Cybersecurity Assurance for IoT Lighting Systems
Jan 14, 2022
by Jared Morello
We live in a world of connected, intelligent devices referred to as the Internet of Things (IoT), and each year new products are brought online to solve modern-day challenges.
Connected devices communicate to share information with other devices and systems within a network and are often implemented into the environments of companies in diverse sectors such as manufacturing, healthcare, education, and commercial offices. When equipped and installed correctly with a building’s large-scale automation system, IoT devices and systems help to warrant safe and secure facilities for occupants while reducing operational expenses (OPEX) by optimizing and automating many services, including lighting and HVAC controls.
During a commercial building’s planning and development phase, its lighting system is often a more extensive discussion. IoT lighting systems, which generally include digital sensors, communication interfaces, and actuator drivers, are programmed using advanced control algorithms and can be organized into lighting networks to operate remotely. This not only eliminates the need for the overall system to work in manual mode and reduces costs, but increases energy efficiency, occupant comfort and productivity, as well as cybersecurity assurance.
Unfortunately, as the demand for integrated technology such as lighting systems in commercial buildings increases and the flow of data travelling through buildings becomes more complex, potential exposure to cyber threats increases. In recent years there have been multiple instances of hackers entering a corporate network through a compromised device, often tracing back to poorly implemented security. The results are expensive and problematic — leading to loss of revenue and productivity, theft of private information, and erosion of occupant confidence.
In many cases, these cybersecurity attacks, including sniffing and vectoring, and man-in-the-middle (MIT) threats, are caused by poor commission technology, the security features integrated within a device or system at the time of manufacturing that is automatically activated when powered on. MIT attacks are most associated with lighting systems as they are used as an avenue to access a building’s larger network.
When commissioning a new smart lighting system, facility managers must first investigate national and regional requirements and then evaluate a system’s commission technology components. This process includes understanding the system’s device authentication, zero-touch encryption provisions, and lighting network isolation ahead of installation.
The Importance of Encryption
All wireless lighting control systems rely on encryption to protect communication between devices on the network. Although encryption is necessary, it is not sufficient on its own, as it only prevents eavesdropping rather than identifying whom one is communicating with, which is where device authentication comes into play. Identity-based authentication ensures that a device only communicates with another authorized device and prevents it from downloading malicious software (malware) and becoming a security risk. Mutual authentication, encryption, and the ability to securely download firmware are fundamental building blocks of device security.
Network-layer encryption is the first line of defence to prevent an attacker from reading or breaking into the network. Encryption provides a structure for private communication by translating the communication between devices into a code. The device receiving the information can decrypt if the two devices share the same “key.” In wireless systems, the shared keys often must be set or “provisioned” on every device or every zone of devices. During commissioning, this can be an enormous task that is time-consuming, prone to errors, and often unmanageable over the system’s lifetime. More troublingly, it exposes the security keys to the installer’s commissioning tools and sometimes to the installer themselves. Without using key pairs to prove identity, devices that receive the public key are assumed to be authentic and there’s no way for another device or commissioning tool to challenge their authentication. Here is where zero-touch encryption comes into play.
Zero-touch encryption is a type of encryption provisioning that provides a preloaded digital identity and security profile, making the system automatically secure. The contractor never has to set up security keys for the facility manager — this happens automatically, which is why it’s called “zero-touch.” However, it’s important to note that this software can be insufficient by itself — if an attacker discovers a system’s preloaded identity, they then have access to the entire network. To combat this, lighting control systems should proactively replace the pre-existing profile with a new one upon commissioning. This step allows each (sub)network to have unique encryption, and should be handled by the system without the user’s interaction to ease the commissioning process. Embedding strong security into commercial lighting controls and building systems makes it possible for an install of a wireless lighting system to be completed in a matter of hours, compared to several weeks for traditional wired systems or older wireless systems without this technology.
Regarding network isolation, a key component in ensuring that Operational Technology (OT) network vulnerabilities do not lead to vulnerabilities on the Information Technology (IT) network, it’s of great importance to understand the need for this separation. In late 2013, during the peak of the retail season, hackers breached Target’s private network and accessed credit card data for thousands of consumers. The hackers gained entry using network credentials stolen from a provider of refrigeration and HVAC equipment to Target. Incidents like this makes it essential to maintain separation from a building’s network and seek out a lighting system designed to operate on a parallel network that never intersects with a private network.
After the installation and commissioning process is complete of a chosen security integrated IoT lighting system, the benefits and values of a secure system become much more apparent to facility managers, including ease of maintenance and lighting quality.
Protection Starts with Specification
Many centralized, networked lighting systems provide excellent monitoring and control capabilities. For example, the system may set off alarm notifications via email, text, or other methods about issues requiring immediate attention. The system may also provide the facility manager with daily reports on equipment, making operations more responsive and efficient.
Additionally, an IoT lighting system provides a tool for facility managers to guarantee comfortable visual conditions of building occupants working on completing tasks efficiently and safely. These systems support quality lighting by enabling control of light level, spatial brightness, and colour output. Ease of monitoring ensures lighting is provided without interruption while delivering data to the facility manager, which they can leverage to gain insight into user preferences. This information can also be valuable for future lighting designs.
As for cybersecurity assurance, a secure lighting system solution offers a facility manager a way to combat and track vulnerabilities with technology already built within before it’s too late and internal communications and data are shared.
More devices are connected to building networks every day, and it’s of the utmost importance that building owners work together with facility managers and building operators to understand that the opportunities for security threats are also increasing within all building systems. IBM cybersecurity experts analyzing past breaches noted that 20 percent of attacks are initially caused by compromised credentials in a 2021 report. Hackers often exploit a less well-known security hole in IoT devices, including holes within lighting systems connected to a building’s larger network. Thus, educating and understanding the security assurance within IoT devices is paramount and relatively intuitive with the right strategy and system in place.
As specialists in electrical and digital building infrastructures, Legrand highly encourages those evaluating a new networked lighting system to ensure that the chosen manufacture adheres to all government requirements. In addition, all selected products within the system have been extensively tested its security capabilities through third-party certifications, such as the ioXt Alliance Certification program or other programs meeting DesignLights Consortium (DLC) Networked Lighting Control System Technical Requirements (Version 5), also known as NLC5.
Published with the written permission of Lighting Control Association
Jared Morello, VP of Specification Sales, Legrand North America.