SEABASS: Symmetric-keychain Encryption and Authentication for Building Automation Systems

Ng, J., Keoh, S. L. , Tang, Z. and Ko, H. (2018) SEABASS: Symmetric-keychain Encryption and Authentication for Building Automation Systems. In: IEEE 4th World Forum on Internet of Things (WF-IoT), Singapore, 05-08 Feb 2018, pp. 219-224. ISBN 9781467399449 (doi: 10.1109/WF-IoT.2018.8355106)

153499.pdf - Accepted Version



There is an increasing security risk in Building Automation Systems (BAS) in that its communication is unprotected, resulting in the adversary having the capability to inject spurious commands to the actuators to alter the behaviour of BAS. The communication between the Human-Machine-Interface (HMI) and the controller (PLC) is vulnerable as there is no secret key being used to protect the authenticity, confidentiality and integrity of the sensor data and commands. We propose SEABASS, a lightweight key management scheme to distribute and manage session keys between HMI and PLCs, providing a secure communication channel between any two communicating devices in BAS through a symmetric-key based hash-chain encryption and authentication of message exchange. Our scheme facilitates automatic renewal of session keys periodically based on the use of a reversed hash-chain. A prototype was implemented using the BACnet/IP communication protocol and the preliminary results show that the symmetric keychain approach is lightweight and incurs low latency.

Item Type:Conference Proceedings
Glasgow Author(s) Enlighten ID:Tang, Dr Zhaohui and Keoh, Dr Sye Loong
Authors: Ng, J., Keoh, S. L., Tang, Z., and Ko, H.
College/School:College of Science and Engineering > School of Computing Science
College of Science and Engineering > School of Engineering
Copyright Holders:Copyright © 2018 IEEE
Publisher Policy:Reproduced in accordance with the copyright policy of the publisher
Related URLs:

University Staff: Request a correction | Enlighten Editors: Update this record