Skip to main content

Smart-Building Security: Beyond Access Control

IoT security, IoT vulnerability

Many modern buildings are carefully designed to protect occupants from physical harm, but are far less guarded against digital intrusion that can compromise their less-tangible assets. And even with cyber defenses in place, they are typically focused on PCs and servers, not the IoT endpoints and legacy control systems that turn a structure into a “smart building.”

A deeper conversation around cybersecurity infrastructure is required to prevent an increase in widely publicized cyber incidents like the retailer Target data breach and the infamous casino fish tank attack. Part of that conversation starts with recognizing that securing the various interconnected systems in a modern building is a very real challenge.

Detecting Things That Go Bump in the Wire

The task of securing a building-wide heterogeneous network with several thousand potentially vulnerable edge devices ranges from daunting to practically impossible. The different vendors that provide elevators, lighting, fire monitoring, and HVAC equipment all have their own systems. Add the specialized IoT platforms now being deployed across many companies, and you’ve got a wide range of assets, each with its own standards, communication protocols, and supported features.

Of course, the greater the number of different systems and devices the more impractical it becomes to implement unique security mechanisms for each. One alternative would be to use a single security blanket that covers all of the connected systems in a smart building. In that case, a small-footprint software agent capable of establishing secure communications tunnels between systems and a security-as-a-service (SaaS) solution could be loaded onto the device at the time of manufacture.

Unfortunately, most of the connected systems in buildings existed before the building became “smart”. This means that such an agent would likely have to be added to each system individually and then integrated with the larger security platform, which is a non-trivial endeavor.

But instead of attempting to secure every edge device individually, smart-building operators could secure the communication lines themselves using what’s known as bump-in-the-wire (BITW) technology.

A BITW is a device that can be inserted into a communication channel between two or more pieces of equipment, without impacting performance. In a network security context a BITW would sit between a group of endpoints or edge devices and the rest of the building network, authenticating messages as they pass by.

To work effectively, BITWs can reside within a smart-building system that is compatible with multiple network protocols, support industry standards for IoT security, and implement strong cryptography without compromising latency. It can ensure  that any device being used to access the building network has the authority to do so by working in tandem with a database of unique identifiers for every device within the building’s network.

The DOME plus BITW topology allows legacy controllers and older systems to exist alongside more modern #SmartBuilding systems without being left vulnerable. @Veridify via @insightdottech

Under the DOME

Veridify, a developer of security IP and tools, created the Device Ownership Management and Enrollment (DOME) platform to deliver these capabilities. Operating similarly to a combined VPN service and device authentication platform, endpoints do not need to connect directly to a cloud, BACnet, or any other type of operational technology (OT) network, only to their respective BITW owners.

Through these, DOME offers a secure, encrypted tunnel for smart-building device authentication over a range of protocols, including BLE, BACnet, KNX, OBIX, Wi-Fi, and others.

The platform security starts with devices that have been provisioned with a security library, including Public-key credentials. These credentials are signed in an immutable blockchain that provides each endpoint with the ability to authenticate its owner and an unalterable identity, stored and managed by a DOME Interface Appliance (DIA).

The DIA can support both legacy and quantum-resistant protocols used by these endpoints, building automation controllers, and the central building management system (Figure 1). This allows it to deliver secure firmware updates, building-specific configuration changes, device status reporting, and any attempts on the cyber infrastructure.

Dome solution diagram shows connectivity and security method for IoT devices.
Figure 1. DOME provides comprehensive security for smart-building endpoints, even if they aren’t directly secured by DOME. (Source: Veridify)

For newer systems that have yet to be deployed, the DOME Client library can be installed on endpoints while consuming only 12 KB of ROM. This allows it to be deployed on even severely resource-constrained systems. But certain devices are not candidates for direct protection under DOME because they can’t be updated, are legacy systems, or for other reasons. In these cases, DOME can be extended through a BITW architecture and hardware security controllers like Intel® Max® 10 FPGAs that reside on the communications path between the endpoints and the network.

The DOME plus BITW topology allows legacy controllers and older systems to exist alongside more modern smart-building systems without being left vulnerable. And thanks to the performance and flexibility of MAX 10 devices, security can be delivered at ultra-low-latency over a variety of communications transports, even under load.

Make Smarter Security the Standard for Smart Buildings

Of course, this is just one aspect of the overall smart-building cybersecurity conversation. Other talking points include threat modeling and assessment, physical device security, and cloud access controls, to name just a few.

In the long term, cybersecurity standards for buildings will need to be defined, possibly in a manner analogous to the Leadership in Energy and Environmental Design (LEED) certification process in use today. This could provide a framework for securing smart-building systems, and rate facilities by how well their networks are protected in the same way they’re rated for physical safety and environmental standards.

When these standards emerge, technology like BITW and DOME will provide a path for older facilities with an array of automation systems to comply with evolving security requirements—without needing to replace the entire system.

About the Author

Brandon is responsible for Embedded Computing Design’s IoT Design, Automotive Embedded Systems, Security by Design, and Industrial Embedded Systems brands, where he drives content strategy, positioning, and community engagement. He is also Embedded Computing Design’s IoT Insider columnist, and enjoys covering topics that range from development kits and tools to cyber security and technology business models. Brandon received a BA in English Literature from Arizona State University, where he graduated cum laude.

Profile Photo of Brandon Lewis