Skip to Main content Skip to Navigation
Conference papers

Securing BACnet’s Pitfalls

Abstract : Building Automation Systems (BAS) are crucial for monitoring and controlling buildings, ranging from small homes to critical infrastructure, such as airports or military facilities. A major concern in this context is the security of BAS communication protocols and devices. The building automation and control networking protocol (BACnet) is integrated into products of more than 800 vendors worldwide. However, BACnet devices are vulnerable to attacks. We present a novel solution for the two most important BACnet layers, i.e. those independent of the data link layer technology, namely the network and the application layer. We provide the first implementation and evaluation of traffic normalization for BAS traffic. Our proof of concept code is based on the open source software Snort.
Document type :
Conference papers
Complete list of metadata

Cited literature [13 references]  Display  Hide  Download
Contributor : Hal Ifip <>
Submitted on : Wednesday, July 13, 2016 - 11:17:06 AM
Last modification on : Wednesday, June 17, 2020 - 11:20:19 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Jaspreet Kaur, Jernej Tonejc, Steffen Wendzel, Michael Meier. Securing BACnet’s Pitfalls. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.616-629, ⟨10.1007/978-3-319-18467-8_41⟩. ⟨hal-01345153⟩



Record views


Files downloads