Intelligent Building Management System and the Security Managers - Term Paper Example

Intelligent Building Management Vulnerabilities Student’s Name Institution Affiliation Intelligent Building Management Vulnerabilities Introduction Modern buildings depend on several systems to operate. For instance, a building with commercial offices needs security controls, Information Technology, heating, as well as lighting among other aspects. Nonetheless, the said systems might utilize dissimilar and usually mismatched software that makes it hard to evaluate and rationalize their use or bring up complex automation across an entire building. The intelligent BMS presents open-platform software, which units these into a single, incorporated database (Minker, 2009). An “Intelligent Building Management System (iBMS)” denotes a single, unified building management system, which controls lighting, HVAC, fire, security, as well as other facilities (Brooks, 2011). That implies that a building's entire energy utilization can be supervised accurately and closely. In turn, this implies that extra or redundant utilization can be recognized, and operation is optimized. An ordinary BMS is different since all the system data is assembled in one front-end interface (International Conference on Sustainability in Energy and Buildings, Howlett, Jain, & Lee, 2009). Thus, this enables a single system to be monitored using the information from a different system; for instance, the lighting of an office can be regulated using data from the access system on the door. It is associated with innumerable benefits such as improving control and management. This paper introduces the iBMS, lists and discusses the security managers’ consideration of iBMS. Body “Intelligent Building Management Systems (iBMS)” Defining iBMS Many definitions exist for intelligent BMS, and it appears none is universally accepted. Brooks (2010) claims that the most established description of a completely integrated intelligent building is that by Barcelona-based institution. It is described as a building that integrates data systems, which support information flow all through the building, providing superior services of telecommunications, as well as business automation (Brooks, 2011). It enables more automatic control, different subsystems maintenance, and monitoring management optimally. Conversely, So and Wong (2002) hold that the building and construction industry lacks a universally agreed definition of intelligent BMS. Others claim that it could be regarded as a building, which incorporates technology, as well as processes to design a safer, comfortable, and productive facility for its dwellers, plus extra operational efficiency for its operators and owners. Drivers for iBMS Building owners may decide to install an intelligent BMS for several economic as well as environmental motives. These systems enable the assembly of data across an entire building, automate systems, and measure energy utilization, which yield innumerable gains (HAC: Building services engineering, 1997). For instance, they save energy considering that emissions from buildings have been increasing over time. 70% of the energy consumed in buildings comes from lighting, heating, ventilation, as well as air conditioning (HVAC). This adds to the electricity, which is used in lifts, computers, and machines among others (Atkin, 1993). That energy load is decreased considerably while using an intelligent BMS. For instance, a timer can control lighting, which is activated routinely by an occupancy sensor. This implies that it is on only when in use. Intelligent BMS lower costs using technologies that save energy because they promote close monitoring and controlling of energy, which is the greatest expenditure in a building (Krishna, 2011). For instance, lighting and telephone systems could be controlled using sensors known as meeting room occupancy. Moreover, the systems increase reliability through closing supervision to ensure that energy intensity does not vary. What is more, the intelligent BM systems enable the control of safety aspects like supply and smoke extraction fans, fire doors, as well as dampers (Brooks, 2011). These are redirected to a safe state. The systems can assist builders to increase the worth of their assets by decreasing operational expenses and offering a heightened comfort level for occupants. How the iBMS Works The working/functionality of the intelligent BMS can be explained as follows. The data from controllers through the three protocols is guided through a router that transforms it to Internet Protocol (IP). The information obtained from all the systems is distributed across a LAN connected the intelligent BMS. It is as well linked to the graphic interface that enables the user to explore and cross-examine the system through a web browser. Using that interface, they can analyze reports, trends, as well as undertake tasks like bringing up to date lighting program and managing alarms. The information is kept centrally in the Cloud; hence, it can be retrieved via wireless components like laptops and smart phones among others. This enables managers to scrutinize and regulate the operations of the building (International Conference on Computer Aided Systems Theory, Moreno-Díaz, Pichler, & Quesada, 2009). Regulations that Govern the Application of iBMS The application of BMS is governed by several standards and regulations. For instance, Building Regulations 2012, especially, section L that describes and offers realistic direction on adhering to energy effectiveness