Vor 8 Monaten
Cyber-Defence Campus, armasuisse Wissenschaft und Technologie
Building Automation Systems (BAS) are quite common and widespread across today‘s buildings. As with all legacy technologies, their initial security level was quite low. Fortunately, the industry stepped up and started to improve product security through adoption of secure development practices and standards i.e., ISA/IEC 62443 and new protocols like BACnet/SC. Alongside actual product security, additional security measures that are standard in corporate IT environments, e.g., network detection and response (NDR), are also getting more attention. As these products, protocols, and additional security measures are yet to be widely deployed in the field, very few public security research has been done on these. To help close this gap and provide an opportunity for stakeholders, researchers, and students to keep up with these developments, the CYD Campus is planning a one-week hackathon in February 2025. The CYD Campus will provide several fully configured testbenches featuring real building HVAC (Heating, Ventilation and Air Conditioning) systems from different vendors as well as several standalone gateways and devices for extensive testing during this week. The hackathon will feature a training track and an open security research and tooling track. The later will be split into multiple sub-tracks with focus on offensive or defensive topics. Open research and Tooling (03.02-07.02) This track will be split in multiple sub-tracks led by one or multiple domain experts. Sub-tracks have either an offensive or defensive focus. Offensive: Participants may analyze devices, protocols and software for vulnerabilities, test and develop new attack strategies and tools, or develop strategies to evade detection by security controls.Defensive: Participants may run tests to improve their understanding of practical/operational aspects of techno logies such as BACnet/SC (e.g., certificate handling or hybrid setups), test or build mechanisms and tools to detect attacks on the network or the devices themselves, or look at hardening measures and other preventive controls from different manufacturers Training Track (03.02-05.02) Dynamic Firmware Analysis(03.02-05.02): Experts in firmware analysis and reverse engineering will demonstrate how to emulate embedded device firmware in order to detect, debug and exploit vulnerabilities. Manufacturers can use this know how to augment their product testing activities and buyers and security researchers to bring their security assessment skills and toolbox to the next level. Exploring BACnet with Scapy(06.02.2025): Scapy is a powerful Python-based interactive packet manipulation program and library. It can be used to forge or decode packets for a variety of protocols, send them on the wire, capture them, match requests and replies, and much more. In this one-day hands-on workshop, you'll learn how to use Scapy's capabilities to build your own implementation of the BACnet protocol from scratch.