As we are beginning to see these smart building systems deployed, we are also beginning to discover that these systems have vulnerabilities. We need to start considering these smart networked appliances as the small computers that they are, rather than as the dumb electrical appliances that they replace. Like any networked computer system, we need to think about how we authenticate users and machines on the network, how we control network access, how we enforce access to devices, and most importantly how these systems will be patched and maintained when they are deployed.
In the same way that the industrial revolution and the subsequent growth in cities created the need for chimney sweeps in the 19th century, I think that the continuing electronic and Internet revolutions which are driving the advent of smart buildings will create the need for new professions. I can envisage the need for new job roles such as the cyber-custodian, someone concerned with the commissioning, monitoring and ensuring the continued functioning of smart building systems. In any case, major systems within buildings are currently regularly inspected and maintained to ensure their correct functioning. As these systems become computerized and networked, regular mechanical maintenance and inspection will continue, but there will also need for the networks and computer systems to be inspected and maintained too.
Owners can help themselves by considering during the design phase what they have at risk should their smart building system be breached. At the very least, owners should appoint someone to be responsible for cyber security and to ensure that smart building systems follow the appropriate best practices and cyber security standards that are applicable to any networked environment.
What are the features of a robust and secure smart building system? What features should owners be on the lookout for?
Owners need to ensure that the security features of a smart building are appropriate to the security needs of the activities that are carried out within the building. Not every smart building will require top security, but some will.
Owners need to know what smart systems they have in their building, how these are networked, how these systems are accessed and how authorized use of these systems is authenticated. Owners should also consider how would they know if there was a problem with a smart building system, and how would they be able to fix it.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.