needs. The 2002 regulation outlines the protective standards, which are directed at safeguarding the quality of power and provide continuity needs to guarantee an effective and economic supply of electricity to clients (Robertson, Mumovic, & Min Hong, 2015). Other documents have been published to govern the design as well as the application of the intelligent BMS to ensure compliance and avoid failure. For instance, AM14 is a directive meant for designers plus individuals who install and order heating devices and their components. Automatic controls are vital in work stages since they order mechanical control systems (In Clements-Croome, 2014). They as well offer suggestions and directions for appropriate practice. Other regulations or directives include Guide B, F, and H, which are meant to ensure the intelligent BMS is efficient and accomplishes its intended purpose successfully where installed in the building. Necessary Specifications when Installing iBMS When installation and specification of the intelligent BMS are being done, several design considerations are paramount. The designer or builder ought to check the in-depth description of the needs and calculate the system loads (Bhatt, Güsgen, & IOS Press, 2012). The individual must check the features and choice of the system, components, and fuels plus their storage needs. The designer ought to direct and handover, as well as recognize the necessary network protocol. While designing an intelligent BMS, the designer should guarantee that the specified details needed are available for commissioning. The devices used to control and sense must be made accessible and be removable for testing as well as future maintenance (International Conference on Building Electrical Technology & Institution of Electrical Engineers, 2004). The said BMS must be able to deal with an upcoming 20% rise for points exclusive of compromising the functional of the system or operational speed as provided in the CIBSE directives. Every component must be recognized using a constant numbering system, and the same goes for all the wiring. When deliberating on the kind of control to adopt for a building, it ought to be kept in mind that a contemporary control system provides gains to every dissimilar group of clients engaged in the building (Gann, 2000). Notably, these gains are only attained in case the system is appropriately specified, operated, installed, as well as commissioned. Continuous maintenance is necessary and reliant on the manufacturer, location of the building, surroundings, and vital control areas among others. The diagram below displays the major components of an intelligent BMS Source: “http://www.building.co.uk/Pictures/web/c/a/b/CPD_660.jpg” Considerations for Security Managers The security manages must be wary of the vulnerabilities associated with intelligent building, which can be broadly categorized as either physical or software categories. Brooks (2011) cites the following as some of the Physical Vulnerabilities of an IB system Physical network access: 1. Wiretapping 2. Device program 3. Work station 4. Foreign devise 5. Power supplies Software Vulnerabilities: 1. Malicious programs or software 2. Hacking 3. Related lonWork vulnerabilities 4. Unauthorized access and protocol issues Physical Threats Brooks (2011) investigated the extent to which physical access to a workstation compromised an IB system. He found out that if one was able to access an Intelligent Building(IB) work station, an attacker could modify a program and introduce new coding that could impact negatively to a system. For instance, an attacker could introduce a new code that extends the time that an alarm detector takes to notify the users of unauthorized access. From a management level, access to work stations or routers can lead to denial of services, remote programming, tampering with other system components among others. All these factors can greatly compromise the entire IB system. Workstation vulnerabilities can also be in relation to Ethernet cables. Allowing access to such, makes it is easier for wiretapping whereby attackers could use insulation-displacement connected to obtain full monitoring capabilities of the system. Brooks (2011) points out that at the Internet Engineering Taskforce pointed out that wiretapping refers to a situation whereby the information passing from one party to another is interjected and delivered to a third party without both parties knowing about the breach. In order to wire tap, the attacker must be able to access, collect, and filtrate the information signal by using an external device that is attached to the media conducting the signals. This type of attack focuses on the physical aspects of the IB system such as routers, telephone lines, among others. Wiretapping affects all the three levels of the IB system because it can be installed on either network cables or the receivers. Whichever the place, wiretapping exposes the entire systems not only to unauthorized monitoring but to system write backs; thus, compromising its functions. Additionally, access to Ethernets and other related hardware such as routers and controllers could lead to loss of access to other communication ports. The effect of such a level of denial of access constitutes a serious security breach that could lead to non-functionality. Another physical vulnerability is concerning the system’s service port. Majority of the IB systems have readily available service ports that can be easily connected. Laing, Badii and Vickers (2013) point out that most IB system poses