Scribd Logo
Upload

Welcome to Scribd!

  • KNX Secure EN

    Uploaded by

    obelix09
    64 views22 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    64 views22 pages

    KNX Secure EN

    Uploaded by

    obelix09

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 22

    Building management systems for providing security in existing KNX projects:

    organizational measures and device monitoring


    NETxAutomation Software GmbH

    NETxAutomation

    • Austrian company that is operating Software solutions for


    world-wide building automation systems Customers are
    • Founded in 2001
    • Integration of heterogenous • electrical consultants
    building automation networks: • electrical engineers
    Building Management System • system integrators
    100,000 (BMS) platform, OPC server
    • Management applications:
    Projects with 100,000+ data points
    visualization, energy reporting,
    automatic shading control,
    lighting management,
    project support
    16 40 6,000 36
    16 years of experience Customers in 6,000+ realized 36+ international
    in building automation 40+ countries projects sales, solution and
    R&D partners
    NETx solutions

    oBIX, MQTT &


    PC visualization Web visualization 3rd party 3rd party other web service NETx BMS
    clients clients BACnet OPC interfaces for Platform
    Windows based Web browser, NETx Vision clients clients IoT devices for clustering

    NETx BMS Platform


    Multi-protocol gateway, visualization, alarm management, trending, scheduler,
    logic engine, lighting/DALI management, automatic shading control

    KNX, BACnet, Fidelio/Opera,


    Universal HTTP server Hardware gateway:
    Modbus, OPC, OnQ, Infor, XIO and other web DALI, EnOcean,
    SNMP Protel, VingCard, interface service gateways M-Bus, DMX
    Salto, Kaba
    Why is security important?

    Is security important in the home and building automation domain? Security-critical services

    • “Why should I bother if anyone turns my lights on or off?” • Access control


    • “If someone wants to know my room temperature, I have no objections” • Intruder alarms

    Vandalism acts may have massive economic impact

    • Complete wide shutdown of system in hotel


    • Security attacks in functional buildings
    • Mass panic in public spaces (e.g., lighting system in concert hall)
    • Hospital (e.g., lighting system in emergency room)
    • Building system may be entrance point to other (more critical) systems (e.g. hotel management systems)
    KNX security

    What about security in building automation?

    All protocols (LonWorks, KNX, Modbus, BACnet, proprietary solutions) are or were prone to security attacks

    The good news is that new security standards are available for KNX

    KNX data security KNX IP security

    Additional security measures for


    Secure communication for all KNX media
    KNX over IP networks
    KNX security

    Is KNX security enough?

    Yes, it uses state of the art cryptographic technologies which is used in other application domains
    (TLS/SSL, e banking, …)

    But:

    What about existing KNX projects that use non-secure KNX devices?

    Secure communication is not enough


    Secure communication is not enough

    Denial-of-service attack Glass breakage sensor message


    Example: in alarm system when window is broken

    Alarm

    Message

    Broken window Alarm system


    Secure communication is not enough

    Jamming attack fully Message is not received


    breaks alarm system by alarm system

    No alarm

    Message

    Disorder
    Broken window Alarm system

    Unauthorized
    person
    Secure communication is not enough

    More secure solution: sensor sends “OK” If message is missing


    message periodically alarm is raised

    No alarm Alarm
    Regular OK
    No message
    message
    Window Alarm system Broken window Alarm system
    undamaged
    Secure existing KNX projects

    Use organizational measures!

