Building Automation System (BAS) is a complex distributed control system that is widely deployed in commercial, residential, industrial buildings for monitoring and controlling mechanical/electrical equipment. Through increasing industrial and technological advances, the control components of BAS are becoming increasingly interconnected. Along with potential benefits, integration also introduces new attack vectors, which tremendous increases safety and security risks in the control system. Historically, BAS lacks security design and relies on physical isolation and "security through obscurity". These methods are unacceptable with the "smart building" technologies. The industry needs to reevaluate the safety and security of the current building automation system, and design a comprehensive solution to provide integrity, reliability, and confidentiality on both system and network levels.
This dissertation focuses on the system level in the effort to provide a reliable computing foundation for the devices and controllers. Leveraged on the preferred security features such as, robust modular design, small privilege code, and formal verifiability of microkernel architecture, this work describes a security enhanced operating system with built-in mandatory access control and a proxy-based communication framework for building automation controllers. This solution ensures policy-enforced communication and isolation between critical applications and non-critical applications in a potentially hostile cyber environment.
Identifer | oai:union.ndltd.org:USF/oai:scholarcommons.usf.edu:etd-8786 |
Date | 09 November 2018 |
Creators | Wang, Xiaolong |
Publisher | Scholar Commons |
Source Sets | University of South Flordia |
Detected Language | English |
Type | text |
Format | application/pdf |
Source | Graduate Theses and Dissertations |
Page generated in 0.0017 seconds