either a physical or infrared service port. These ports expose the system to unguarded local access whereby and attacker is at liberty to change the system’s level of automation. This type of threat is attributed to the fact that service ports house local service tools which are the can be easily programmed to change the timings of various detectors within the systems. For instance, a local service tool can be altered to disable alarm systems leading to threats such as overheated server rooms causing complete shutdown of the system. IB systems need to constantly be powered up in order to avoid loss of vital information. Thus, the systems need up to 240VAC to operate devises such as workstations (Brooks, 2011). Loss of power could lead to loss of either part or the whole information in a system. The system is expected to always be maintained and powered in order to avoid equipment failure. Additionally, IB systems need to have a back-up power supply to avoid loss of control of sub-systems. Although, the loss of power can be localized, ensuring that there is no loss of network communications is one of the steps of ensuring that the system remains in control of authorized persons and that all monitoring capabilities are limited to its legal users only. Hammeril, Kalstad and Lopez (2013), note that constant connectivity between different components of the systems ensures that IB system remains always secure. Software Threats Besides the physical vulnerabilities, IB systems do face some specific threats in regard to its software. LonWork is an abbreviation standing for Local Operating Network. It is a development framework used to design microprocessors within for an IB system. With lonWork, a manufacturer can carry out several decentralized activities while still within the network. According to Brooks (2010), LonWork encounter vulnerabilities such as wiretapping and electromagnetic attacks during communication. They also are likely to face unprotected data transmission especially concerning wireless technologies. Brooks (2010) notes that lonWork face vulnerabilities such as DOS attacks, encryption issues and issues relation to shared authentication. Vulnerabilities with respect to DoS attacks affected different layers such as the application, session, or transport layers. According to Shelly, Vermaat and Quasney (2011) Dos attacks disrupts a computer’s access to other networks. The attack can be in the form of an influx of data messages or unnecessary traffic to the server. Consequently, the server slows down are becomes unresponsive; thereby, blocking legitimate users from accessing or using the site. The extent of the severity of the attack on the mentioned levels ranges between medium and critical. Software are encrypted in order to protect the system. Encryption vulnerabilities poses a risk to IB systems. Therefore, a system’s encryption should ensure minimum configuration and management of tasks. According to Brooks (2011),encryption keys should be changed from the 48-bit key to 128-bit key. This will ensure that that the system is better protected from such vulnerabilities. Fisk (2012) notes that IB systems can easily be compromised by malicious software. The extent to which the system is compromised indicates the level of the intrinsic weaknesses within the system. Therefore, programmers need to ensure that the software are adequately secured to avoid system malfunctions. To achieve this, IB vendors are advised to avoid leaving the system with “back doors” since these are some of the avenues that attackers could use to compromise the system. Fisk (2012) states that although “back doors” are supposedly known to vendors only, attackers could easily identify them through the C complier contained in the login facility. Anyone with knowledge about the C compiler can easily log in to the system as a user and clean the source course and the new code is replicated throughout the system. In doing so, the system is exposed to various security threats. Another software issue that is likely to affect the system involves hacking and introduction of virus into the system. Knittel and Soto (2013) note that hackers tend to test the limits of the computerized system; consequently, they end up either erasing files or stealing important information. In relation to IB systems, hacking could compromise the functionality of the system, thereby, causing serious errors and malfunctions. These incidences lead to financial losses and negate all the benefits linked to the system. The increased computing powers among software engineers only means that systems can easily be compromised and stringent communications protocols need to be put in place to ensure that building software are not compromised. Virus attacks compromise the functionality of the system. According to Kholsa, Howlett and Jain (2005), virus attacks can disable queue functions within a network frame. It can also affect transmission of data within the Ethernet. These issues are likely to affect building management software. In addition, they can distort authentication codes. Consequently, IB systems should allow both the sender and receiver especially when accessing encrypted protocols for configuration. Anderson (2013) notes that having an effective system protocol is one of the ways of the managing software related vulnerabilities. Building Management Systems, (BMS) require tight configuration management tools that ensure that only authorized persons can infiltrate into the critical areas of the system. Thus, unnecessary services within the system