BARNI: Building Automation Reliable Network Infrastructure

Details

Kurzdarstellung

BARNI (Building Automation Reliable Network Infrastructure) aims on:

  • protecting the network-level security of building automation systems running the BACnet protocol by integrating traffic normalization, and
  • improving the visualization of events in building automation environments in order to foster situational awareness of operators.

Official BARNI information of the VDI/VDE: http://www.vdivde-it.de/KIS/kmu-innovativ/barni

Download the undefinedBARNI poster (PDF, in German).

 

Sponsored by the Federal Ministry of Education and Research

Summary

BACnet (building automation control and networking protocol) is an internationally recognized ISO standard for the communication between BAS (building automation systems) devices and is implemented in products by more than 850 vendors. Some devices using the BACnet protocol are incapable of dealing with abnormal traffic and the BACnet protocol is vulnerable to various network-level attacks. The BARNI project improves the network reliability and security by developing a traffic normalizer for BACnet. A traffic normalizer actively modifies or drops network traffic in order to remove potentially malicious elements. We adapted the concept of traffic normalization from TCP/IP networks to automated building networks. Our solution allows the normalization of the traffic between BAS subnets (e.g., between different floors of a building or between separate buildings). We implemented a normalizer prototype in form of an embedded gateway together with the MBS GmbH, Krefeld. Our prototype is capable of normalizing BACnet/IP traffic.

Additionally, modern BAS present significant challenges to BAS operators, as monitoring such systems requires effective identification of important events. The BARNI project studies different types of visualization methods for BAS events. Therefore, the project performed usability studies and assessed the effectiveness of such visualization tools which will be integrated into a visualization prototype together with our industry partner.

News and Upcoming Events

  • Aug-31-2016: BARNI project presentation at the Fraunhofer FKIE `Technologieforum' in Wachtberg.
  • Jun-29-2016: Dr. Steffen Wendzel gave a talk about the BARNI project at the Smart Home Summit 2016 in Munich
  • Jun-14-2016: Internal BARNI project meeting in Bonn.
  • May-25-2015: BARNI demonstrator and poster presentation at Fraunhofer FKIE's opening event for a new building in Bonn
  • Apr-27-2016: A undefinednew article appeared in Comm. ACM in which the BARNI project was referenced
  • Apr-26-2016: SmartHome.NRW Workshop on Smart Building Security to be held at Fraunhofer FKIE. Including a talk by Steffen Wendzel about the BARNI project.
  • Apr-07-2016: undefinedSmartBuildingSec'16, organized by the BARNI project team of Fraunhofer FKIE in Bonn.
  • March 2016: MBS presented the BARNI project at the Light+Building Expo
  • Dec-02-2015: Internal BARNI project meeting in Bonn.
  • Nov-17-2015: The BARNI project will take part at the undefinedFraunhofer inHaus-Event on Smart Building Security (in German). Both project partners will give talks about ongoing research of the BARNI project.
  • Oct-06-2015: Members of the BARNI project will take part at the ENISA Workshop on Cyber Security for IoT in Smart Home Environments.

Press

  • Golem.de undefinedmentions the BARNI-associated workshop SmartBuildingSec'16 (Jan-22, 2016)
  • BusSysteme Magazin: Heute sicher, aber morgen? Workshop zum Thema Smart Buildings im inHaus Duisburg (Bericht über den BARNI-Workshop) (in German, issue 01/2016)
  • Bild der Wissenschaft: Zuhause mit Grips (in German, issue 10/2015)
  • Die Kälte + Klimatechnik: undefinedCyber-Terroristen mögen vernetzte Systeme (in German, issue 9/2015)
  • Umweltdienstleister: Smart Home sicher vernetzen (September 23, 2015)
  • Süddeutsche Zeitung: Smart Home - Spam aus dem Kühlschrank, (in German, March 26th, 2015)
  • Bauen.de: Home Smart Home: das clevere Zuhause (in German, March 2015)
  • Fraunhofer weiter.vorn Spektrum: Das sichere Smart Home, 1/15 (in German, 2015)
  • PROTECTOR: Sicherheit von Smart Homes: Wachsendes Problembewusstsein (Issue 12/2014, pp. 16-17, 2014)
  • Technology Review: Firewall für Smart Homes (in German, p. 21, Nov-2014)
  • Handelsblatt: Die digitale Hintertür (in German, Oct-31-2014)
  • Forskning.no: Slik skal hacking av smarthus stanses (in Norwegian, Oct-2014)
  • Der Bausachverständige: Auf dem Weg zum sicheren Smart Home, No. 5/14, p. 7 (2014)
  • Business Impact: IT im Smart Home weist Lücken bei Security auf, No. 3/14, p. 33 (2014)
  • Fraunhofer Forschung Kompakt: Auf dem Weg zum sicheren Smart Home (9/2014, in German)
  • Fraunhofer Research News: On the way to a safe and secure smart home, 09/2014.

