The Smart City Blog

​Is Cybersecurity the Next “Killer App” for Smart Buildings?

- Monday, February 19, 2018

Smart buildings are no longer a vague idea in the mind of ardent futurists. Today, more than 2.7 billion devices have been deployed in smart buildings to improve operational efficiency, safety, comfort and functionality. As of 2015, 84% of building automation system (BAS) operators reported using Internet-connected systems to tap into the power of the Cloud and Big Data. These systems bring a range of benefits, from increased energy efficiency to improved productivity.

But they also raise cause for alarm. The presence of billions of new Internet-connected devices has dramatically increased the number of attack surfaces in a world where ransomware, malware, and cyber-espionage/terrorism are on the rise. In a 2014 survey, IBM found that only 29% of BAS operators had taken action or were in the process of taking action to improve the cybersecurity of their Internet-connected systems. It’s not surprising, then, that according to the U.S. Department of Homeland Security the number of cyber incidents involving industrial control systems, which includes BAS, increased by 74% from 2011 to 2014. Indeed, Gartner predicts that by the end of this year, 20% of smart buildings will have suffered from some form of digital vandalism.


Building automation system (BAS) operators reported using Internet-connected systems in 2015


BAS operators had taken or were taking action to protect Internet-connected systems in 2015>


Increase in cyber incidents involving industrial systems from 2011 to 2014

The Cybersecurity Opportunity in Smart Buildings

Every challenge bears within it the seed of opportunity—and the cybersecurity problem is no different. Research firm Memoori estimates that global revenues for smart building cybersecurity will reach $8.65 billion by 2021, more than double the estimated $4.26 billion in 2016. The market is expected to grow at a healthy 15% CAGR over the forecast period as smart building operators race to stay ahead of threats against their critical systems and data.

Not everyone will benefit from this opportunity. Many are still sitting on the sidelines waiting for the cybersecurity market—and customer demand—to develop. Yet, there are others that we’re working with who have begun to take action today. They understand that now is the time to position themselves as cybersecurity leaders and build brands and products that customers can trust.

Building Stronger, More Secure Smart Building Networks

One of the biggest dangers in smart buildings is that they’re not prepared for the numerous threats found within an Internet-connected world. Many of the devices installed in building automation systems were built for closed networks that were isolated from the outside world. Authorization controls are weak or nonexistent, data is frequently left unencrypted, and the administrative web interfaces are not built to handle the kinds of attacks we see on public websites.

Compounding this problem, cybersecurity is traditionally seen as the domain of IT experts. Most building managers lack the knowledge or experience needed to fend off botnets, denial-of-service attacks, brute-force attacks and the many other threats posed by sophisticated hackers. This is an area where BAS vendors can step forward to help their customers navigate the complexities of implementing effective network security.


The first step in any sound security policy is encryption. With encryption, data is only readable by those with the keys to decode it. A good encryption scheme can make it difficult, if not impossible, for hackers to steal sensitive information or gain control of network devices.

Historically, one of the biggest obstacles to implementing encryption within smart building networks is the relatively low bandwidth provided by available communications protocols. However, this has changed with the advent of high-speed protocols like HD-PLC. Developed for advanced smart building applications, HD-PLC achieves fast +10Mbps data rates over distances up to several kilometers long. This gives it ample bandwidth to support the high-bandwidth demands of converged smart building networks, along with cryptostrong AES-128 encryption.

AES encryption is a specification developed by the US National Institute of Standards and Technology. It is used by the US government and many others worldwide. It is the only publicly available cipher approved by the National Security Agency (NSA) for the protection of top secret information. AES offers several key sizes: 128-, 192-, and 256-bit. AES-128 encryption is best suited for smart building networks, since it is secure enough to withstand modern day brute-force attacks, yet very bandwidth-efficient.


Another recommended countermeasure borrowed from the IT world is the whitelisting and blacklisting of devices. Whitelisting is a relatively simple approach for locking down the network. A whitelist maintains a list of permitted, trusted devices and prevents endpoints from communicating with unknown or unauthorized devices. Similarly, a blacklist can be used to prevent access from specific IP/MAC addresses and countries.

Both of these approaches are well-suited for building automation systems, since the software has a small footprint and low overhead and the network is well-defined. Together, they help prevent devices from communicating beyond where they’re supposed to or being accessed from outside the network. Megachips’ HD-PLC SoC solutions integrate this functionality, alongside standard AES-128 encryption, to facilitate the implementation of robust cybersecurity in smart buildings.

