Smart grids at risk from cyber security in intelligent buildings

English: Intelligent building system - diagram.

Intelligent building system – diagram.

Cyber attacks render smart grids intrinsically unsafe

By ECM Plus staff

ECM Plus /London/ +++ Building owners and designers, and particularly members of the building services industry, are racing to implement intelligent buildings and smart grids, aaccording to new research from a London academic institution.

Apparently, many are overlooking the potential risk of malicious attacks on these highly networked control systems.

In the latest issue of the journal ‘Intelligent Buildings International’, David Fisk of the Laing O’Rourke Centre for Systems Engineering and Innovation at Imperial College London is warning process controllers that make up the distributed building management system (BMS) in intelligent buildings can be infected by malware, often through a ‘backdoor’ left ajar on a trusted network.

Said Fisk “…the bare minimum standby generators – should normally be independent of the intelligent-building software, much as a warship still carries a sextant should the GPS be jammed. This is not current practice as far as can be discerned from existing ASHRAE and CIBSE standards.”

Fisk’s article, ‘Cyber security, building automation, and the intelligent building’ discusses how risks may be assessed and mitigated, using a ‘hypothetical attack on the heating, ventilation and air-conditioning (HVAC) systems of a super-casino’ to illustrate the urgent need for the building systems design community to re-think traditional security strategies.

According to Fisk, as a minimum, building services professionals should deploy a ‘whole-system design approach’ and owners should plan for periods during which ‘intelligence’ is not available. The article can be found at: http://www.tandfonline.com/doi/abs/10.1080/17508975.2012.695277


Advertisements

Leave a comment

Filed under Analysis, Analytics & Metrics, Business Continuity, Business process automation (BPA), Business Process Management, Business Risk, Consultancy/Consulting/Systems Integration, Contingency Planning, Enterprise Application Integration (EAI), Enterprise architecture (EA), Enterprise Resource Planning (ERP), Information security, Project Management, Risk Analysis, Risk Assessment, Risk Management, Software

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s