Background

The project’s background takes its starting point in the growing trend of connected properties that utilize IoT technology to streamline and automate various building functions for example energy supply, energy production (e.g. solar cells), ventilation, lock/passer systems and alarm systems.

This development creates a complex systems-of-systems structure where several subsystems with different industrial suppliers and security solutions must be able to coexist and communicate within one and the same building automation system (BMS).

Modern properties can also communicate with each other in blocks or clusters where they exchange data and different types of energy. These individual or clusters of properties in their turn communicate with the power grid for frequency regulation, flex market and similar services that are critical to the power grid and society at large.

Challenge

A challenge is how these coexisting systems can be secured against cyber threats and other forms of disruption without compromising their basic functions. It is common for each subsystem to have its own set of security solutions, creating a heterogeneous and complex environment that can be difficult to monitor and protect effectively, thereby creating potential vulnerabilities.
Today’s systems need to use sensors together in a resource-efficient way, which also places demands on the sharing of data. In this context, it becomes necessary to develop comprehensive security strategies that are not only robust and adaptable, but also applicable to a diversity of subsystems.

It will also be critical to be able to identify and differentiate between cyber threats and malfunctions that may be the result of system failures rather than
malicious attacks.

What do we want to achieve?

The project aims to create a harmonized and robust architecture with an associated test bed for a cyber security infrastructure regarding the connected properties of the future consisting of fully or partially autonomous subsystems, while at the same time contributing to the scientific and technical knowledge base in the area.
The testbed will be implemented in a new modern property with state-of-the-art technologies
  • IoT and IoT security

    We work on tools for connecting and authenticating IoT devices, eg. sensors, that are useful if you need your own IoT devices to develop your services. We also monitor the communication to ensure that no one has hacked in and taken over your device.

  • ErrorDectectionIndication

    The method of ErrorDectectionIndication is based on analysis of systems with proper operational capability to be able to identify anomalies and take appropriate action when required.

  • Machine learning

    We work with machine learning to automatically recognize what are normal patterns in data, and what are deviations.

  • Summary

    Increased cyber security and resilience in connected properties with heterogeneous systems through anomaly detection, authentication and integrity control of functions and data.

The idea of the project

The project will work with, develop and apply a testbed for ErrorDetectingIdentification in order to work with methods for detecting anomalies in property controls and operation that can be due to both malfunctioning and a malicious cyber impact on the property. For the detection of anomalies, both data on subsystem operational functions will be included and that ”normal” operational function is monitored for
to create profiles regarding normal operation where we apply time series analysis with machine learning (ML) methods and artificial intelligence (AI) to identify deviations large enough to be considered anomalies.
An important part in identifying anomalies is that there is correct decision support, this requires authentication of system functions and integrity of the data that is shared. For authentication of system functions and data integrity, we will use blockchains that involve distributed consensus, which means that individual system functions should not be able to execute malicious or incorrect functions where different consensus methods such as ”proof-of-authority” and ”federated consensus” will be included and being studied.erty operations and use.

The project's potential

The project aims to contribute to an increased degree of maturity regarding property management and connected/smart properties and neighborhoods where the majority of systems exist and cooperation between these is required to effectively manage and secure a sustainable operation where safety, security and integrity with the connection to, for example, the energy system becomes socially critical. We have a system-of-systems approach where each subsystem has its own autonomous functions and security solutions that contribute to the overall property function but where we have identified the need for a holistic cyber security approach for sufficient systems-of-systems security.
The project will also contribute to the awareness of the need for ”security-by-design”, which we believe will crystallize in the experiments that will take place. The project’s results will be made available in the form of a test bed provided to actors in the area where the property, (ACE building), that constitutes the physical platform for the project is made available based on the data sets that subsystems create and the security functionality (including detecting both cyber threats and malfunctions) that is worked out in the project.