On Building Automation System security

Building Automation Systems (BASs) are seeing increased usage in modern society due to the plethora of benefits they provide such as automation for climate control, HVAC systems, entry systems, and lighting controls. Many BASs in use are outdated and suffer from numerous vulnerabilities that stem from the design of the underlying BAS protocol. In this paper, we provide a comprehensive, up-to-date survey on BASs and attacks against seven BAS protocols including BACnet, EnOcean, KNX, LonWorks, Modbus, ZigBee, and Z-Wave. Holistic studies of secure BAS protocols are also presented, covering BACnet Secure Connect, KNX Data Secure, KNX/IP Secure, ModBus/TCP Security, EnOcean High Security and Z-Wave Plus. LonWorks and ZigBee do not have security extensions. We point out how these security protocols improve the security of the BAS and what issues remain. A case study is provided which describes a real-world BAS and showcases its vulnerabilities as well as recommendations for improving the security of it. We seek to raise awareness to those in academia and industry as well as highlight open problems within BAS security. (c) 2024 The Author(s). Published by Elsevier B.V. on behalf of Shandong University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).