A demonstration experiment simulating a cyber attack on an office building discovered vulnerabilities in building equipment systems.

SoftBank Technology Corp. (Headquarters: Shinjuku-ku, Tokyo, President: Shinichi Ata, hereinafter referred to as SBT) and Cybertrust Japan Co., Ltd. (Headquarters: Shinjuku-ku, Tokyo, President: Yasutoshi Magara, hereinafter referred to as Cybertrust Japan) are jointly building automation systems (hereinafter referred to as BA) with Takenaka Corporation (Headquarters: Chuo-ku, Osaka, President: Masahiro Miyashita, hereinafter referred to as Takenaka Corporation). *1 Conducted a demonstration experiment of security vulnerability diagnosis targeting the facility environment *2.

As a result, vulnerabilities were detected in cyber attacks via the internal information (OA) network as well as from the control (BA) network itself, which is assumed to operate on a closed network. This can cause damage such as unauthorized intrusion into servers (e.g., air conditioning subsystems, etc.) and equipment on the control (BA) network, or downing of power systems, air conditioning systems, lighting systems, etc. by infecting them with malware. It turns out it's possible.

Based on the results of this study, SBT and Cybertrust Japan, in collaboration with Takenaka Corporation, are implementing a control system that assumes operation via an internal information (OA) network and a closed network as a security measure for the BA facility environment. BA) We will promote the development of security solutions for BA based on the need to take countermeasures that anticipate physical attacks on devices in addition to intrusions from the network itself.

■Demonstration experiment results

The results of the penetration test*3 conducted in this demonstration experiment are as follows.

1. Possibility of intrusion from the internal information (OA) network to the control (BA) network that is assumed to operate on a closed network:
   In the demonstration experiment, it was not possible to infiltrate the control (BA) network, which is assumed to operate on a closed network, from the internal information (OA) network, but it is possible to infiltrate the control (BA) network, which is assumed to operate on a closed network, but it is possible to do so by carrying out attacks over time. It turned out that there is a sex.
2. Intrusion and attack on servers/devices on the control (BA) network assuming operation in a closed network:
   It was discovered that if the control (BA) network was accessed, the target system could be compromised.
3. Evaluation of the controller device itself that controls the equipment:
   Some devices, such as energy-saving monitors (displays), that are not designed to be attacked have poor security functions, and this could be used as a springboard to cause damage to building control equipment. It turns out that.

■Future developments

Based on the results of this demonstration experiment, we will promote the joint development of equipment security solutions for BA/FA (Factory Automation)/PA (Process Automation), and will promote the joint development of equipment security solutions for BA/FA (Factory Automation)/PA (Process Automation). We will strive to improve security awareness in the Smart Factory market based on Industry 4.0 and the Smart Factory market, and promote highly safe and secure automation.

• *1) Building automation system: An information system that comprehensively monitors, manages, and controls a wide variety of equipment in a building (power equipment, air conditioning equipment, disaster prevention/crime prevention equipment, mechanical equipment such as elevators). By monitoring the operational status of equipment and recording and managing operational information in an integrated manner, it is possible to ensure safety within buildings, promote energy conservation, strengthen crime prevention, and save labor in administrative tasks.


• *2) In this demonstration experiment, Cybertrust Japan and Bellu Creative Co., Ltd. (Headquarters: Nihonbashi, Chuo-ku, Tokyo, Representative Director: Toshiro Owada), which provides "IoT/control system penetration testing", jointly conducted a security vulnerability diagnosis. We are implementing it.


• *3) Penetration test: A test that attempts to penetrate systems connected to a network using various methods. The main investigation items include the level of durability against DoS attacks (denial of service attacks) and the degree of impact it would have on other computers and external networks in the event of actual intrusion.

• *Company names, product names, and service names mentioned in this release are trademarks or registered trademarks of our company or each company or organization.