Cargando…
Putting Attacks in Context: A Building Automation Testbed for Impact Assessment from the Victim’s Perspective
Cybersecurity research relies on the reproducibility and deep understanding of attacks to devise appropriate solutions. Different kinds of testbeds are typically used to systematically execute attacks and evaluate defenses. Testbeds are widely used to demonstrate Building Automation and Control Syst...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7338156/ http://dx.doi.org/10.1007/978-3-030-52683-2_3 |
| _version_ | 1783554621033152512 |
|---|---|
| author | Esquivel-Vargas, Herson Caselli, Marco Laanstra, Geert Jan Peter, Andreas |
| author_facet | Esquivel-Vargas, Herson Caselli, Marco Laanstra, Geert Jan Peter, Andreas |
| author_sort | Esquivel-Vargas, Herson |
| collection | PubMed |
| description | Cybersecurity research relies on the reproducibility and deep understanding of attacks to devise appropriate solutions. Different kinds of testbeds are typically used to systematically execute attacks and evaluate defenses. Testbeds are widely used to demonstrate Building Automation and Control System (BACS) attacks and defenses, considered too risky to be executed on real infrastructures. However, those testbeds implement arbitrary configurations of building services that do not resemble real-world deployments. In this work, we present the first BACS testbed specially designed to assess the impact of cyberattacks from the victim’s perspective. It features general purpose building services such as illumination, ventilation, and temperature control, whose configuration is easily adapted to emulate the requirements of real-world locations. In this way, the context added to our testbed allows us to better understand the impact of BACS attacks through concrete and realistic scenarios. Moreover, by analyzing different configurations of the BACS (i.e., contexts), we found out that identical attacks may have dramatically different impacts. Thus, reinforcing our view on the relevance of adding context to BACS testbeds. |
| format | Online Article Text |
| id | pubmed-7338156 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-73381562020-07-07 Putting Attacks in Context: A Building Automation Testbed for Impact Assessment from the Victim’s Perspective Esquivel-Vargas, Herson Caselli, Marco Laanstra, Geert Jan Peter, Andreas Detection of Intrusions and Malware, and Vulnerability Assessment Article Cybersecurity research relies on the reproducibility and deep understanding of attacks to devise appropriate solutions. Different kinds of testbeds are typically used to systematically execute attacks and evaluate defenses. Testbeds are widely used to demonstrate Building Automation and Control System (BACS) attacks and defenses, considered too risky to be executed on real infrastructures. However, those testbeds implement arbitrary configurations of building services that do not resemble real-world deployments. In this work, we present the first BACS testbed specially designed to assess the impact of cyberattacks from the victim’s perspective. It features general purpose building services such as illumination, ventilation, and temperature control, whose configuration is easily adapted to emulate the requirements of real-world locations. In this way, the context added to our testbed allows us to better understand the impact of BACS attacks through concrete and realistic scenarios. Moreover, by analyzing different configurations of the BACS (i.e., contexts), we found out that identical attacks may have dramatically different impacts. Thus, reinforcing our view on the relevance of adding context to BACS testbeds. 2020-06-11 /pmc/articles/PMC7338156/ http://dx.doi.org/10.1007/978-3-030-52683-2_3 Text en © Springer Nature Switzerland AG 2020 This article is made available via the PMC Open Access Subset for unrestricted research re-use and secondary analysis in any form or by any means with acknowledgement of the original source. These permissions are granted for the duration of the World Health Organization (WHO) declaration of COVID-19 as a global pandemic. |
| spellingShingle | Article Esquivel-Vargas, Herson Caselli, Marco Laanstra, Geert Jan Peter, Andreas Putting Attacks in Context: A Building Automation Testbed for Impact Assessment from the Victim’s Perspective |
| title | Putting Attacks in Context: A Building Automation Testbed for Impact Assessment from the Victim’s Perspective |
| title_full | Putting Attacks in Context: A Building Automation Testbed for Impact Assessment from the Victim’s Perspective |
| title_fullStr | Putting Attacks in Context: A Building Automation Testbed for Impact Assessment from the Victim’s Perspective |
| title_full_unstemmed | Putting Attacks in Context: A Building Automation Testbed for Impact Assessment from the Victim’s Perspective |
| title_short | Putting Attacks in Context: A Building Automation Testbed for Impact Assessment from the Victim’s Perspective |
| title_sort | putting attacks in context: a building automation testbed for impact assessment from the victim’s perspective |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7338156/ http://dx.doi.org/10.1007/978-3-030-52683-2_3 |
| work_keys_str_mv | AT esquivelvargasherson puttingattacksincontextabuildingautomationtestbedforimpactassessmentfromthevictimsperspective AT casellimarco puttingattacksincontextabuildingautomationtestbedforimpactassessmentfromthevictimsperspective AT laanstrageertjan puttingattacksincontextabuildingautomationtestbedforimpactassessmentfromthevictimsperspective AT peterandreas puttingattacksincontextabuildingautomationtestbedforimpactassessmentfromthevictimsperspective |