KNX Association cvba

De Kleetlaan 5, Bus 11 
B 1831 Diegem (Brussels) 
Belgium

Tel. : +32 (0)2 775 85 90
Fax : +32 (0)2 675 50 28

Contact                                               Imprint

© 2017 KNX Association

Social Media

  • Grey Facebook Icon
  • Grey Twitter Icon
  • Grey Google+ Icon
  • Grey YouTube Icon
  • Grey Pinterest Icon

Checklist for Installers - Part 3: Is my installation secure?

August 31, 2017

Step-by-Step Project Management – Is your installation safe against unauthorised access?

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Fort Knox, the Tower of London, and the safest of banks and not to forget casinos – Once something is in there, no unauthorised person can get anything out of there. Is that so? Well, most of the times this is the case, but not, when someone forgot to lock the door. And this brings us already to the moral of this little anecdote: No matter how great and secure your safe is, as long as you do not take care of the most obvious security measures, your little or big treasures will never be safe.

 

Although this article is not about crown jewels, gold or bundles of money, this article addresses something that some might consider of higher importance – Security in your installation against unauthorised access. Just considering that we spend most of our times in our bed, it is of highest importance that we feel safe and secure in our house, without having to worry that anybody could temper with our installation. This brings us back to the opening anecdote: You might have the best technology or the services of the best. However, as long as the door to the installation is not shut, mischief persons can temper with your installation.

 

In our previous article, we addressed the countermeasures for making your installation safe and hacker-proof. However, due to the feedback for “Checklist 1” about the project’s preparation and “Checklist 2” about the proper project’s hand-over, as well as the many inquiries by readers for a Security Checklist, we are happy to welcome you to the final “Checklist for Installers – Part 3: Is my Installation secure?”.

 

The following 10 steps will help you to increase the security in your installation:

 

 

1. Were the following measures taken into account during installation?

 

Let’s not lose any time and dive in the most important part of the checklist – The security of the actual installation. Either during your planning or as a check afterwards, the following questions, should be answered positively in order for your customer to have a good-night sleep and for you to be proud of your installation. So, ask yourself:

  • Are devices and applications fixed mounted?

  • Is it ensured that devices are properly protected against dismounting (e. g. use of anti-theft protection measures)?

  • Is it ensured that unauthorized persons have limited access to distribution boards with mounted KNX installations (e. g. always locked or located in locked rooms)?

  • Is it difficult to access devices in external areas (e. g. mounted at a sufficient height)?

  • In case the KNX installation can be operated from areas in buildings that are public and not surveyed, did you contemplate the use of binary inputs (mounted in distribution boards) or push button interfaces?

If you can confidently say that you have taken all points into consideration, you are already on the safer (note the comparative use of “safe”). In order to be on the safe side however, let’s have a look as the following points:

 

 

2. Is Twisted Pair used as communication medium?

 

Twisted Pair, or “TP”, how some of you might call it, is still the most commonly used communication medium in order to transport telegrams. Reason is their high reliability. But especially since the twisted pair cable is so common in installations, it is of highest importance to be more prepared than the one, who might try to hack your installation. Therefore, are you positive on the following two questions:

  • Is the cable anywhere in- or outside the home or the building protected against unauthorized access?

  • In case the twisted pair cable is used in areas requiring extra protection measures, have you taken the extra measures for couplers?

In case you do not know, which extra measures are available for couplers, keep reading. We will get there…

 

 

3. Is Power Line used as communication medium?

 

Especially for retro fitting, Power Line communication is a common alternative to twisted pair. Having that in mind, hackers could come prepared for tempering with a Power Line installation. Same as before, make sure that you are one step ahead of the henchmen by asking yourself:

  • Have band stop filters been installed?

  • If Power Line communication is also used outside the building, have you taken the same measures for the media coupler?

Still, if you have no idea about measures for couplers, be patient and keep on reading.

 

 

4. Is IP used as communication medium?

 

Amongst you readers, which are also on board of the smart home hype, this question and its points are of most important. Especially when the term “hacking of an installation” comes up, it is often due to the many entry doors of an IP installation. The easiest answer to shut all doors would be to tell the installer not to use IP, or the customer should simply refrain from using the smart phone or tablet in order to control the installation. However, refraining from IP communication for an installation is equivalent of advising not to use the internet for online banking and shopping. Times are moving on and so does also home and building control.

 

As IP communication can be found in any installation, it is more than just important to be positive about the following:

  • Have the network settings been documented and handed over to the home owner or the LAN administrator?