Gerhalter Michael, Dahal Keshav
Artificial Intelligence, Virtual Communication and Network (AVCN) Research Institute, University of the West of Scotland (UWS), High St, Paisley PA1 2BE, UK.
Sensors (Basel). 2025 Aug 22;25(17):5218. doi: 10.3390/s25175218.
In the IT sector, the relevance of looking at security from many different angles and the inclusion of different areas is already known and understood. This approach is much less pronounced in the area of cyber physical systems and not present at all in the area of building automation. Increasing interconnectivity, undefined responsibilities, connections between secured and unsecured areas, and a lack of understanding of security among decision-makers pose a particular threat. This systematic review demonstrates a paucity of literature addressing real-world scenarios, asymmetric/hybrid threats, or composite vulnerabilities. In particular, the attack surface is significantly increased by the deployment of smart sensors and actuators in unprotected areas. Furthermore, a range of additional hybrid threats are cited, with practical examples being provided that have hitherto gone unnoticed in the extant literature. It will be shown whether solutions are available in neighboring areas and whether these can be transferred to building automation to increase the security of the entire system. Consequently, subsequent studies can be developed to create more accurate behavioral models, enabling more rapid and effective analysis of potential attacks to building automation.
在信息技术领域,从多个不同角度审视安全性以及纳入不同领域的重要性已为人所知并得到理解。这种方法在网络物理系统领域的体现要少得多,而在楼宇自动化领域则完全不存在。日益增加的互联性、职责不明确、安全区域与非安全区域之间的连接以及决策者对安全性缺乏了解构成了特别的威胁。这项系统综述表明,针对现实世界场景、不对称/混合威胁或复合漏洞的文献很少。特别是,在未受保护的区域部署智能传感器和执行器会显著增加攻击面。此外,还列举了一系列额外的混合威胁,并提供了一些实际例子,这些例子在现有文献中迄今未被注意到。将展示相邻领域是否有可用的解决方案,以及这些方案能否应用于楼宇自动化以提高整个系统的安全性。因此,可以开展后续研究以创建更准确的行为模型,从而能够更快速有效地分析对楼宇自动化的潜在攻击。
