Design World

  • Home
  • Technologies
    • 3D CAD
    • Electronics • electrical
    • Fastening & Joining
    • Factory automation
    • Linear Motion
    • Motion Control
    • Test & Measurement
    • Sensors
    • Fluid power
  • Learn
    • Ebooks / Tech Tips
    • Engineering Week
    • Future of Design Engineering
    • MC² Motion Control Classrooms
    • Podcasts
    • Videos
    • Webinars
  • LEAP AWARDS
  • Leadership
    • 2022 Voting
    • 2021 Winners
  • Design Guide Library
  • Resources
    • Subscribe!
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Women in Engineering
  • Supplier Listings

On the Way to a Safe & Secure Smart Home

By Fraunhofer-Gesellschaft | September 3, 2014

Share

A growing number of household operations can be managed via the Internet. Today’s “Smart Home” promises efficient building management. But often the systems are not secure and can only be retrofitted at great expense. Scientists are working on a software product that defends against hacker attacks before they reach the building.

Botnet. A term from the world of computers is gradually tiptoeing its way into the world of building automation. You have to anticipate this kind of attack scenario, according to Dr. Steffen Wendzel of the Fraunhofer Institute for Communications, Information Processing and Ergonomics FKIE in Bonn.

The researcher from the “Cyber Defense” department is the expert in hacker methods and, working jointly with Viviane Zwanger and Dr. Michael Meier, meticulously examines them. Attackers infiltrate multiple computers – “bots” (from the word “robots”) – without their owners’ knowledge, weave the computers together into nets, and misuse them for computer attacks. The researchers studied something that does not yet exist at all today: attacks by Botnets on “Smart Homes” using Internet-linked buildings or building operations.

The finding: The threat is absolutely real: Internet-controlled electric roller shutters, HVAC and locking systems could all be used for these kinds of attacks.”Our experiments in the laboratory revealed that the typical IT building is not adequately protected against Internet-based attacks.

Their network components could be highjacked for use in botnets,” Wendzel continues. In the process, the hackers do not have to seek out the PCs as in the past; instead, they look for the components in building automation that link the buildings with the Internet. These are small boxes installed in the buildings that look and work like routers for home computers.”However, they are configured quite simply, can only be upgraded with some difficulty, and are loaded with security gaps. The communications protocol that they use is obsolete,” explains Wendzel.

Sentinel Software Switches Between Internet & Building IT

To ensure that the heating, lighting, and ventilation of buildings can be controlled via the Internet, it is necessary to install special equipment: This involves mini-computers that measure temperature, light or humidity and are incorporated into networks. “Keeping them up to the latest standards is expensive,” Wendzel says.

At FKIE, the team has developed security software that can easily switch between Internet and building IT. The technology filters out potential attacks from communications protocols even before they reach the four walls of the actual brick-and-mortar home or office building. No matter what technologies are being used within the building: With this approach, they do not have to be replaced.

The researchers additionally examined the conventional communications standards of building automation, and building upon these, they have developed rules for data traffic. If arriving data do not adhere to these rules, then the communications flow is modified. “The software operates like a firewall with normalization components,” explains Wendzel.

All the results that are sent on their way to the systems are tested for plausibility by an “analyzer”. If the alarm goes off, then the incident is immediately dispatched to the “normalizer.” This either blocks the incident in its entirety or modifies it accordingly. The basic research has been concluded successfully. “In the next stage, we want to make the technology production-ready with an industrial firm. In no later than two years, there should be a product on the market,” states Wendzel.

In their analysis of Botnet attacks, the researchers sketched out definitive threat scenarios for smart homes.”From my perspective, the most compelling issue is ‘monitoring,’” the cyber defense researcher says. When the attacker hacks into the building operations IT, he or she will learn where the residents or tenants are located and what they are doing, in a worst case scenario.

That includes everything, right down to going to the toilet. Intruders, for example, could use this data in order to prepare for a burglary or raid. In this case, the hacker is acting in a passive capacity, simply tapping data. However, he or she could be equally capable of actively invading the systems. Take a contractor from the energy industry, for example. He could profit from more oil or gas sold if the consumption of multiple heating systems is artificially elevated.

A recent example demonstrates how real this scenario is: Last year, there was a gap in the security system of a heating system connected to the Internet. Attackers had the ability to shut down or damage heaters. Therefore, security expert Wendzel is currently advising against carelessly linking all building functions in private homes to the Internet.


Filed Under: M2M (machine to machine)

 

Related Articles Read More >

Part 6: IDE and other software for connectivity and IoT design work
Part 4: Edge computing and gateways proliferate for industrial machinery
Part 3: Trends in Ethernet, PoE, IO-Link, HIPERFACE, and single-cable solutions
Machine Learning for Sensors

DESIGN GUIDE LIBRARY

“motion

Enews Sign Up

Motion Control Classroom

Design World Digital Edition

cover

Browse the most current issue of Design World and back issues in an easy to use high quality format. Clip, share and download with the leading design engineering magazine today.

EDABoard the Forum for Electronics

Top global problem solving EE forum covering Microcontrollers, DSP, Networking, Analog and Digital Design, RF, Power Electronics, PCB Routing and much more

EDABoard: Forum for electronics

Sponsored Content

  • Industrial disc pack couplings
  • Pushing performance: Adding functionality to terminal blocks
  • Get to Know Würth Industrial Division
  • Renishaw next-generation FORTiS™ enclosed linear encoders offer enhanced metrology and reliability for machine tools
  • WAGO’s smartDESIGNER Online Provides Seamless Progression for Projects
  • Epoxy Certified for UL 1203 Standard

Design World Podcasts

July 26, 2022
Tech Tuesdays: Sorbothane marks 40 years of shock and vibration innovation
See More >
Engineering Exchange

The Engineering Exchange is a global educational networking community for engineers.

Connect, share, and learn today »

Design World
  • Advertising
  • About us
  • Contact
  • Manage your Design World Subscription
  • Subscribe
  • Design World Digital Network
  • Engineering White Papers
  • LEAP AWARDS

Copyright © 2022 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search Design World

  • Home
  • Technologies
    • 3D CAD
    • Electronics • electrical
    • Fastening & Joining
    • Factory automation
    • Linear Motion
    • Motion Control
    • Test & Measurement
    • Sensors
    • Fluid power
  • Learn
    • Ebooks / Tech Tips
    • Engineering Week
    • Future of Design Engineering
    • MC² Motion Control Classrooms
    • Podcasts
    • Videos
    • Webinars
  • LEAP AWARDS
  • Leadership
    • 2022 Voting
    • 2021 Winners
  • Design Guide Library
  • Resources
    • Subscribe!
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Women in Engineering
  • Supplier Listings