Managing Security Risks in Smart Lighting Systems, Part 3

Managing Security Risk

Feb 3, 2020

This is the third article of a four-part introductory series on managing security risks in smart lighting systems. In this series, learn about best practices, based on NIST standards and guidelines, for identifying and mitigating cybersecurity risks and threats, as well as implementing cybersecurity controls on an organizational level. The first article introduced the concept of a multi-tiered approach to smart lighting system cybersecurity. The second article focused on two key security control families: access control/identification and authentication. In this third article, we’ll focus on building automation and control system security control families that relate to system and communication protection, and system and information integrity.

A smart lighting system is a base building control system that can also be an important, integral part of a building automation and control system (BACS). At a fundamental level, every type of BACS facilitates the flow of information as well as automated control through connectivity. This information flow reduces operating costs and provides better and more timely information about a building function or asset. BACS are a form of business information system (BIS) and, like any other BIS, can pose potential security threats and risks to the business.

System and communications protection

System and communications protection security control strategies focus on attacks that target the system configuration, system resources, communications channels and private or classified information.

• System partitioning and application separation — one of the easiest ways to protect a smart lighting system is to partition the system into different network segments that separate user functions from system control and management functions. This creates logical and physical boundaries that can be monitored and protected for added security. One common approach is to have a private control network, only accessible to system administrators, that hosts all lighting controllers and management applications, and have a public network that users can access via personal control, web or mobile applications. Within the lighting control network, wired and wireless field bus technology further separates device control from system management traffic so that basic lighting control will still work should there be a management network failure.

• Secure system communication, session management and boundary protection — secure network connections and encryption of data in transit protects from man-in-the-middle attacks trying to gain access to information, as well as malicious or accidental alteration of information during transmission. Connection and session management ensures that sessions are unique and valid only for the duration of use. For example, session cookies with unique identifiers, timeouts, and password protected locks can be used.

• Cryptography and key management — secure control systems use cryptography to protect information, including personally identifiable data, passwords and certificates, while in transit or at rest. As part of the encryption process, the information protected is scrambled and is made readable only by using the matching keys. Also, it is common for secure connections to change the keys periodically. It is good practice to separate the security functions that generate and manage keys from user functions, and store the encryption keys in protected storage areas.

• System resources, denial of service and boundary protection — in case of attacks, malfunction or failure, the smart lighting system should provide a graceful degradation of services by maintaining limited functionality such as failsafe operations and default configuration sets, to prevent catastrophic failure. Firewalls, resources and traffic management functions can identify targeted or accidental denial of service attacks or monitor resource availability. Segregating services creates boundaries that help protect the operation of essential system functions from external influences.

• Remote access, wireless access and access from mobile devices — the system should protect remote, wireless or mobile access to the system using virtual private networks (VPNs), secure wireless access, and secure mobile interfaces. This allows only trusted users to have access to the system.

System and information integrity

It is essential for a system to operate flawlessly and for the integrity of both the system and information to be guaranteed. The following security controls help the system administrator maintain the integrity of the system:

• Malicious code protection — virus and malware scanners protect the system from viruses, Trojan horses, ransomware, backdoor attacks and many other forms of malicious code and malware. They continuously scan the control system for file transfers via network connections or sharable data mediums, and periodically scan the control system’s file system. When threats are detected, files are either quarantined or protected from opening or execution. To remain effective against evolving threats, malicious code protection tools must be updated on a regular basis and only the latest version must be run.

• System monitoring and system-generated events — to detect attacks or unauthorized use, smart lighting systems should notify the operator of any suspicious activity and provide the operator with a history of system activities.  Receiving such information allows an operator to troubleshoot or audit the system and detect current or future problems.

• Software, firmware, and information integrity — it is essential that operators and users trust that the system is running the correct software and firmware, and that neither is accidentally or maliciously altered. The integrity of both can be protected by various integrity checks and functions. For instance, validated digital signatures can be required to execute software and firmware. In the same way, the system needs to check the integrity of critical system and personal information by applying various types of integrity checks.

• Information input validation and error handling — input validation protects the system from accidental or malicious malfunction due to invalid inputs that could result in system or application crashes, system restarts, or system lock ups. It ensures maximum system availability and filters malicious input vectors that could be used to exploit the system. Proper error messages indicate user and system errors. They need to be meaningful enough that a user or system operator can easily understand the error and take proper action to correct the error. However, it is also important that these error messages can’t be used by an attacker to exploit the system.

