The smart way to prevent cyber attacks ELECTRICAL & ELECTRONICS FEATURE

With buildings growing more complex and an increase in the use of IoT connected devices and cloud services, cyber attacks become a greater risk. So how can design engineers prevent these from happening? Fabiana Moreno, Schneider Electric, comments


s our buildings become more complex, with the number of IoT connected devices and cloud services growing exponentially, the

threat and chance of cyber attacks becomes even greater. So, how can design engineers understand these challenges and prevent them from happening in the future?

PREVENTING CYBER INTRUSION Today’s buildings systems often fall short of effectively managing any potential cyber intrusion, a result of the obvious disconnect between groups managing information technology (IT), who have extensive cybersecurity knowledge, and the groups managing building operational technology (OT), who have the building management system (BMS) operational knowledge. Previously, BMS required specialised knowledge of systems and

protocols and didn’t require access to corporate network resources or the internet. Therefore, the security of a BMS network predominantly relied on obscurity and the lack of external connectivity. However, the evolution of BMS technology has meant that typical BMS control systems now use a combination of OT protocols, including ModBus and BACnet, as well as IT protocols such as HTTP and FTP. This has revolutionised the way smart buildings operate but it has also affected how they can be targeted from a cyber perspective. The evolution of BMS technology is essentially a gold mine for hackers,

and there have been hacker communities and research groups that specialise in cyberattacks to retract important data. The problem starts with the network of a BMS, which can be deemed as a way in to the wider IT network of an organisation – the whole company becomes a target.

THE SOLUTION For design engineers looking to update their building technology, the risk of cyber attacks is a huge roadblock. This is a direct result of the fear of

attacks, and the damage and disruption – an attack could cost millions. To mitigate these attacks and realise the full potential of smart

buildings, operators and occupiers need to alter how smart building control systems are architected and managed from a cybersecurity perspective. Setting aside organisational barriers and acknowledging the IT/OT disconnect is the critical first step towards implementing and operating cyber secure smart building control systems. There has already been strong support in the OT control systems industry

to address the security challenges being faced; and associations have risen to the need for common OT cybersecurity best practices, in particular with the development of the IEC 62443 global set of cybersecurity standards. This is set to improve safety, availability, integrity and confidentiality of systems used for industrial automation and control. Fundamentally, there are four key ways that engineers can create a

secure and operational smart building: 1. Assess and protect legacy OT building control systems 2. Choose IoT devices and vendors that follow a Secure Development Lifecycle approach

3. Implement secure OT building control system architectures 4. Bridge the secure OT building control systems through an IT Security Monitoring Zone.

The vulnerability of a BMS system working with these two sets of

protocols lays on the disconnect between the groups in the IT team, who have the cybersecurity knowledge, and the OT team, who have the operational knowledge. The smarter your building gets and the less these two groups work with each other, the more vulnerable technology will become. Teams of engineers need to work together to create a more secure system and organisations must adhere to certain practices to keep their building as secure as possible.

Schneider Electric

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44