Securing industrial control systems: A peek into building automation security

  • Friday, 16 Mar 2018 11:00AM EST (16 Mar 2018 15:00 UTC)
  • Speaker: SANS Institute

A number of talks in the last few years have addressed various topics in the generic area of industrial control system insecurity but only few have tapped into security of building automation systems, albeit its prevalence. The usage of building automation, regardless if in private homes or corporate buildings, aims to optimize comfort, energy efficiency and physical access for its users. Is cyber security part of the equation? Unfortunately, not to the extent one might expect, cyber security is quite often found to be sacrificed either for comfort or efficiency.


This webcast leads attendees into the world of building automation control systems and describes common use cases of this fascinating subsection of industrial control systems. In the second part, a primer on relevant building automation protocols will be given. Thirdly, prototypic attack scenarios through building automation systems will be explained that one should consider, and how even without exploits, a number of protocol functions in common building automation protocols like BACnet/IP and KNXnet/IP can support a malicious adversary going for those scenarios.

For penetration testers who would like to explore this interesting field of industrial security research, we also include a section on tooling. We will discuss noteworthy tools both from the security toolbox but also from the building automation toolbox for carrying out a number of attacks or their preparatory steps.

We will close out the webcast by discussing existing security measures proposed by the building automation industry as well as their adoption problems found in this field.