A new paper got accepted at the 2nd Workshop on Security of Systems and Software Resilience in Besancon, France:
S. Wendzel, B. Kahler, T. Rist:
Covert Channels and their Prevention in Building Automation Protocols -- A Prototype Exemplified Using BACnet,
in Proc. 2nd Workshop on Security of Systems and Software Resilience, IEEE, 2012.
The paper is based on my previous work on covert channels in building automation systems.
Security in building automation systems (BAS) recently became a topic in the security community. BAS form a part of enterprise networks and can be utilized to gain access to a company network or to violate a security policy.
Up to now, the threat of covert channels in BAS protocols was not discovered. While a first available solution can limit ``high level'' covert channels in BAS, there is no solution available to prevent covert channels on the lower level (i.e., in BAS protocols).
In this paper, we present network covert storage and network covert timing channels in the network and application layer of the BACnet protocol stack to show that protocol-level covert channels in BAS are feasible.
Additionally, we introduce the first means enabling a BAS to become multi-level secure on the network and application layer to prevent covert channels.
We built a prototype based on the BACnet firewall router (BFR) to implement multi-level security in BACnet environments.
access control; covert channels; network security; building automation