Building automation systems (BAS) are becoming increasingly common in commercial buildings, providing centralized control of building operations, including HVAC, lighting, access control, elevators, and life safety systems. While these systems can increase energy efficiency and reduce costs, they also pose significant security risks. In recent years, there have been several high-profile attacks on building automation systems, including an office building in Germany. To mitigate these risks, the concept of zero trust security has emerged as a viable solution.
What is Zero Trust Security?
Zero trust security is a security model that assumes all network traffic is untrusted, regardless of whether it originates inside or outside the network. In other words, instead of assuming that all devices and users within a network are trustworthy, zero trust security assumes that no device or no one is trustworthy. This approach requires continuous verification of device or user identity before allowing access to network resources.
Zero trust security is a departure from traditional network security models that rely on a network perimeter to protect against external threats. With zero trust, the focus shifts to securing individual devices and applications, rather than securing the network as a whole.
The Need for Zero Trust Security in Building Automation
Building automation systems are particularly vulnerable to cyberattacks due to the interconnected nature of the system. An attack on one part of the system can quickly spread to other parts, potentially causing significant damage. For example, an attacker could gain access to a building’s HVAC system and manipulate the temperature to cause discomfort or even harm occupants. An attacker could gain access to a building’s lighting system and use it to signal to burglars when the building is unoccupied.
Building automation systems often rely on legacy technologies that are no longer supported by vendors. These systems may have known vulnerabilities that can be easily exploited by attackers, including being used to attack other IT systems for malware, ransomware, or data theft. Finally, building automation systems are often managed by third-party vendors, which can create additional security risks. If a vendor’s network is compromised, the attacker could gain access to all of the building automation systems that the vendor manages.
How Zero Trust Security Works in Building Automation
Zero trust security requires a comprehensive approach to security that involves people, processes, and technology. The following are some key elements of a zero trust security model for building automation systems:
- Identity and Access Management: The first step in implementing zero trust security is to establish a strong identity and access management (IAM) program. This includes defining user roles and permissions, implementing multi-factor authentication, and using strong passwords.
- Network Segmentation: Building automation systems may be segmented into smaller networks to limit the impact of any potential breaches. Each segment should be isolated from the others and should have its own set of access controls.
- Device Authentication: All devices on the network should be authenticated before they are allowed to connect to other devices on the network.
- Continuous Monitoring: Zero trust security requires continuous monitoring of the network and devices to detect potential threats. This includes monitoring network traffic, user activity, and system logs.
Device-Level, Zero-Trust Cyber Protection for Building Automation Systems
With Veridify’s DOME platform, device-level protection for building automation devices can be implemented quickly for new or legacy devices using existing technicians. Benefits include:
- Stops cyberattacks in real-time – not just monitoring with countless false alarms to investigate.
- Mutual authentication of all devices – insures that only authorized devices can communicate to each other
- Multi-vendor support – works with all manufacturer’s devices using typical building protocols such as BACnet/IP
- Automated management of security certificates – a significant challenge if not automated, especially in multi-vendor environments.
- Immediate protection in under 60 seconds – no “learning” period is needed
- Encryption of data and control commands across the network – no attackers can spy on or record your data.
- Dashboard with system analytics and real-time alerts
Request a demo to learn more about how DOME stops cyberattacks on building automation systems.