Building owners, designers and members of the building services industry may be overlooking the potential risk of malicious attacks on intelligent buildings and smart grids.
According to David Fisk of the Laing O'Rourke Centre for Systems Engineering and Innovation at Imperial College London, the process controllers that make up the distributed building management system (BMS) can be infected by malware, often through a 'backdoor' left open on a trusted network.

Writing in the latest issue of the journal Intelligent Buildings International, Fisk says that: '... the basic system - for example, the bare minimum standby generators - should normally be independent of the intelligent-building software (much as a warship still carries a sextant should the GPS be jammed).' He also warns that: 'This is not current practice as far as can be discerned from existing ASHRAE and CIBSE standards.'

Fisk's article, Cyber security, building automation, and the intelligent building begins with a short history of the rise in intelligent control, from the 1960s, when the only real threat was an irate engineer armed with a hammer, through to the introduction of proprietary software such as Windows during the 1980s, to the post-9/11 emergence of the anonymous cyber-aggressor.

The article also discusses how risks may be assessed and mitigated, using a hypothetical attack on the heating, ventilation and air-conditioning (HVAC) systems of a super-casino to illustrate the urgent need for the building systems design community to re-think traditional security strategies.

At the least, building services professionals should deploy a 'whole-system design approach' and owners should plan for periods during which 'intelligence' is not available, Fisk says.

Read the article at http://bit.ly/PtqYf9