Threat Level Green: The National Security Implications of Building

advertisement
Threat Level Green:
The National Security Implications of Building Automation Systems in Green Buildings
Josh Gellers, LEED Green Associate
PhD Candidate, Political Science
University of California, Irvine
jgellers@uci.edu
www.joshgellers.com
In the 2012 James Bond film Skyfall, a cunning cyberterrorist accesses information obtained
from a stolen hard drive to hack into a computer at the headquarters of MI6, the British Secret
Intelligence Service. With the virtual gateway to the structure compromised, the hacker
manipulates the building’s gas pipeline to blow up individual rooms. At the pleading of M, 007
is cajoled into active duty, this time to thwart the stealthy cyber attacker and protect England
once again.
Although this scenario may seem like a Hollywood action movie fantasy, the concept behind the
attack is not altogether removed from reality. Given the increasing incorporation of building
automation systems into the design of green buildings, the time has come to discuss the national
security implications of building green. To this end, this article offers a starting point for a
serious consideration of the issue by identifying the risks and threats associated with the
employment of such systems in physical structures, highlighting potential solutions, and
demonstrating the connection between national security and building automation systems in
green buildings.
According to LEEDuser, a building automation system (BAS) is a system which “uses computerbased monitoring to coordinate, organize, and optimize building control subsystems, including
lighting, equipment scheduling, and alarm reporting.”1 Such systems can include on-site or
remote smart devices which provide information about energy use, water consumption, or air
quality, for example, and allow users to alter the building’s operations when necessary. Smart
devices may be connected directly to the Internet and/or feed into a larger smart grid.
Due to the high degree of integration with the web and other internal and external systems, green
buildings with BASs remain vulnerable to malicious intrusions. Building automation systems in
particular provide attractive targets for hackers because “they often contain sensitive information
and they offer the ability to affect the physical world.”2 Cyber attackers thus seek to wreak havoc
by infiltrating a BAS and using it as a gateway to invade other systems.
In concrete terms, unsecure BASs pose potential risks to people who own, operate, and use the
building; technological systems which impact the comfort, safety, and security of individuals
who utilize the building; and both the technical and business operations related to building use.3
Broadly speaking, unauthorized access to a building’s BAS can result in financial, physical, and
structural harms. For example, operational disruption could lead to a loss in employee
productivity and service delivery; inappropriate changes to a building’s ventilation rate could
negatively impact the health of occupants (i.e. “sick building syndrome”); and adjusting device
settings beyond reasonable limits could damage equipment or the building itself.
1
Threats to the BAS of a green building could come from “internal disgruntled employees and
external malicious hackers” who target “specific systems, subsystems, or multiple locations
remotely.”4 Such individuals might focus their attack on the network in which the BAS is
enmeshed (i.e. smart grid) or localize the assault to devices connected to external networks or
specific building systems (i.e. heating, ventilation, and air conditioning (HVAC) system).5 The
age of the system can also threaten the security of a BAS because “[t]he older the system, the
more vulnerabilities become known in the aggressor community.”6
Given the numerous risks and present threats to BASs, how can operators protect green
buildings, as well as their owners and occupants, from cyber-attacks? First, cyber security
practices should be integrated into training and deployment practices for building
administrators.7 Second, building operators should implement an array of technological
safeguards including anti-virus protection software, firewalls, intrusion detection systems, online
vulnerability map tools, passwords, secure communication utilities (i.e. virtual private networks),
and user accounts.8 Third, building owners should develop contingency plans they are capable of
executing in the event that a disruption in BAS functionality occurs in order to maintain an
acceptable level of service.9
Now that the general security concerns related to green buildings and BASs have been
articulated, what are the relevant implications for national security? To be sure, this issue is
already on the Federal Government’s radar, as evidenced by a 2012 FBI Cyber Alert describing
an illegal hack into the Industrial Control System (ICS) of an air conditioning company in New
Jersey.10 The most immediate analog at the federal level involves the security of governmentowned and operated buildings at home and abroad. As a case in point, the U.S. State
Department’s Greening Diplomacy Initiative (GDI) has facilitated the design and construction of
49 buildings11 under various levels of Leadership in Energy and Environmental Design (LEED)
certification throughout the world.12 Considering the likelihood that a U.S. embassy might
contain or provide a means of accessing sensitive and privileged information, the presence of a
BAS at any one of these sites could leave the United States potentially vulnerable to cyberattacks that result in breaches of national security. These risks increase exponentially in a world
where hackers such as Julian Assange and Edward Snowden have demonstrated the alarming
capacity of motivated individuals to obtain and rapidly disseminate mountains of classified
material.
