©2019 This excerpt taken from the article of the same name which appeared in ASHRAE Journal, vol. 61, no. 7, July 2019.
An attack on a building automation system in two apartment buildings in Finland left residents in the cold during the winter of 2016. A distributed-denial-of-service (DDoS) attack hit the Domain Name System service and disabled remote connection access forcing building management to inspect the homes on-site. The automation system that controlled the homes’ heating, hot water and ventilation systems continuously rebooted, until the system stopped working entirely.
By disconnecting the system from the Internet, the problem was resolved in about an hour. While the building automation system attack did not cause lasting or life-altering damage, the lack of awareness of building automation system security can result in damage to a facility and its occupants, said Levi Tully, Member ASHRAE.
“The most severe data breach in a traditional organization is unlikely to have direct physical impact on the occupants of the building. But a malicious attack on a building automation system can very easily pose a significant threat to the health and welfare of people,” he said. “The biggest threat is that no one appreciates the risk of building automation cybersecurity.”
As unprotected building automation systems can quickly become high-risk with potential life damage to a building and its occupants, securing these systems is becoming a necessity. Some places and applications are even requiring security protection, said Bernhard Isler, Member ASHRAE, a former chair of the standard committee for ASHRAE Standard 135-2016, BACnet—A Data Communication Protocol for Building Automation and Control Networks.
“Building automation systems are part of the infrastructure of buildings, and malicious users that get access to the building automation system’s communication may interfere with the system and produce unwanted behavior or damage to HVAC and other equipment, or life-safety threats even,” said Isler, a senior systems architect for Siemens Switzerland, Ltd.
Common Mistakes
People who, intentionally or by accident, change a device’s configuration or control parameters are the principal security threats to BACnet systems.
Unauthorized access to a building control system and its data could be used to:
- Exploit operating information such as occupancy schedules;
- Cause tenant discomfort;
- Interrupt facility operations; and
- Contribute to equipment or facility damage.
These could interrupt mission readiness, cause financial loss, environmental destruction and potentially risk human health and safety, said Tully, a manager of application engineering for Reliable Controls Corporation.
Steven Bushby, Fellow ASHRAE, a previous chair of the Standard 135 committee, said the legacy of the building industry ignoring building automation system’s cybersecurity is because closed, proprietary systems were not connected to anything; thus, not seen as much of a risk. That changed with the development of BACnet, the most widely used building automation system protocol in the world.
The most common BACnet system is a multi-level system with workstations and supervisory controllers connected to an Internet Protocol (IP) network. The supervisory controllers often serve as routers to a different, lower-cost network technology that connects equipment specific controllers, according to Bushby, who works for the National Institute of Standards and Technology (NIST). He is the leader of NIST”s Mechanical Systems and Controls Group of the Energy and Environment Division of the Engineering Laboratory.
Read the Full Article
ASHRAE Members have free access to the full-text PDF of this article as well as the complete ASHRAE Journal archives back to 1997 in the Free Member Access Area.
Non-members can purchase features from the ASHRAE Bookstore. Or, Join ASHRAE!
Return to Featured Article Excerpts
Return to ASHRAE Journal Featured Article Excerpts