Abstract
Building Automation Systems (BASs) are seeing increased usage in modern society due to the plethora of benefits they provide such as automation for climate control, HVAC systems, entry systems, and lighting controls. Many BASs in use are outdated and suffer from numerous vulnerabilities that stem from the design of the underlying BAS protocol. In this paper, we provide a comprehensive, up-to-date survey on BASs and attacks against seven BAS protocols including BACnet, EnOcean, KNX, LonWorks, Modbus, ZigBee, and Z-Wave. Holistic studies of secure BAS protocols are also presented, covering BACnet Secure Connect, KNX Data Secure, KNX/IP Secure, ModBus/TCP Security, EnOcean High Security and Z-Wave Plus. LonWorks and ZigBee do not have security extensions. We point out how these security protocols improve the security of the BAS and what issues remain. A case study is provided which describes a real-world BAS and showcases its vulnerabilities as well as recommendations for improving the security of it. We seek to raise awareness to those in academia and industry as well as highlight open problems within BAS security.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
