The role of the architect will be to introduce some humanity into all this technology,” says the new chair of the Internet of Things Security Foundation (IoTSF) working group for smart buildings, Norman Disney & Young (NDY) cyber security advisor Alan Mihalic.
Mihalic is concerned that the Internet of Things (IoT) will have a disruptive effect on the architecture, construction and engineering sectors. “Architects will have to understand that everything [in a building] will be connected to the network and as such, they will have to factor that into their designs,” he said, while also showing his excitement about the possibilities our smart future holds.
“There will be major changes,” the new IoTSF chair states, “where everything will be connected to the building – the IoT will be an enabler of services and buildings will become information hubs.” Mihalic also stated that the overall value of the IoT in the built environment is set to reach $USD30 billion globally by 2020.
Mihalic’s appointment marks the formation of the working group, which extends the work of IoTSF into the enterprise domain. This aligns with the Foundation’s mission to ensure fit for purpose digital security is not only provisioned by vendors, but also applied to best effect across the spectrum of IoT’s application space.
The goal of the new Smart Buildings Working Group is to establish a comprehensive set of guidelines to help each of the supply chain participants to specify, procure, install, integrate, operate and maintain IoT securely in buildings. This includes intelligent buildings equipment and controls such as audio visual, fire, HVAC, lighting and building security.
A further objective of the group is to ensure that the recommendations produced are globally applicable and are simple to adopt – fitting within existing processes wherever possible. “To help achieve this, the working group aims to open the channels of communication between building occupiers, facilities managers, engineers, designers and urban planners in relation to the cyber security challenges affecting building environments,” says the NDY Cyber Security Advisor.
Milhalic made several strong points on cyber security of course, underlining the true purpose of the new working group. “Buildings are working spaces, information portals and community information exchanges that require appropriate security controls to meet their future potential,” he says, echoing a significant section of the wider sector. Without sufficient IoT security protection, we might as well forget about safety in smart buildings but also in the wider internet.
IoT devices were at the center of the biggest cyber attack in history last year when hackers used IoT enabled devices such as video surveillance cameras and printers, to overwhelm the popular DNS service Dyn. Dyn is one of the most popular DNS services in the world with clients including Twitter, Spotify, and Reddit, whose sights were all taken offline as a result of the DDoS attack.
“In a relatively short time we’ve taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters,” tweeted Jeff Jarmoc, head of security for global business service Salesforce, which no doubt would have been tough pill to swallow for the IoTSF. There have been numerous attacks since too, and many directly targeting the IoT in smart buildings.
In a relatively short time we've taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters.
— Jeff Jarmoc 🐉🔥 (@jjarmoc) October 22, 2016
“An environment has been created in which anyone who wants to cause harm to a person or organization can do so through our cyber physical world with relative anonymity. Harm could range from “nuisance attacks to larger scale physical security breaches that adversely impact the overall operational viability of a commercial building, render it unsafe for its occupants, expose building owners to significant liability risk, and cause indelible reputational damage to the business,” explains our report: Cyber Security in Smart Commercial Buildings 2017 to 2021.
If we are to manage this risk then organizations like the IoTSF, and initiatives like the working group for smart buildings, can be important for constructing solutions and raising the status of the IoT security issue. Mihalic and his team have a tough challenge ahead, but with the support of the sector they may be vital in the IoT security dilemma.
“It is all about making spaces work. In a Smart Buildings age, this includes maintaining data confidentiality, privacy and public safety levels that meet community and corporate expectations. This can only be achieved by a globally available Cyber Smart Building Framework. IoTSF and NDY are pleased to be driving this global initiative.”