skip to main content
10.1145/2808705.2808709acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

Secure RTOS Architecture for Building Automation

Published: 16 October 2015 Publication History

Abstract

Building Automation System (BAS) is a computer-based control system that is widely installed in office buildings and laboratories for monitoring and controlling mechanical/electrical equipment. With the advancements in Cyber-Physical System (CPS) and Internet of Things (IoTs), BAS is in the process of becoming more intelligent by merging computing resources and network communication with physical control. Along with potential benefits, it also brings tremendous risks of security breaches and safety violations, especially when it comes to Programmable Logic Controllers (PLCs). In this paper, we systematically analyze biocontainment laboratory control models based on real case scenarios from Biosecurity Research Institute (BRI) at Kansas State University. We present a vision for a new secure Real-Time Operating System (RTOS) architecture, which leverages various technologies, including microkernel structure, Trusted Platform Module (TPM), proxy-based policy enforcement, and formal verification. The secure RTOS architecture is designed specifically to work with embedded controllers which are widely used in BAS and other CPS to achieve a highly secure and trustworthy control system.

References

[1]
M. Abrams and J. Weiss. Malicious control system cyber security attack case study--maroochy water services, australia. McLean, VA: The MITRE Corporation, 2008.
[2]
G. C. Alexander Bolshev. Icscorsair: How i will pwn your erp through 4--20 ma current loop. Black Hat USA, 2014.
[3]
M. Anand, E. Cronin, M. Sherr, M. Blaze, Z. Ives, and I. Lee. Security challenges in next generation cyber physical systems. Beyond SCADA: Networked Embedded Control for Cyber Physical Systems, 2006.
[4]
R. V. Aroca, G. Caurin, and S. Carlos-SP-Brasil. A real time operating systems (rtos) comparison. In XXIX Congresso da Sociedade Brasileira de Computaçao, 2009.
[5]
S. Booth, J. Barnett, K. Burman, J. Hambrick, and R. Westby. Net zero energy military installations: A guide to assessment and planning. National Renewable Energy Laboratory, 2010.
[6]
H. Boyes. Cyber security of intelligent buildings: A review. In System Safety Conference incorporating the Cyber Security Conference 2013, 8th IET International, pages 1--7, Oct 2013.
[7]
R. Buerki and A.-K. Rueegsegger. Muen-an x86/64 separation kernel for high assurance. Technical report, Tech. rep, 2013.
[8]
A. A. Cardenas, S. Amin, Z.-S. Lin, Y.-L. Huang, C.-Y. Huang, and S. Sastry. Attacks against process control systems: Risk assessment, detection, and response. In Proceedings of the 6th ACM symposium on information, computer and communications security, pages 355--366. ACM, 2011.
[9]
A. A. Cardenas, S. Amin, and S. Sastry. Secure control: Towards survivable cyber-physical systems. In The 28th International Conference on Distributed Computing Systems Workshops. IEEE, 2008.
[10]
A. Chou, J. Yang, B. Chelf, S. Hallem, and D. Engler. An Empirical Study of Operating Systems Errors, volume 35. ACM, 2001.
[11]
B. Cole. Wind river brings a 20 kbyte microkernel to the vxworks rtos. http://www.embedded.com. Accessed: 2015-06--20.
[12]
R. S. Dave Kennedy. Hacking your victims over power lines. Def Con 19, 2011.
[13]
T. Derek and J. Clements-Croome. What do we mean by intelligent buildings? Automation in Construction, 1997.
[14]
N. Falliere, L. O. Murchu, and E. Chien. W32. stuxnet dossier. White paper, Symantec Corp., Security Response, 2011.
[15]
J. N. Herder, H. Bos, B. Gras, P. Homburg, and A. S. Tanenbaum. Construction of a highly dependable operating system. In Dependable Computing Conference, 2006. EDCC'06. Sixth European, pages 3--12. IEEE, 2006.
[16]
G. Hernandez, O. Arias, D. Buentello, and Y. Jin. Smart nest thermostat: a smart spy in your home. Black Hat USA, 2014.
[17]
ISC-CERT. Ics-cert monitor newsletters. Technical report, ISC-CERT, Apirl/May/June 2013.
[18]
J. Jackson. Wind river updates vxworks os to join 'internet of things. http://www.pcworld.com. Accessed: 2015-06--20.
[19]
M. Kadrich. Endpoint Security. Addison-Wesley Professional, 2007.
[20]
J. L. Karsten Nohl, Sascha Krißler. Badusb -- on accessories that turn evil. Black Hat USA, 2014.
[21]
W. Kastner, G. Neugschwandtner, S. Soucek, and H. M. Newman. Communication systems for building automation and control. Proceedings of the IEEE, 2005.
[22]
G. Klein, P. Derrin, and K. Elphinstone. Experience report: sel4: Formally verifying a high-performance microkernel. In ACM Sigplan Notices. ACM, 2009.
[23]
G. Klein, K. Elphinstone, G. Heiser, J. Andronick, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, et al. sel4: Formal verification of an os kernel. In Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, pages 207--220. ACM, 2009.
[24]
G. D. Koblentz. Biosecurity reconsidered: Calibrating biological threats and responses. International security, 2010.
[25]
K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, et al. Experimental security analysis of a modern automobile. In Security and Privacy (SP), 2010 IEEE Symposium on, pages 447--462. IEEE, 2010.
[26]
R. Langner. To kill a centrifuge: a technical analysis of what stuxnet's creators tried to achieve. Arlington, VA: Langner Group, 2013.
[27]
J. P. Lehoczky, L. Sha, J. Strosnider, and H. Tokuda. Fixed priority scheduling theory for hard real-time systems. In Foundations of Real-Time Computing: Scheduling and Resource Management, pages 1--30. Springer, 1991.
[28]
E. P. Leverett. Quantitatively assessing and visualising industrial system attack surfaces. University of Cambridge, Darwin College, 2011.
[29]
J. W. S. Liu. Real-time systems. Prentice Hall, 2000.
[30]
S. Luders. Why control system cybersecurity sucks. Black Hat USA, 2014.
[31]
B. Miller and D. Rowe. A survey scada of and critical infrastructure incidents. In Proceedings of the 1st Annual conference on Research in information technology, pages 51--56. ACM, 2012.
[32]
J. Molina. Learn how to control every room at a luxury hotel remotely: The dangers of insecure home automation deployment. Black Hat USA, 2014.
[33]
H. Moore. Serial offenders: Widespread flaws in serial port servers. Security Street Rapid7, 2013.
[34]
T. Novak and A. Gerstinger. Safety-and security-critical services in building automation and control systems. Industrial Electronics, IEEE Transactions on, 2010.
[35]
N. I. of Health. National Institutes of Health (NIH) Design Requirements Manual for Biomedical Laboratories and Animal Research Facilities. National Institutes of Health, 2008.
[36]
U. D. of Health, C. f. D. C. Human Services, Public Health Service, and N. I. o. H. Prevention. Biosafety in Microbiological and Biomedical Laboratories, 5th Edition. HHS, 2009.
[37]
D. of Homeland Security. Dhs daily open source infrastructure report. Technical report, Department of Homeland Security, 2014.
[38]
T. J. Ostrand and E. J. Weyuker. The distribution of faults in a large industrial software system. In ACM SIGSOFT Software Engineering Notes, volume 27, pages 55--64. ACM, 2002.
[39]
QNX. Qnx os for security. http://www.qnx.com/products/certified_os/secure-kernel.html. Accessed: 2015-06--20.
[40]
B. Rios. Owning a building: Exploit access control and facility management systems. Black Hat Asia, 2014.
[41]
A. K. Sood. Digging inside the vxworks os and firmware the holistic security. SecNiche Security Labs, 2011.
[42]
S. Szlósarczyk, S. Wendzel, J. Kaur, M. Meier, and F. Schubert. Towards suppressing attacks on and improving resilience of building automation systems-an approach exemplified using bacnet. In Sicherheit, pages 407--418, 2014.
[43]
A. S. Tanenbaum, J. N. Herder, and H. Bos. Can we make operating systems reliable and secure? Computer, 39(5):44--51, 2006.
[44]
United States Department of Agriculture, ARS Offices in Headquarters, Areas, and Locations. ARS Facilities Design Standards, May, 2012.
[45]
WBSCD. Transforming the market: Energy efficiency in buildings. Technical report, World Business Council for Sustainable Development (WBSCD), 2009.
[46]
K. Zetter. Researchers hack building control system at google australia office. http://www.wired.com. Accessed: 2015-01--26.
[47]
K. Zetter. Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon. Crown Publishing Group, New York, NY, USA, 2014.
[48]
B. Zhu, A. Joseph, and S. Sastry. A taxonomy of cyber attacks on scada systems. In Internet of things (iThings/CPSCom), 2011 international conference on and 4th international conference on cyber, physical and social computing. IEEE, 2011.

