Keywords
Security, Building Automation, BACnet, KNX, Machine Learning, Man-in-the-Middle, Automation
Abstract
Building automation systems (BAS) have become more commonplace in personal and commercial environments in recent years. They provide many functions for comfort and ease of use, from automating room temperature and shading, to monitoring equipment data and status. Even though their convenience is beneficial, their security has become an increased concerned in recent years. This research shows an extensive study on building automation systems and identifies vulnerabilities in some of the most common building communication protocols, BACnet and KNX. First, we explore the BACnet protocol, exploring its Standard BACnet objects and properties. An automation tool is designed and implemented to identify BACnet devices using their IP addresses and enumerate both standard and vendor-defined BACnet objects as well as their standard properties. This tool is applied to a testbed real-world BAS system on a university campus and successfully validates the tool's effectiveness. We present a false data injection attack on a KNX system using a man-in-the-middle (MITM) attack. A BAS is modeled to analyze the impact of false data injections to a system in terms of energy cost. A machine learning (ML) based detection strategy is designed to detect the false data injection attack using a novel feature based on the Jensen Shannon Divergence (JSD), measuring the similarity of the KNX telegram's interarrival time distributions with attack and with no attack. Real-world experiments are performed to validate the presented false data injection attack and the ML detection strategy. Our results show an increase in overall energy cost during a false data injection attack. Of the examined ML models, the Support Vector Machine (SVM) classifier achieved the best results with 100% detection rate using our proposed JSD similarity feature vector compared to more traditional features. Lastly, we introduce a simplified real-world BAS system, consisting of both BACnet and KNX equipment, and spanning over multiple building environments. We analyze the vulnerabilities of the BAS system at each level and component, introducing several attack scenarios which may occur and affect the system.
Completion Date
2024
Semester
Spring
Committee Chair
Fu, Xinwen
Degree
Doctor of Philosophy (Ph.D.)
College
College of Engineering and Computer Science
Department
Computer Science
Degree Program
Computer Science
Format
application/pdf
Identifier
DP0028291
URL
https://purls.library.ucf.edu/go/DP0028291
Language
English
Rights
In copyright
Release Date
May 2024
Length of Campus-only Access
None
Access Status
Doctoral Dissertation (Open Access)
Campus Location
Orlando (Main) Campus
STARS Citation
Cash, Michael, "On Vulnerabilities of Building Automation Systems" (2024). Graduate Thesis and Dissertation 2023-2024. 122.
https://stars.library.ucf.edu/etd2023/122
Accessibility Status
Meets minimum standards for ETDs/HUTs