In light of these threats posed to national security, the 2006 National Military Strategy for
Cyberspace Operations13 provides a serviceable framework for addressing the concerns raised
by the use of BASs in green buildings. First, the Department of Defense should continue to
invest in developing technology designed to strengthen cyberspace security, and place special
emphasis on augmenting the security of networks which interface with BASs. Second,
collaborative partnerships should be established with members of industry, other government
agencies, and foreign entities to share best practices and enhance the ability to coordinate
responses to catastrophic events. Third, “critical infrastructure” should be interpreted broadly to
include networks and devices which serve important physical structures around the world.
2
Providing a sense of security in a world of increasingly automated systems requires finding a
balance between human decision making and intelligent operation, flexibility and control, and
freedom and privacy. By utilizing building automation systems, green buildings have the
potential to significantly reduce energy consumption and increase energy security. How we
choose to balance competing interests will affect our ability to achieve sustainability and
resilience. Hopefully this article serves as the catalyst for a fruitful discussion of the tensions,
synergies, and possibilities surrounding green building and national security.
“Building Automation System (BAS),” Glossary, LEEDuser, accessed 16 Nov. 2013, available at
<http://www.leeduser.com/glossary/term/4691>.
2
“Security in Internet-Connected Building Automation and Energy Management Systems,” White Paper, Incenergy,
accessed 15 Nov. 2013, available at <http://www.incenergy.com/resources/files/EMS_Security_White_Paper.pdf>.
3
Email Interview—Mark Petock and Ken Sinclair, May 2013, AutomatedBuildings.com, accessed 16 Nov. 2013,
available at <http://www.automatedbuildings.com/news/may13/interviews/130418115505petock.html>.
4
Chee-Wooi Ten, Manimaran Govindarasu, and Chen-Ching Liu, 2007, “Cybersecurity for Electric Power Control
and Automation Systems,” Proceedings of the eNetworks Cyberengineering Workshop, IEEE-SMC, Montreal, QC,
Canada, 7-10 Oct. 2007, pp. 29-34.
5
Wolfgang Granzer, Wolfgang Kastner, Georg Neugschwandtner, and Fritz Praus, 2006, “Security in Networked
Building Automation Systems, Proceedings of the IEEE International Workshop on Factory Communication
Systems, pp. 283-292.
6
David Fisk, 2012, “Cyber Security, Building Automation, and the Intelligent Building,” Intelligent Buildings
International, pp. 1-13.
7
Email Interview.
8
Chee-Wooi Ten et al., 32.
9
Fisk, 12.
10
“Vulnerabilities in Tridium Niagara Framework Result in Unauthorized Access to a New Jersey Company's
Industrial Control System,” 23 Jul. 2012, Situational Information Report, Federal Bureau of Investigation, Newark
Division, SIR-00000003417, accessed 15 Nov. 2013, available at
<http://www.wired.com/images_blogs/threatlevel/2012/12/FBI-AntisecICS.pdf>.
11
As of December 2012.
12
“Eco-Diplomacy: Leading by Example,” United States Department of State, accessed 17 Nov. 2013, available at
<http://www.state.gov/documents/organization/213762.pdf>.
13
“The National Military Strategy for Cyberspace Operations,” Dec. 2006, Chairman of the Joint Chiefs of Staff,
United States Department of Defense, accessed 17 Nov. 2013, available at
<http://www.dod.mil/pubs/foi/joint_staff/jointStaff_jointOperations/07-F-2105doc1.pdf>.
1
3
Download