As smart buildings move towards open communication technologies, providing access to the Building Automation System (BAS) through the intranet, or even remotely through the Internet, has become a common practice. However, BAS was historically developed as a closed environment and designed with limited cyber-security considerations. Thus, smart buildings are vulnerable to cyber-attacks with the increased accessibility. This study introduces the development and capability of a Hardware-in-the-Loop (HIL) testbed for testing and evaluating the cyber-physical security of typical BASs in smart buildings. The testbed consists of three subsystems: (1) a real-time HIL emulator simulating the behavior of a virtual building as well as the Heating, Ventilation, and Air Conditioning (HVAC) equipment via a dynamic simulation in Modelica; (2) a set of real HVAC controllers monitoring the virtual building operation and providing local control signals to control HVAC equipment in the HIL emulator; and (3) a BAS server along with a web-based service for users to fully access the schedule, setpoints, trends, alarms, and other control functions of the HVAC controllers remotely through the BACnet network. The server generates rule-based setpoints to local HVAC controllers. Based on these three subsystems, the HIL testbed supports attack/fault-free and attack/fault-injection experiments at various levels of the building system. The resulting test data can be used to inform the building community and support the cyber-physical security technology transfer to the building industry.

翻译：随着智能建筑向开放式通信技术发展，通过内网甚至远程互联网访问楼宇自动化系统（BAS）已成为常见做法。然而，BAS历来被设计为封闭环境，且网络安全考虑有限。因此，随着可访问性的提高，智能建筑易受网络攻击。本研究介绍了一种用于测试和评估典型智能建筑BAS网络物理安全的硬件在环（HIL）测试平台的开发与能力。该测试平台由三个子系统组成：（1）实时HIL仿真器，通过Modelica动态仿真模拟虚拟建筑及暖通空调（HVAC）设备的行为；（2）一组真实HVAC控制器，监测虚拟建筑运行并生成本地控制信号，以控制HIL仿真器中的HVAC设备；（3）BAS服务器及基于Web的服务，使用户可通过BACnet网络远程完全访问HVAC控制器的日程、设定值、趋势、报警及其他控制功能。该服务器为本地HVAC控制器生成基于规则的设定值。基于这三个子系统，HIL测试平台支持在建筑系统的不同层级进行无攻击/无故障及攻击/故障注入实验。生成的测试数据可用于为建筑行业提供信息，并支持网络物理安全技术向建筑工业的转移。