A new paper will be published:
Jaspreet Kaur, Jernej Tonejc, Steffen Wendzel, and Michael Meier:
Securing BACnet’s Pitfalls,
in Proc. 30th IFIP Sec, Hamburg, Springer, 2015 (to appear).
Building Automation Systems (BAS) are crucial to monitor and control buildings, ranging from small homes to critical infrastructure, such as airports or military facilities. A major problem in this context is the security of BAS communication protocols and devices. The building automation and control networking protocol (BACnet) is integrated into products by more than 800 vendors worldwide. However, BACnet devices are vulnerable to attacks. We present a novel solution for the two most important BACnet layers, i.e. those independent from the data link layer technology, namely the network and the application layer. We provide the first implementation and evaluation of traffic normalization for BAS traffic. Our proof of concept code is based on the open source Snort normalizer.
Keywords: BACnet, network, security, attack, intrusion detection, traffic normalization, building automation, Snort.