not only overburden the server but also expose the system to vulnerabilities. Fisk (2012) pints out ‘smart grid’ are yet another area within the IB system that is vulnerable to threat. A bug can be run into an IT system resulting in a massive malfunctioning of the entire system or specific areas such as the control software. Smart grids are used to link IB systems to power networks hence easing its energy management processes. However, the smart grids are not always secure; hence, exposing the entire system to an attack. They are essentially some form of backdoors which malicious software can reach the entire system. Conclusion Just as human beings, intelligent buildings need complex sensory input as well as many systems working together to adopt necessary actions or formulate informed decisions. It is clear that IB solutions need an inclusive infrastructure and the realistic assessment of the broad data array. Intelligence can also mean the ability to learn; hence, IB solutions ought to provide post-occupancy progressive improvement by monitoring extensively. This can be achieved by iBMS that are technically improved solutions founded on controllers with completely configurable, widespread devices, particularly created to employ open procedures on TCP/IP networks using web capacity for secluded interrogation through web browsers. iBMS offers a secured, role-grounded view of information in two primary realms, i.e., management of energy and facilities, which help builders to raise the efficiency of building management. They also aid in increase the productivity of workers and energy effectiveness. Security is a major requirement in the iBMS, which necessitates a well-thought-out structure. It needs progressive vigilance all through the levels of the lifecycle of the system. Risk should be part of the security process during each stage of development. There is a need to comprehend the best practices, especially on the side of the security manager to ensure the protection process is successful. References Anderson, R. J. (2013). Security engineering: A guide to building dependable distributed systems. Hoboken, N.J: Wiley. Atkin, B. (1993). Intelligent buildings: Applications of IT and building automation to high technology construction projects. Aldershot: Avebury Technical. Bhatt, M., Güsgen, H. W., & IOS Press. (2012). Situational awareness for assistive technologies. Amsterdam: IOS Press. Brooks, D. (2010). Totally integrated BMS. Module 10 Brooks, D. J. (2011). Intelligent buildings: an investigation into current and emerging security vulnerabilities in automated building systems using an applied defeat methodology. Fisk, D. (2012). Cyber security, building automation, and the intelligent building. Intelligent Buildings International, 4(3), 169-181. Gann, D. (2000). Building innovation: Complex constructs in a changing world. London: T. Telford. HAC: Building services engineering. (1997). Croyden, Surrey: Emap Maclaren Ltd. Hämmerli, B. M., Kalstad, S. N., & Lopez, J. (2013). Critical Information Infrastructures Security: 7th International Workshop, CRITIS 2012, Lillehammer, Norway, September 17-18, 2012, Revised Selected Papers. Berlin, Heidelberg: Imprint: Springer. In Clements-Croome, D. (2014). Intelligent buildings: An introduction. Routledge. International Conference on Building Electrical Technology, & Institution of Electrical Engineers. (2004). First international Conference on Building Electrical Technology (BETNET): Kowloon, Shangri-La, Hong Kong, 11-13 October 2004. London: Institution of Electrical Engineers. International Conference on Computer Aided Systems Theory, Moreno-Díaz, R., Pichler, F., & Quesada, A. A. (2009). Computer Aided Systems Theory - EUROCAST 2009: 12th International Conference on Computer Aided Systems Theory, Las Palmas de Gran Canaria, Spain, February 15-20, 2009: revised selected papers. Berlin: Springer. International Conference on Sustainability in Energy and Buildings, Howlett, R. J., Jain, L. C., & Lee, S. H. (2009). Sustainability in energy and buildings: Proceedings of the International Conference in Sustainability in Energy and Buildings (SEB'09). (Springer - LINK.) Berlin: Springer-Verlag. International Conference on Knowledge-Based Intelligent Engineering Systems, Khosla, R., Howlett, R. J., & Jain, L. C. (2005). Knowledge-based intelligent information and engineering systems: 9th international conference, KES 2005, Melbourne, Australia, September 14-16, 2005 : proceedings. Berlin: Springer. Knittel, J., & Soto, M. (2013). Everything you need to know about the dangers of computer hacking. New York: Rosen Pub. Group. Krishna, S. (2011). Mediated social interpersonal communication: Evidence-based understanding of multimedia solutions for enriching social situational awareness. Laing, C., Badii, A., & Vickers, P. (2013). Securing critical infrastructures and critical control systems: Approaches for threat protection. Hershey, PA: Information Science Reference. Minker, W. (2009). Advanced intelligent environments. New York: Springer. Robertson, C., Mumovic, D., & Min Hong, S. (2015). Crowd-sourced building intelligence: The potential to go beyond existing benchmarks for effective insight, feedback and targeting. Intelligent Buildings International, 7(2-3). Shelly, G. B., Vermaat, M., & Quasney, J. J. (2011). Discovering computers: Living in a digital world : fundamentals. Boston, Mass: Course Technology Cengage Learning. So, A. T. P., & Wong, K. C. (2002). On the quantitative assessment of intelligent buildings. Facilities,20(7/8), 288‐295. Read More

