BSEE-SEP21-PG34 Carlo Gavazzi Comment_Layout 1 23/08/2021 12:44 Page 34
BSEE
INDUSTRY COMMENT Secure by design
Networked building management systems bring many benefits but also expose organisations to cybersecurity breaches.
Will Darby, Managing Director of Carlo Gavazzi, explains the threats and suggests some solutions to ensuring smart buildings remain safe and secure while reducing their energy usage?
attacks and data breeches can be huge, the damage to brand reputation can be even more costly. As such,
C
cybersecurity is not something building owners and operators can afford to ignore.
Buildings' Energy Management Systems (EMS) are introduced to increase energy efficiency and ensure occupant comfort. Once separate, these systems are now integrated with company IT infrastructure in order to optimise the control of heating, air conditioning and lighting systems. This interconnectivity represents a massive opportunity for improved energy efficiency and comfort through centralised control and monitoring, but it also exposes companies to greater cybersecurity risks.
Any connected device has the potential to be hacked. With EMS systems being connected directly to the internet, company IT networks and to wireless networks there is also the possibility that criminals can use the EMS as a back door to other connected systems, including those critical to the functioning of the business. Similarly, the purpose of an EMS is to gather information about energy consumption and then to use that information to optimise a system's performance and, ultimately, to save a business energy and money. If cyber criminals corrupt this information, informed decisions will not be possible.
ybersecurity attacks are becoming increasingly common. While the cost of these
For any building operator, it is a case of when and not if a cyber attack will take place. So how can operators ensure smart buildings remain safe, secure and smart while minimising energy consumption?
A cyber attack can come from various sources: it could come from an aggrieved former employee out for revenge for example; a rival company looking to sabotage a competitor's operations; it could be activists looking to disrupt an organisation they take issue with; it could even come from a bored teenager looking to hone their hacking skills. It is important to remember that any EMS installation is only as secure as its weakest link. Once in, cyber criminals could potentially do a huge amount of damage. They could, for example, turn off a building's lights forcing it to be evacuated, they could deactivate access controls, turn off CCTV cameras or monitors, shut down air conditioning or turn up the heating to make conditions uncomfortable for the building's occupants; they could even set off the fire alarm or override the lift controls or corrupt connected business systems. Part of the problem with EMS systems relates to how these are designed, installed, operated and maintained. EMS installers, for example, tend not to have extensive security expertise. This can lead to new systems being plugged straight into networks, or connected to wireless networks, without adequate security controls in place.
There are also reports of building automation infrastructure having a weaker level of protection than
34 BUILDING SERVICES & ENVIRONMENTAL ENGINEER SEPTEMBER 2021
that of IT systems used for business purposes. Similarly, IT departments are often diligent in applying best practice to networked devices for which they have a responsibility only for a system to be compromised by someone connecting it their smartphone. Remember, secure software installed on an un-secure PC results in an un-secure system. The good thing from a building operator's perspective is that EMS systems have the same system architecture and the same user types, which makes it possible to devise a common strategy to overcome many critical cybersecurity issues.
The architecture of an EMS system is best described as a series of layers, corresponding to the Industrial Internet of Things (IIoT) paradigm, these are:
• Field: operational technology near to the application, including meters, sensors and actuators
• Edge: the border between Field and Cloud where gateways and controllers are located
• Fog: an intermediate level which could mix Edge and Cloud functions to provide scalability
• Cloud: the internet level, where distributed servers allow full interoperability and data exploitation
From a cyber security
perspective, because each layer interacts with the others a successful attack on one layer could result in compromises to all.
IEC 62443 is an international series of standards on security for industrial communication networks and systems. The standards define five levels of security ranging from Level 0, "no protection required", through to Level 4, "prevent the unauthorised disclosure of information to an entity actively searching for it using sophisticated means with extended resources, application specific skills and high motivation".
The standard divides the industry into operators, integrators and manufacturers, each has a role to play in ensuring an EMS installation is secure. A manufacturer, for example, must develop products that are secure; the system designer/integrator must make design choices based on developing the most secure system; the installer must work to maximise cyber security throughout system deployment; while the end- user must operate the system according to best practice, such as the avoidance of default passwords.
To eliminate all cyber security threats building operators would need an unlimited budget, which is unrealistic. That said, it is the case that an appropriate budget should be set in to achieve the security level commensurate with the needs of the organisation and system. The system integrator can then design a solution according to functional needs and acceptable risk, selecting appropriate components and deploying these effectively. In order to keep ahead of cyber criminals, an EMS must be engineered in line with best practice. That means:
• Limiting the size of the attacker's target by minimising the number of system components;
• Ensuring these components have been developed and manufactured in line with best practice by a manufacturer keeping pace with evolving cybersecurity threats;
• Ensuring the manufacturer adopts development practices that put cybersecurity top of the agenda when developing new products; and
• Ensuring that products are tested and assessed as being cyber secure by a respected, third party cybersecurity testing laboratory.
To help minimise the vulnerability of an EMS system, Carlo Gavazzi has also introduced a security enhanced IoT gateway and controller. Its Universal Web Platform 3.0 SE has been developed to sit at the heart of an ecosystem of over 200 Carlo Gavazzi meters, sensors and actuators, which it links at both field and cloud levels to other systems in the EMS architecture. For peace of mind, the UWP 3.0 Security Enhanced gateway's capabilities have been verified by UL, one of the top cybersecurity assessment organisations. There is no such thing as absolute security, but organisations that use an EMS designed, installed with security enhanced products, which is then operated and maintained in a secure manner using best practice will have done all they can to help protect the system from attack.
Read the latest at:
www.bsee.co.uk
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50
