Resilience and Cyber Security of Technology in the Built Environment

This briefing is essential reading for those involved in the specification, design, procurement and operation of buildings where there is a convergence of corporate IT and building systems, including industrial control systems (ICS).

The technical briefing examines the different sources of threats across the building lifecycle from initial concept through to decommissioning. It considers potential threat agents that could cause or contribute to a cyber security incident and identifies some of the measures that may be appropriate to reduce the risks.

Economic and environmental pressures have encouraged the convergence of technical infrastructure and computer-based systems. Cyber security and resilience incidents are becoming increasingly common as these converged systems are being connected to cyberspace. Such incidents can have a serious impact on the operation of organisations and there is a growing need to protect against the many associated risks.

To help guide organisations, the briefing describes the 20 critical controls (developed by the SANS Institute) that should be applied to address threats to both intellectual property/commercial data and to the design and operation of building systems. In addition, case studies help to highlight the numerous issues involved, and related standards are also identified. This work constitutes the first step in an IET strategy to provide more specific guidance, standards and training in this emerging area.

Contents

  • Introduction and background;
  • Overview of resilience and cyber security;
  • Understanding the threat landscape;
  • Resilience and cyber security during specification phase;
  • Resilience and cyber security during design phase;
  • Resilience and cyber security during construction;
  • Resilience and cyber security during operations;
  • Managing change – impact on resilience and cyber security;
  • Resilience and cyber security during decommissioning;
  • Relevant standards;
  • Intelligent building case studies;
             A-1 Office building;
             A-2 Sports stadium;
             A-3 Transport terminals;
  • 20 Critical controls;
  • Glossary.

This document is available to all registered users of the IET site; you will be prompted to log in or register if necessary. Registration is free, and does not require IET membership.