Cited By

View all
  • (2023)Low-Cost Privilege Separation with Compile Time Compartmentalization for Embedded Systems2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179388(3008-3025)Online publication date: May-2023
  • (2023)A critical review of cyber-physical security for building automation systemsAnnual Reviews in Control10.1016/j.arcontrol.2023.02.00455(237-254)Online publication date: 2023
  • (2022)Security of Building Automation and Control SystemsComputers and Security10.1016/j.cose.2021.102527112:COnline publication date: 3-Jan-2022
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
CPS-SPC '15: Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy
October 2015
132 pages
ISBN:9781450338271
DOI:10.1145/2808705
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 October 2015

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. RTOS
  2. TPM
  3. building automation
  4. cyber-physical system
  5. microkernel
  6. trusted computing

Qualifiers

  • Research-article

Funding Sources

Conference

CCS'15
Sponsor:

Acceptance Rates

CPS-SPC '15 Paper Acceptance Rate 11 of 20 submissions, 55%;
Overall Acceptance Rate 53 of 66 submissions, 80%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)37
  • Downloads (Last 6 weeks)3
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2023)Low-Cost Privilege Separation with Compile Time Compartmentalization for Embedded Systems2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179388(3008-3025)Online publication date: May-2023
  • (2023)A critical review of cyber-physical security for building automation systemsAnnual Reviews in Control10.1016/j.arcontrol.2023.02.00455(237-254)Online publication date: 2023
  • (2022)Security of Building Automation and Control SystemsComputers and Security10.1016/j.cose.2021.102527112:COnline publication date: 3-Jan-2022
  • (2021)You Make Me Tremble: A First Look at Attacks Against Structural Control SystemsProceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security10.1145/3460120.3485386(1320-1337)Online publication date: 12-Nov-2021
  • (2017)Enhanced Security of Building Automation Systems Through Microkernel-Based Controller Platforms2017 IEEE 37th International Conference on Distributed Computing Systems Workshops (ICDCSW)10.1109/ICDCSW.2017.25(37-44)Online publication date: Jun-2017

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media