Overview
Explore the vulnerabilities in building automation systems through this 24-minute Black Hat conference talk. Delve into the often-overlooked security issues of industrial control systems, focusing specifically on building automation. Learn about various use cases, legacy software problems, and potential abuse scenarios. Discover pen testing tools, protocols like KNX and BACNET IP, and engineering tools used in building automation. Examine physical compromise methods, protocol stability issues, and the overall state of security functions in these systems. Gain insights into how attackers could potentially create "dark buildings" and understand the importance of improving security measures in building automation.
Syllabus
Introduction
Disclaimer
The Problem
Use Cases
State of Security Functions
Legacy Software
Scenarios
Physical Compromise
Abuse Cases
Pen Testing Tools
KNX Protocol
KNX Engineering Tools
KNX Map
BACNET IP
Backnet Devices
Backnet Protocol
Building Automation Controller
Mr Evil
Protocol Stability
Security in Building Automation
Taught by
Black Hat