Browse > Article
http://dx.doi.org/10.5762/KAIS.2017.18.4.669

A Study on security characteristics and vulnerabilities of BAS(Building Automation System)  

Choi, Yeon-Suk (Department of Computer Engineering, Hoseo University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.18, no.4, 2017 , pp. 669-676 More about this Journal
Abstract
Recently, due to the importance of information security, security vulnerability analysis and various information protection technologies and security systems are being introduced as a countermeasure against cyber-attacks in new as well as existing buildings, and information security studies on high-rise buildings are also being conducted. However, security system introduction and research are generally performed from the viewpoint of general IT systems and security policies, so there is little consideration of the infrastructure of the building. In particular, the BAS or building infrastructure, is a closed system, unlike typical IT systems, but has unique structural features that accommodate open functions. Insufficient understanding of these system structures and functions when establishing a building security policy makes the information security policies for the BAS vulnerable and increases the likelihood that all of the components of the building will be exposed to malicious cyber-attacks via the BAS. In this paper, we propose an architecture reference model that integrates three different levels of BAS structure (from?) different vendors. The architectures derived from this study and the security characteristics and vulnerabilities at each level will contribute to the establishment of security policies that reflect the characteristics of the BAS and the improvement of the safety management of buildings.
Keywords
BAS; cyber attack; information security; security characteristic; security policy; vulnerability;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 Pramod E. F. Dribble, Raphael Imhof, Udo Drafz, " Cyber security in Smart Buildings: Preventing Vulnerability While Increasing Connectivity", CABA Intelligent & Integrated Buildings Council(IIBC), 2015.
2 Cheol-Won Lee, "Major Control Facilities Cyber Security Trends", NST, 2007.
3 Sung-Mo Jung, Jae-gu Song, Tai-Hoon Kim, Yo-Hwan So, Seok-Soo Kim, "Design of Idle-time Measurement System for Data Spoofing Detection", Journal of the Korea Academia-Industrial cooperation Society, Vol. 11, No. 1, pp. 151-158, 2010. DOI: http://dx.doi.org/10.5762/KAIS.2010.11.1.151   DOI
4 Young-Doo Kang, Kil-To Chong, "Development of Cyber Security Assessment Methodology for the Instrumentation & Control Systems in Nuclear Power Plants", Journal of the Korea Academia-Industrial cooperation Society, Vol. 11, No. 9, pp. 3451-3457, 2010. DOI: http://dx.doi.org/10.5762/KAIS.2010.11.9.3451   DOI
5 Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno, "Experimental Security Analysis of a Modern Automobile", IEEE Symposium on Security and Privacy, Oakland, CA, pp. 16-19, May 2010. DOI: https://doi.org/10.1109/sp.2010.34
6 Ministry of Public Safety and Security, "Report on the development of high-rise building safety management standard manual", 2007.
7 Man-Chul Choi, Byung-Suk Kim(2011), "A Study on the general direction of Fire-Fighting Safety management in high-rise buildings", Journal of the Korea Safety management & Science, Vol. 13, No. 2, pp. 67-75, 2011.
8 Bin Sung, Yoon-Ho Lee ,"Review on Prior Evaluation for Terrorism Risk of High-rise Buildings", Journal of KSSA, Vol. 36, pp. 293-316, 2013.
9 Sang-Hwan Bae,"A study of vertical airflow and smoke control technique for high-rise building, Daerim Technical Review, pp. 89-95, Jun. 2013.
10 IT Security Group, "Best Practices for Securing an Intelligent Building Management System", Schneider Electric Buildings BU, Apr. 2011.
11 David J. Brooks, "Intelligent buildings: an investigation into current and emerging security vulnerabilities in automated building systems using an applied defeat methodology", The Proceedings of the 4th Australian Security and Intelligence Conference, Edith Cowan University, Perth Western Australia, 5th -7th Dec. 2011.
12 Hong Won-Pyo, "Building Automation System", The Proceedings of the Korean Institute of Illuminating and Electrical Installation Engineers, Vol. 12, No. 3, pp. 56-66, 1998.
13 Building Automation and Control Systems (BACS)- Part 2: Hardware, ISO Std. 16484-2, 2004.
14 Wolfgang Kastner, Georg Neuschwandtner, Stefan Soucek and H. Michael Newman, "Communication Systems for Building Automation and Control", Proceedings of the IEEE, June, Vol. 93, No. 6, pp. 1178-1203, 2005. DOI: https://doi.org/10.1109/jproc.2005.849726   DOI