Talks


  • Talk about the BARNI project at Smart Home and Metering Summit 2016, Munich, 2016-06-29.
  • BARNI Projektpräsentation bei der Eröffnung der neuen Liegenschaft des Fraunhofer FKIE gegenüber einem interessierten Publikum, Bonn, 2016-05-25.
  • IT-Sicherheit in der Gebäudeautomation aus Sicht der Forschung, Bonn, 2016-04-28.
  • Detecting anomalies in BACnet network data, Bonn, 2016-04-07.
  • IT-Sicherheit von Smart Homes: Chancen und Risiken, LKA Niedersachsen, Hannover, 2016-01-28.
  • IT-Sicherheit von Gebäuden: Ein Bericht aus der Praxis, Fraunhofer inHaus-Workshop, Duisburg, 2015-11-17.
  • Forschung im Bereich sicherer Gebäude. Aktueller Stand und Ausblick, Fraunhofer inHaus-Workshop, Duisburg, 2015-11-17.
  • "Your house knows what you did last summer" (talk and panel),
    ECO Internet Security Days (ISD) 2015, Brühl, 2015-09-17.
  • "BACtag – Data Leakage Protection für Gebäude",
    D-A-CH Security 2015, St. Augustin, 2015-09-09.
  • "Analysis of Human Awareness of Security and Privacy Threats in Smart Environments",
    Human Aspects of Information Security, Privacy and Trust Conference, Los Angeles, 2015-08-06.
  • "Auf dem Weg zum sicheren Smart Building",
    Forum Bauindustrie 2015, Zurich, 2015-05-21.
  • "Smart Buildings -- sind sie kritische Infrastrukturen?",
    Workshop des AK KRITIS, Bonn, 2015-04-24.
  • "Netzwerksicherheit in BACnet-Systemen" (talk and panel),
    GLT Anwendertagung, Dresden, 2014-09-25.

Publications

Academic Publications (funded by BARNI project):

  • Alexandra Kobekova, Lennart Bültermann, Jernej Tonejc, Steffen Wendzel:
    Was bedeutet das IT-Sicherheitsgesetz für Smart Buildings? Konzepte des sicheren Alterns der Gebäude-IT,
    15. Deutscher IT-Sicherheitskonress des BSI, 2017 (in press).
  • Jernej Tonejc, Sabrina Güttes, Alexandra Kobekova, Jaspreet Kaur:
    Machine Learning Methods for Anomaly Detection in BACnet Networks,
    Journal of Universal Computer Science (J.UCS), Vol. 22(9), pp. 1203-1224, 2017.
  • Steffen Wendzel:
    undefinedHow to Increase the Security of Smart Buildings,
    Communications of the ACM (CACM), Vol. 59(5), pp. 47-29, ACM, 2016.
  • Jernej Tonejc, Jaspreet Kaur, Alexandra Kobekova:
    Detecting anomalies in BACnet network data,
    in Proc. Sicherheit 2016/undefinedSmartBuildingSec'16, pp. 253-264, LNI Vol. 256, GI, 2016.
  • Jaspreet Kaur, Christian Herdin, Jernej Tonejc, Steffen Wendzel, Michael Meier, Sebastian Szlósarczyk:
    Novel Approaches for Security in Building Automation Systems,
    in Proc. 14. Sicherheitskongress des BSI, pp. 145-158, 2015.

Recent Related Academic Publications (not directly funded as part of the BARNI project):

Related Non-academic Publications (not all funded by the BARNI project):

  • Steffen Wendzel, Alexandra Kobekova, Jernej Tonejc, Jaspreet Kaur:
    IT-Sicherheit für Smart Buildings: ein Bericht zum BARNI-Projekt,
    Technical Report published internally by Smart Home Summit 2016 event.
  • Alexandra Kobekova, Steffen Wendzel, Jernej Tonejc:
    Smart Buildings - Risiken und Lösungsansätze,
    PROTECTOR, 4/16, pp. 42-43, 2016.
  • Steffen Wendzel, Michael Meier, Jernej Tonejc:
    Die zwei Handlungsfelder für Sicherheit in der Gebäudeautomation,
    BusSysteme Magazin, 22. Jahrgang, Heft 4, p. 257, 2015.
  • Kirsten Messer-Schmidt, Dirk Rösler, Christopher Ruppricht, Heinrich Seebauer, Steffen Wendzel:
    Mit kritischen ITK-Systemen bewusst umgehen: ein Lösungsansatz des Arbeitskreis KRITIS (Gesellschaft für Informatik),
    digitalbusiness CLOUD, 8/14, pp. 40-41, 2014.

Consortium