Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

BACnet Wide Area Network Security Threat Assessment.

Published

Author(s)

David G. Holmberg

Abstract

This technical report addresses inter-networked building automation and control systems (BAS or BCS) using the BACnet protocol [ANSI/ASHRAE, 2001]. The report deals with threats from known sources due to communication connections to the corporate LAN and the public internet as well as physical threats to the building automation equipment and attached computers. Weaknesses of the protocol, BACnet 2001, and of the physical implementation will be examined. The BACnet system security environment is discussed followed by detailed threat analysis and possible countermeasures. The objective is to have a document that summarizes the threats toward and weaknesses of a BACnet network. This document can in turn be used for Common Criteria (CC) Protection Profile (PP) development and for guidance in selecting security solutions.
Citation
NIST Interagency/Internal Report (NISTIR) - 7009
Report Number
7009

Keywords

building control system, network, security, BACnet, protocol, threat, vulnerability

Citation

Holmberg, D. (2003), BACnet Wide Area Network Security Threat Assessment., NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.7009 (Accessed December 5, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created July 1, 2003, Updated November 10, 2018