Security, Building Automation, BACnet, KNX, Machine Learning, Man-in-the-Middle, Automation


Building automation systems (BAS) have become more commonplace in personal and commercial environments in recent years. They provide many functions for comfort and ease of use, from automating room temperature and shading, to monitoring equipment data and status. Even though their convenience is beneficial, their security has become an increased concerned in recent years. This research shows an extensive study on building automation systems and identifies vulnerabilities in some of the most common building communication protocols, BACnet and KNX. First, we explore the BACnet protocol, exploring its Standard BACnet objects and properties. An automation tool is designed and implemented to identify BACnet devices using their IP addresses and enumerate both standard and vendor-defined BACnet objects as well as their standard properties. This tool is applied to a testbed real-world BAS system on a university campus and successfully validates the tool's effectiveness. We present a false data injection attack on a KNX system using a man-in-the-middle (MITM) attack. A BAS is modeled to analyze the impact of false data injections to a system in terms of energy cost. A machine learning (ML) based detection strategy is designed to detect the false data injection attack using a novel feature based on the Jensen Shannon Divergence (JSD), measuring the similarity of the KNX telegram's interarrival time distributions with attack and with no attack. Real-world experiments are performed to validate the presented false data injection attack and the ML detection strategy. Our results show an increase in overall energy cost during a false data injection attack. Of the examined ML models, the Support Vector Machine (SVM) classifier achieved the best results with 100% detection rate using our proposed JSD similarity feature vector compared to more traditional features. Lastly, we introduce a simplified real-world BAS system, consisting of both BACnet and KNX equipment, and spanning over multiple building environments. We analyze the vulnerabilities of the BAS system at each level and component, introducing several attack scenarios which may occur and affect the system.

Completion Date




Committee Chair

Fu, Xinwen


Doctor of Philosophy (Ph.D.)


College of Engineering and Computer Science


Computer Science

Degree Program

Computer Science









In copyright

Release Date

May 2024

Length of Campus-only Access


Access Status

Doctoral Dissertation (Open Access)

Campus Location

Orlando (Main) Campus

Accessibility Status

Meets minimum standards for ETDs/HUTs