With today’s ongoing integration of heterogeneous building automation systems, increased comfort, energy efficiency, improved building management, sustainability as well as advanced applications such as active & assisted living scenarios become possible. Obviously, the demands – especially regarding security – increase: Secure communication becomes equally important as secure software being executed on the devices. While the former has been addressed by standardization committees and manufacturers, until recently no scientific research is available, that targets the problem of secure control applications in this domain. No attack model has been defined, no security measures have been recommended, existing measures from other domains are either too expensive or time intensive to deploy, cannot be trivially applied to or do not cover specific demands and constraints of the building automation domain. This paper provides an extensive survey of the security requirements for distributed control applications and analyzes software protection methods. An architecture tackling the problem on how to secure software running on different device classes and preventing attacks on smart homes and buildings is briefly introduced at the end.
|Title of host publication||Sicherheit 2016|
|Subtitle of host publication||Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 8. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik|
|Editors||M. Meier, S. Wendzel, M. Reinhardt|
|Number of pages||12|
|Publication status||Published - 2016|
|Event||Sicherheit 2016 - Bonn, Germany|
Duration: 5 Apr 2016 → 7 Apr 2016
|Name||GI Edition Lecture Notes in Informatics|
|Period||5/04/16 → 7/04/16|
- Secure Software
- Security Process
- Secure Control Applications
- Smart Homes
- Building Automation
Praus, F., Kastner, W., & Palensky, P. (2016). Software Security Requirements in Building Automation. In M. Meier, S. Wendzel, & M. Reinhardt (Eds.), Sicherheit 2016: Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 8. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik (Vol. 256, pp. 217-228). (GI Edition Lecture Notes in Informatics). Köllen.