Download PDFSecuring Building Management Systems Using Named Data Networking
by Wentao Shang, Qiuhan Ding, Alessandro Marianantoni, Jeff Burke, and Lixia Zhang
IEEE Network, vol. 28, no. 3, pp. 50-56, May/June 2014.
Recently, building automation and management systems, BASs and BMSs, have shifted from using proprietary protocols and specialized hardware toward widespread adoption of IP-based open standard technologies. While the IP protocol suite improves software and hardware interoperability, practical large-scale BMS deployments face challenges, including the complexity of network addressing and other configuration, reliance on middleware for even relatively simple tasks, and a lack of security. In this article, we propose a data-centric BMS design that uses named data networking, one of the proposed information-centric networking architecture designs. Our sensor data acquisition system uses a hierarchical namespace for data, encryption keys, and access control lists, implements encryption-based access control, and provides a web browser-based data visualization interface that communicates in NDN. Our design has been deployed on a UCLA campus testbed that captures, archives, and visualizes data from industry standard sensors.