BASS: Building Automation Systems Security and Privacy
Funded by: Costa Rican Government
Period: Nov 2016 - Oct 2020
Building Automation Systems (BASs) are one of the applications of the “Internet of Things” (IoT). Millions of people work and live in smart buildings around the world. BASs have steadily grown because of two reasons: (1) the convenience of process automation (e.g. energy management, access control, etc.); and (2) the comfort provided to the users (e.g. preferred temperature, lightning, etc.). Sensors and actuators are disseminated throughout the buildings to enable the implementation of BASs. Building inhabitants may not be aware of the presence of such devices even though they closely interact with them every day.
The communication between BAS devices used to have its own protocol stack, from the physical to the application layers. Modern BASs, however, use the communications infrastructure that is usually already in place (Local Area Networks). Moreover, this approach enables remote management and monitoring. Unfortunately, it also enables cyberattacks from remote locations. People's safety and privacy could be compromised with BASs that are connected to computer networks. To overcome these problems, the BASS project studies the security and privacy issues in modern building automation systems and develops dedicated protection mechanisms, such as tailored privacy-enhancing technologies and network-based intrusion detection systems.