East Security said on the 16th that it is ramping up a demonstration study to verify cyberattacks that can occur in smart buildings at building sites.
At a workshop on the "autonomous-operation-based intelligent building energy and environment integrated management system," East Security presented in succession attack scenarios targeting smart building environments, anomalous behavior analysis technology, and results of linking with demonstration buildings.
Specifically, it selected as major threats that could affect smart building operations: ▲ ransomware infection ▲ unauthorized access ▲ system manipulation ▲ data tampering and leakage, and structured the process by which intrusions occur in the form of scenarios, then verified each scenario through tests in a simulated environment. In the process, East Security also disclosed a function that collects log changes and alert occurrence data along the attack flow and analyzes the trend of threats by system as a time series.
The system for analyzing trends of threats by system is currently being connected to five demonstration sites nationwide: HDC Holdings Co. I'Park Tower, Yongsan I'Park Mall, Busan Lotte Department Store, Lotte Mart Junggye branch, and Dankook University Jinrikan. Once the hardware is in place, tests will begin immediately.
This demonstration study is being carried out as part of the national research and development project "development of the autonomous-operation-based intelligent building energy and environment integrated management system (iBEEMS)," led by the Ministry of Trade, Industry and Energy and the Korea Energy Technology Evaluation and Planning (KETEP). The project aims to develop integrated management platform technology that helps save energy and create a comfortable environment through environmental sensing using various sensors and IoT in buildings and autonomous operation of equipment.
East Security, which is in charge of the security field in this project, developed security technology that can identify abnormal behavior of control systems and IoT devices and detect cyber threats. Using prediction models and use case data, it established security policies and implemented an analysis system that automatically detects and responds to behavior outside the control range.
A smart building security guideline is also being prepared in parallel. Based on the international cybersecurity framework "NIST CSF 2.0," it is organizing security items tailored to smart building environments and is preparing application plans focused on supply chain security and protection of building management systems.
Kim Byeong-hun, East Security's CTO, said, "Because smart buildings are complex structures that combine physical facilities and digital infrastructure, demonstration-based security verification is essential," adding, "We will continue to strengthen the foundation that allows us to identify and respond to on-site threats early."