tai-Hoon Kim, Yo-Hwan So, Seok-Soo Kim, "Design of Idle-time Measurement System for Data Spoofing Detection", Journal of the Korea Academia-Industrial cooperation Society, Vol. 11, No. 1, pp. 151-158, 2010. DOI: http://dx.doi.org/10.5762/KAIS.2010.11.1.151
  4. Young-Doo Kang, Kil-To Chong, "Development of Cyber Security Assessment Methodology for the Instrumentation & Control Systems in Nuclear Power Plants", Journal of the Korea Academia-Industrial cooperation Society, Vol. 11, No. 9, pp. 3451-3457, 2010. DOI: http://dx.doi.org/10.5762/KAIS.2010.11.9.3451
  5. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno, "Experimental Security Analysis of a Modern Automobile", IEEE Symposium on Security and Privacy, Oakland, CA, pp. 16-19, May 2010. DOI: https://doi.org/10.1109/sp.2010.34
  6. Ministry of Public Safety and Security, "Report on the development of high-rise building safety management standard manual", 2007.
  7. Man-Chul Choi, Byung-Suk Kim(2011), "A Study on the general direction of Fire-Fighting Safety management in high-rise buildings", Journal of the Korea Safety management & Science, Vol. 13, No. 2, pp. 67-75, 2011.
  8. Bin Sung, Yoon-Ho Lee ,"Review on Prior Evaluation for Terrorism Risk of High-rise Buildings", Journal of KSSA, Vol. 36, pp. 293-316, 2013.
  9. Sang-Hwan Bae,"A study of vertical airflow and smoke control technique for high-rise building, Daerim Technical Review, pp. 89-95, Jun. 2013.
  10. IT Security Group, "Best Practices for Securing an Intelligent Building Management System", Schneider Electric Buildings BU, Apr. 2011.
  11. David J. Brooks, "Intelligent buildings: an investigation into current and emerging security vulnerabilities in automated building systems using an applied defeat methodology", The Proceedings of the 4th Australian Security and Intelligence Conference, Edith Cowan University, Perth Western Australia, 5th -7th Dec. 2011.
  12. Hong Won-Pyo, "Building Automation System", The Proceedings of the Korean Institute of Illuminating and Electrical Installation Engineers, Vol. 12, No. 3, pp. 56-66, 1998.
  13. Wolfgang Kastner, Georg Neuschwandtner, Stefan Soucek and H. Michael Newman, "Communication Systems for Building Automation and Control", Proceedings of the IEEE, June, Vol. 93, No. 6, pp. 1178-1203, 2005. DOI: https://doi.org/10.1109/jproc.2005.849726
  14. Building Automation and Control Systems (BACS)- Part 2: Hardware, ISO Std. 16484-2, 2004.