Software Updates

No software is perfect. As consumers, we constantly receive security updates for our cell phones and personal computers to fix bugs and prevent hackers from finding and exploiting weaknesses. However, most building automation devices are never updated once they leave the factory, leaving them vulnerable to all kinds of unanticipated threats.

The most secure BAS devices include the provision for future updates. MegaChips’ HD-PLC solutions employ IPv6 addressing to enable the addition of state-of-the-art security features through simple firmware updates, so that end customers can trust that they always have the most advanced security available.

Meet New Cybersecurity and Bandwidth Challenges with HD-PLC

Legacy communications protocols aren’t built to handle the cybersecurity threats encountered in modern smart building networks. Fortunately, there are new options now like HD-PLC designed to meet the bandwidth, cybersecurity and cost concerns of these applications.

Download the HD-PLC whitepaper to learn more.

Let Us Know What You Think

Is cybersecurity the next “killer app”? What are you doing to address these concerns in your products and applications? Please share your thoughts in the comments below.

Michael Navid
VP, Marketing and Business Development, MegaChips
Michael is an accomplished business executive who has spent the last 15 years working to advance the communications technologies needed to build a smarter planet. The original founder of the G3-PLC Alliance, he was a key contributor in the evolution of G3-PLC as the premier communications technology for smart grids. Today, Michael is applying his experience and energy to bringing the benefits of HD-PLC to smart cities and smart buildings. When he’s not driving technology transformation, you’ll likely find him in one of his vintage cars heading down Pacific Coast Highway in Southern California.
Connect with him on LinkedIn.

Freida Janicke commented on 24-Dec-2018 12:37 PM
viagra bali
Felton Owoc commented on 24-Dec-2018 02:25 PM
viagra 600mg
Hortensia Kaili commented on 24-Dec-2018 04:54 PM
viagra 5 mg
Ignacio Biedenbender commented on 24-Dec-2018 11:57 PM
viagra generic
Ervin Svenningsen commented on 25-Dec-2018 10:06 AM
80 mg viagra
Micah Ork commented on 26-Dec-2018 04:18 AM
cialis uk
Luis Schwenke commented on 02-Jan-2019 12:28 PM
viagra 600 mg
Alessandra Sakovitch commented on 03-Jan-2019 01:58 AM
viagra kosten
Seymour Chapen commented on 03-Jan-2019 01:59 AM
viagra xarelto
Germaine Loson commented on 04-Jan-2019 09:05 AM
viagra fiyati
Shaquita Payano commented on 05-Jan-2019 07:42 PM
viagra alcohol
Skye commented on 13-Feb-2019 07:21 AM
Wߋw, aweѕome weblog structure! How lengtһy hɑve you ever been bloɡging for?
yoou mɑⅾe blogging gⅼance easy. The overall look of
your site іs excellent, as neatly as the ⅽontent material!
Gale Larrabee commented on 09-Jul-2019 03:05 AM
비아그라 구입 관련 정보 정리가 잘된 사이트 [url=""]비아샵[/url]
Shyla Cagey commented on 12-Aug-2019 02:16 PM
We communicate to you buy a viagra safely and conveniently. [url=""]비아온샵[/url]
Arden Mean commented on 15-Jan-2020 07:36 AM
Keep it up.
Αποφραξεις commented on 05-Mar-2020 02:39 AM
The company αποφραξεις Αντωνίου has been the leading choice in services of clogging, maintenance, sewerage and water abstraction for all areas of Attica.
Our staff, through their continuous training and utilizing the most modern blocking machines in Greece, is the most appropriate proposal for an immediate and effective solution to blockage problems.
Αποφραξεις commented on 05-Mar-2020 02:41 AM
The company αποφραξεις Αντωνίου has been the leading choice in services of clogging, maintenance, sewerage and water abstraction for all areas of Attica.
Our staff, through their continuous training and utilizing the most modern blocking machines in Greece, is the most appropriate proposal for an immediate and effective solution to blockage problems.
Bass Boos Car commented on 18-May-2020 07:27 AM
Bass Boos Car

Post a Comment

Captcha Image

Trackback Link
Post has no trackbacks.