How the iBMS Works The working/functionality of the intelligent BMS can be explained as follows. The data from controllers through the three protocols is guided through a router that transforms it to Internet Protocol (IP). The information obtained from all the systems is distributed across a LAN connected the intelligent BMS. It is as well linked to the graphic interface that enables the user to explore and cross-examine the system through a web browser. Using that interface, they can analyze reports, trends, as well as undertake tasks like bringing up to date lighting program and managing alarms.

The information is kept centrally in the Cloud; hence, it can be retrieved via wireless components like laptops and smart phones among others. This enables managers to scrutinize and regulate the operations of the building (International Conference on Computer Aided Systems Theory, Moreno-Díaz, Pichler, & Quesada, 2009). Regulations that Govern the Application of iBMS The application of BMS is governed by several standards and regulations. For instance, Building Regulations 2012, especially, section L that describes and offers realistic direction on adhering to energy effectiveness needs.

The 2002 regulation outlines the protective standards, which are directed at safeguarding the quality of power and provide continuity needs to guarantee an effective and economic supply of electricity to clients (Robertson, Mumovic, & Min Hong, 2015). Other documents have been published to govern the design as well as the application of the intelligent BMS to ensure compliance and avoid failure. For instance, AM14 is a directive meant for designers plus individuals who install and order heating devices and their components.

Automatic controls are vital in work stages since they order mechanical control systems (In Clements-Croome, 2014). They as well offer suggestions and directions for appropriate practice. Other regulations or directives include Guide B, F, and H, which are meant to ensure the intelligent BMS is efficient and accomplishes its intended purpose successfully where installed in the building. Necessary Specifications when Installing iBMS When installation and specification of the intelligent BMS are being done, several design considerations are paramount.

The designer or builder ought to check the in-depth description of the needs and calculate the system loads (Bhatt, Güsgen, & IOS Press, 2012). The individual must check the features and choice of the system, components, and fuels plus their storage needs. The designer ought to direct and handover, as well as recognize the necessary network protocol. While designing an intelligent BMS, the designer should guarantee that the specified details needed are available for commissioning. The devices used to control and sense must be made accessible and be removable for testing as well as future maintenance (International Conference on Building Electrical Technology & Institution of Electrical Engineers, 2004).

The said BMS must be able to deal with an upcoming 20% rise for points exclusive of compromising the functional of the system or operational speed as provided in the CIBSE directives. Every component must be recognized using a constant numbering system, and the same goes for all the wiring. When deliberating on the kind of control to adopt for a building, it ought to be kept in mind that a contemporary control system provides gains to every dissimilar group of clients engaged in the building (Gann, 2000).

Notably, these gains are only attained in case the system is appropriately specified, operated, installed, as well as commissioned. Continuous maintenance is necessary and reliant on the manufacturer, location of the building, surroundings, and vital control areas among others. The diagram below displays the major components of an intelligent BMS Source: “http://www.building.co.uk/Pictures/web/c/a/b/CPD_660.jpg” Considerations for Security Managers The security manages must be wary of the vulnerabilities associated with intelligent building, which can be broadly categorized as either physical or software categories.

Read More