ENFORCING SECURITY POLICIES WITH DATA PROVENANCE TO ENRICH THE SECURITY OF IOT/ SMART BUILDING SYSTEM

Farooq, Abdullah Al

ENFORCING SECURITY POLICIES WITH DATA PROVENANCE TO ENRICH THE SECURITY OF IOT/ SMART BUILDING SYSTEM

Search for this publication on Google Scholar

Farooq, A. A. (2020). ENFORCING SECURITY POLICIES WITH DATA PROVENANCE TO ENRICH THE SECURITY OF IOT/ SMART BUILDING SYSTEM. Unc Charlotte Electronic Theses And Dissertations.

Download PDF

Analytics

34 views ◎
12 downloads ⇓

Abstract

Smart Building Management Systems is rapidly growing worldwide mainly to reduceenergy consumption and carbon footprints. Some other benefits that can be achievedthrough this system include lowering operational costs and increasing occupant’s comfort,safety, and increased productivity. Programmable Logic Controllers (PLCs) areused widely for automating smart buildings. The vulnerabilities and attack surfacesof PLCs enable an attacker to control the smart building in order to cause more energyusage, target specific people, and destroy assets. This thesis summarizes the vulnerabilities,threats, and attacks for PLC-based systems. Moreover, the current stateof the art of static and dynamic analysis, threat and attack detection, automation,and conflict analysis of smart buildings are discussed. This thesis aims at detecting,analyzing, and mitigating the attack surfaces that are possible for smart buildings.A formal methods approach is proposed for detecting safety and security propertyviolations for smart buildings. Then, a rule-based method is developed to detect violationsleveraging provenance data collected from the system. These safety violatingincidences are mapped to corresponding variables in a PLC source program. Finally,we implement defeasible reasoning that enforces safety properties in the system. Weverify that not only does the new PLC program adhere to the safety properties thathave been instrumented, but also it does not trigger any new safety property violations.Finally, we outline new directions to be investigated in the future.

Details

Author: Farooq, Abdullah Al
Title: ENFORCING SECURITY POLICIES WITH DATA PROVENANCE TO ENRICH THE SECURITY OF IOT/ SMART BUILDING SYSTEM
Physical Description: 1 online resource (134 pages) : PDF
Date: 2020
Degree Granting Institution: University of North Carolina at Charlotte
Abstract: Smart Building Management Systems is rapidly growing worldwide mainly to reduceenergy consumption and carbon footprints. Some other benefits that can be achievedthrough this system include lowering operational costs and increasing occupant’s comfort,safety, and increased productivity. Programmable Logic Controllers (PLCs) areused widely for automating smart buildings. The vulnerabilities and attack surfacesof PLCs enable an attacker to control the smart building in order to cause more energyusage, target specific people, and destroy assets. This thesis summarizes the vulnerabilities,threats, and attacks for PLC-based systems. Moreover, the current stateof the art of static and dynamic analysis, threat and attack detection, automation,and conflict analysis of smart buildings are discussed. This thesis aims at detecting,analyzing, and mitigating the attack surfaces that are possible for smart buildings.A formal methods approach is proposed for detecting safety and security propertyviolations for smart buildings. Then, a rule-based method is developed to detect violationsleveraging provenance data collected from the system. These safety violatingincidences are mapped to corresponding variables in a PLC source program. Finally,we implement defeasible reasoning that enforces safety properties in the system. Weverify that not only does the new PLC program adhere to the safety properties thathave been instrumented, but also it does not trigger any new safety property violations.Finally, we outline new directions to be investigated in the future.
Genre: doctoral dissertations
Subjects--Topics: Computer science
Degree: Ph.D.
Keywords: Cybersecurity
Data Provenance
Defeasible Reasoning
Formal Method
PLC Security
Subject Area: Computer Science
Advisor(s): Moyer, Thomas
Committee Members: Wang, Weichao
Lipford, Heather
Dai, Dong
Cukic, Bojan
Degree Note: Thesis (Ph.D.)--University of North Carolina at Charlotte, 2020.
Rights Statement: This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). For additional information, see http://rightsstatements.org/page/InC/1.0/.
Rights Holder Information: Copyright is held by the author unless otherwise indicated.
Identifier: Farooq_uncc_0694D_12530
Permalink: http://hdl.handle.net/20.500.13093/etd:2053

J. Murrey Atkins Library

J. Murrey Atkins Library