    • Isolate building automation networks


    • Use defence-in-depth methods
    • Train the electrical engineers and integrator to use technologies in a right and secure

    Use additional software tools at the building management level

    Building management systems that provide additional countermeasures against security attacks

    Visualizations that
    Device monitoring
    Intrusion detection Alarm systems support TLS/SSL
    and logging
    connections
    Defence in depth in hotel projects

    Insecure integration

    KNX TP backbone KNX TP backbone

    KNX line KNX line


    coupler coupler
    KNX line main line KNX line main line

    KNX line KNX line KNX line KNX line


    coupler coupler coupler coupler

    Unauthorized
    person

    KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line

    Room 101 Room 102 ... Room 201 Room 202 Room 101 Room 102 ... Room 201 Room 202
    Defence in depth in hotel projects

    Better, but still insecure

    KNX IP backbone KNX IP backbone

    KNXnet/IP routing (multicast) KNXnet/IP routing (multicast)

    KNXnet/IP KNXnet/IP KNXnet/IP KNXnet/IP


    router router router router

    Unauthorized
    person

    KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line

    Room 101 Room 102 ... Room 201 Room 202 Room 101 Room 102 ... Room 201 Room 202
    Defence in depth in hotel projects

    Security by isolated rooms

    No KNXnet/IP routing! No KNXnet/IP routing!

    Isolated IP network Isolated IP network

    KNXnet/IP KNXnet/IP
    interface interface

    Unauthorized
    person

    KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line

    Room 101 Room 102 ... Room 201 Room 202 Room 101 Room 102 ... Room 201 Room 202
    Defence in depth in hotel projects

    Security by isolated rooms

    No KNX communication between rooms is necessary

    • No KNXnet/IP routing is necessary


    • KNXnet/IP interfaces instead of KNXnet/IP routers can be used (much cheaper)

    What about central commands like changing set points?

    Using Building Management System (BMS) software


    Defence in depth in hotel projects

    Secure central management using BMS solution

    KNXnet/IP tunneling NETx BMS Platform


    connection (unicast)

    Isolated IP
    network

    KNXnet/IP
    interface

    Unauthorized
    person

    KNX TP line KNX TP line KNX TP line KNX TP line

    Room 101 Room 102 ... Room 201 Room 202


    Intrusion detection with BMS

    Device monitoring

    NETx BMS Platform NETx BMS Platform


    Device poll Device poll

    Device responsive Device responsive


    is missing

    IP network IP network

    KNXnet/IP KNXnet/IP
    interface interface

    Unauthorized
    person

    KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line KNX TP line

    Room 101 Room 102 ... Room 201 Room 202 Room 101 Room 102 ... Room 201 Room 202
    Intrusion detection with BMS

    If device is not No bandwidth problem


    Device polling using
    responding within due to multiple Data source information
    KNX management
    appropriate time, point-to-point tunnelling is also available
    request
    alarm is raised connections
    Isolation of the IP network

    KNXnet/IP tunneling
    What to do if the IP connection (unicast) NETx BMS Platform

    network can not be


    isolated? Open
    IP network
    Unauthorized
    person
    KNXnet/IP
    interface

    Unauthorized
    Using KNX security standard: person

    secure KNXnet/IP tunnelling KNX TP line KNX TP line KNX TP line KNX TP line

    Room 101 Room 102 ... Room 201 Room 202


    Secure KNXnet/IP tunnelling

    New KNXnet/IP security pro- NETx BMS Platform


    tects communication between Unauthorized
    person
    BMS Platform and KNXnet/IP Secure KNXnet/IP
    routers and interfaces tunnelling connection
    (unicast)
    IP network

    Secure
    KNXnet/IP
    interface

    Unauthorized
    Malicious users with access person
    to IP network cannot disturb KNX TP line KNX TP line KNX TP line KNX TP line
    KNXnet/IP communication Room 101 Room 102 ... Room 201 Room 202
    Secure visualization with NETx BMS Platform

    NETx BMS Platform provides


    web based visualization

    Pure HTML5 and JavaScript


    Https support using TLS

    Username/password
    authentication
    Secure KNXnet/IP tunnelling driver

    Can be used with new secure


    Available for NETx BMS Platform Secure KNXnet/IP tunnelling
    KNXnet/IP routers and interfaces
    www.netxautomation.com

    You might also like