Advertisement

Traffic Measurement and Analysis of Building Automation and Control Networks

  • Radek Krejčí
  • Pavel Čeleda
  • Jakub Dobrovolný
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7279)

Abstract

This paper proposes a framework for a flow-based network traffic monitoring of building automation and control networks. Current approaches to monitor special environment networks are limited to checking accessibility and a state of monitored devices. On the other hand, current generation of flow-based network monitoring tools focuses only on the IP traffic. These tools do not allow to observe special protocols used, for example, in an intelligent building network. We present a novel approach based on processing of flow information from such special environment. To demonstrate capabilities of such approach and to provide characteristics of a large building automation network, we present measurement results from Masaryk University Campus.

Keywords

BACnet BACnetFlow network measurement analysis building automation control 

References

  1. 1.
    Security Predictions 2012&2013 – The Emerging Security Threat, http://www.sans.edu/research/security-laboratory/article/security-predict2011
  2. 2.
  3. 3.
    Claise, B.: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information. RFC 5101 (Proposed Standard), IETF (2008), http://tools.ietf.org/html/rfc5101
  4. 4.
    American Society of Heating, Refrigerating and Air-Conditioning Engineers: Standard 135-2010 – BACnet A Data Communication Protocol for Building Automation and Control Networks. ASHRAE (2010)Google Scholar
  5. 5.
    BACnet Website – ASHRAE SSPC 135, http://www.bacnet.org
  6. 6.
    The new Masaryk University Campus, http://www.muni.cz/kampus?lang=en
  7. 7.
    Nagios – The Industry Standard In IT Infrastructure Monitoring, http://www.nagios.org/
  8. 8.
    Barbosa, R.R.R., Sadre, R., Pras, A.: Difficulties in Modeling SCADA Traffic: A Comparative Analysis. In: Taft, N., Ricciato, F. (eds.) PAM 2012. LNCS, vol. 7192, pp. 126–135. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  9. 9.
    Novak, T., Treytl, A., Palensky, P.: Common approach to functional safety and system security in building automation and control systems. In: IEEE Conference on Emerging Technologies and Factory Automation, pp. 1141–1148 (2007)Google Scholar
  10. 10.
    Granzer, W., Kastner, W., Neugschwandtner, G., Praus, F.: Security in networked building automation systems. In: IEEE International Workshop on Factory Communication Systems, pp. 283–292 (2006)Google Scholar
  11. 11.
    Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V., Culler, D.E.: SPINS: security protocols for sensor networks. Wireless Networks, 189–199 (2001)Google Scholar
  12. 12.
    Honeywell selects Tofino Modbus Read-only Firewall to Secure Critical Safety Systems, http://www.tofinosecurity.com/article/honeywell-selects-tofino%E2%84%A2-modbus-read-only-firewall-secure-critical-safety-systems
  13. 13.
    INVEA FlowMon Exporter – Community Program, http://www.invea-tech.com
  14. 14.
    BACnet Monitoring Plugins, http://dior.ics.muni.cz/~celeda/bacnet/
  15. 15.
    How many Packets per Second per port are needed to achieve Wire-Speed?, http://kb.juniper.net/InfoCenter/index?page=content&id=KB14737
  16. 16.
  17. 17.
    IP Flow Information Export (IPFIX) Entities, http://www.iana.org/assignments/ipfix/ipfix.xml

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Radek Krejčí
    • 1
  • Pavel Čeleda
    • Jakub Dobrovolný
      1. 1.CESNET, z.s.p.o.PragueCzech Republic

      Personalised recommendations