• Fail-safe procedures — in the case of a system or system component failure, the control system should switch to a known fail-safe state and be able to execute fail-safe procedures. A fail-safe state could be a defined default state, error state, or other state that allows basic system functions to run independently of the failed system components. It is important that these states and procedures protect the safety of the system and its users, as well as the security functions of the system.

• Security function verification — the control system operator needs to trust system security functions. In many cases, control systems provide an integrated verification of these security functions. It is important that the operator or administrator of the system check the critical security functions on a regular basis.

The Encelium Extend Light Management System has been accepted as a secure system by the GSA (General Services Administration), an independent agency of the United States government, and is currently used for smart lighting in government and commercial buildings. Learn more:

Part 4, available shortly, will focus on insider threats and more. 

Related Articles

Latest Articles

  • Video: LEDVANCE Lightpoint Learning Facility

    Video: LEDVANCE Lightpoint Learning Facility

    February 23, 2024 LIGHTPOINT Studio & Showroom, the brand-new corporate classroom training facility, located at their national customer service and sales center (NCSSC) in Westfield, IN. Go HERE for more information Read More…

  • How Effective Communication Reduces Plant Hazards

    How Effective Communication Reduces Plant Hazards

    February 23, 2024 By Rick Farrell, President, PlantTours In plant operations, the margin for error is notoriously slim. The smallest oversight, a single misinterpreted instruction, or an unnoticed alert can be the difference between smooth operations and catastrophic failures. While advanced technologies and protocols play an undeniable part in ensuring safety, the bedrock upon which… Read More…

  • A Guide To The Most Essential Hand Tools for Electricians

    A Guide To The Most Essential Hand Tools for Electricians

    February 22, 2024 By Jonard Tools It is currently a great time to be an electrician- however, you’ll need the right hand tools for the job. In this article Jonard Tools highlight the most essential hand tools for electrical work, as well as dive into the specifics of how they are utilized and why they’re… Read More…

  • New Research on Smart Home Technology and Market Trends

    New Research on Smart Home Technology and Market Trends

    February 22, 2024 AI-driven features in home energy management and security systems excite more than half of the current smart home users, concludes new research exploring the perceptions, preferences, and reservations of residential renters and owners regarding the adoption and usage of smart home technologies. However, the survey also highlights data privacy concerns and high… Read More…

Changing Scene

  • LEDVANCE Canada Welcomes Cristiano Konofal as National Account Manager

    LEDVANCE Canada Welcomes Cristiano Konofal as National Account Manager

    February 26, 2024 LEDVANCE Canada has introduced Cristiano Konofal as their National Account Manager. “I am thrilled to announce the return of Cristiano Konofal as a National Account Manager. Cristiano has extensive experience working with our customer base and has technical skills that will be an asset to our team. We look forward to seeing… Read More…

  • Government of Canada Invests in TDG Transit Design Group

    Government of Canada Invests in TDG Transit Design Group

    February 23, 2024 The Governemnt of Canada has announced a FedDev Ontario investment of over $1.6 million for TDG Transit Design Group, a manufacturer and designer of made-in-Canada, energy-efficient LED lighting systems for the global rail transit industry. Through this investment, TDG Transit Design Group will adopt new equipment at its newly expanded 10,000-square-foot facility… Read More…

  • Alberta to Invest in Apprenticeship Seats Through 2024 Budget

    Alberta to Invest in Apprenticeship Seats Through 2024 Budget

    February 23, 2024 Through their Budget 2024, Alberta’s government would invest an additional $24 million per year over the next three years to create 3,200 apprenticeship seats at 11 post-secondary institutions across the province. The new investment would bring the total funding through the Apprenticeship Learning Grant for the 2024-25 academic year to $78 million…. Read More…

  • PataBid and City Electric Supply Introduce Estimating Software Promotion

    PataBid and City Electric Supply Introduce Estimating Software Promotion

    February 23, 2024  City Electric Supply Corporation CA and PataBid have joined forces to offer our mutual customers an exclusive discount on Quantify electrical estimating software.  Sign up for a free trial and link your CES account to your PataBid Quantify account to unlock this special offer. If you’re not registered with CES yet, drop by… Read More…