Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Cyber threats confronting thedigital built environment
Common data environment vulnerabilities andblock chain deterrenceErika A Parn and David Edwards
School of Engineering and the Built EnvironmentBirmingham City University Birmingham UK
AbstractPurpose ndash Smart cities provide fully integrated and networked connectivity between virtualdigital assetsand physical buildinginfrastructure assets to form digital economies However industrial espionage cyber-crime and deplorable politically driven cyber-interventions threaten to disrupt andor physically damage thecritical infrastructure that supports national wealth generation and preserves the health safety and welfare ofthe populous The purpose of this paper is to present a comprehensive review of cyber-threats confrontingcritical infrastructure asset management reliant upon a common data environment to augment buildinginformation modelling (BIM) implementationDesignmethodologyapproach ndash An interpretivist methodological approach to reviewing pertinentliterature (that contained elements of positivism) was adopted The ensuing mixed methods analysis reportsupon case studies of cyber-physical attacks reveals distinct categories of hackers identifies and reports uponthe various motivations for the perpetratorsactors and explains the varied reconnaissance techniques adoptedFindings ndash The paper concludes with direction for future research work and a recommendationto utilize innovative block chain technology as a potential risk mitigation measure for digital builtenvironment vulnerabilitiesOriginalityvalue ndashWhile cyber security and digitization of the built environment have been widely coveredwithin the extant literature in isolation scant research has hitherto conducted an holistic review of the perceivedthreats deterrence applications and future developments in a digitized Architecture Engineering Constructionand Operations (AECO) sector This review presents concise and lucid reference guidance that will intellectuallychallenge and better inform both practitioners and researchers in the AECO field of enquiryKeywords Building information modelling Integrated practiceInformation and communication technology (ICT) applicationsPaper type General review
Introduction
Wewill neglect our cities to our peril for in neglecting them we neglect the nation - John F Kennedy
Throughout history buildings and infrastructure (ie ldquophysical assetsrdquo that cumulativelyconstitute the built environment) have provided secure sanctuaries protecting inhabitantsfrom theft and malicious attacks (Toy 2006) Todayrsquos built environment is no exception andconserves this utilitarian physicality However contemporary operations and maintenance(OampM) works have become increasingly dependent upon an expansive web of cyber-physical connectivity Such connectivity has been achieved via an amalgamation of smartsensor-based network technologies (Lin et al 2006) advanced computerization (Paumlrn andEdwards 2017) and computational intelligence techniques (Bessis and Dobre 2014)
Contextualized as virtual assets the voluminous data and information generatedthroughout a physical buildinginfrastructure assetrsquos whole lifecycle (ie designconstruction and operationsoccupancy phases) constitutes the basis for knowledgepropagation insightful business intelligence and an invaluable commercial commodity(Edwards et al 2017) Intelligence on buildinginfrastructure asset performance augmentsdecision making via automated analytics geared towards driving economic prosperity
Engineering Construction andArchitectural Management
Vol 26 No 2 2019pp 245-266
copy Emerald Publishing Limited0969-9988
DOI 101108ECAM-03-2018-0101
Received 16 March 2018Revised 8 May 2018
3 June 2018Accepted 15 June 2018
The current issue and full text archive of this journal is available on Emerald Insight atwwwemeraldinsightcom0969-9988htm
245
Common dataenvironment
vulnerabilities
business profitability and environmental conservation (Lin et al 2006 Ryan 2017) Thesepalpable benefits have steered government reforms globally towards embeddingdigitalization throughout the Architecture Engineering Construction and Operations(AECO) sector ndash a sector that encapsulates the whole lifecycle of an assetrsquos designconstruction and subsequent use (Nye 2017) For example the UK governmentrsquos mandatedpolicy ldquoDigital Built Britain 2025rdquo represents a prominent epitome of ambitious plans tocoalesce digitized economies and infrastructure deployment (HM Government 2015) Thisstrategic vision has been enacted via the building information modelling (BIM) Level 2mandate to extend the frontiers of digitized asset handover for building and infrastructureasset owners (HM Government 2013) BIM has orchestrated a paradigm shift in the waythat information is managed exchanged and transformed to stimulating greatercollaboration between stakeholders who interact within a common data environment(CDE) throughout the buildinginfrastructure assetrsquos whole lifecycle (Eastman et al 2011)
Adaptation of a CDE for critical infrastructure (ie the processes systems technologiesand assets essential to economic security andor public safety) constitutes a key facet ofeffective asset digitalization and offers potential ldquolong-termrdquo lifecycle savings for bothgovernment and private sector funded projects (Bradley et al 2016) In the ldquoshort-termrdquo aprecipitous amount of front-loaded government expenditure earmarked to augmentoperations management means that a concerted effort has been made to develop accurateBIM asset information models (AIM) for large infrastructure asset managers (eg utilitycompanies Highways England Network Rail Environment Agency) (BSI 2014a)
Government policy edict will continue to transform the modus operandi for developingand maintaining buildings and infrastructure within the smart built environment (Bessisand Dobre 2014) However the proliferation of cyber-physical connectivity inherent withina CDE has inadvertently created opportunities for hackers and terrorists and anomnipresent threat of cyber-crime prevails (Boyes 2013a) ndash yet surprisingly extantliterature is overtly sanguine about the conspicuous benefits accrued from digitalization(BSI 2014a b c HM Government 2015) Infrastructure stakeholders (eg clients projectmanagers and designers and coordinators) are unwittingly confronted by clandestine cyber-assailants targeting critical infrastructures through a digital portal facilitated by the CDErsquosintegral networked systems that support OampM activities (Ficco et al 2017) Curiouslypertinent literature is replete with examples of public policy considerations that evaluatecritical infrastructure exposed to intentional attacks natural disasters or physical accidents(Mayo 2016) However the discourse is comparatively silent on substantial cyber-physicalsecurity risks posed by a wholesale digital shift within the AECO sector (Kello 2013)Significant risks posed could disrupt the stream of virtual data produced and in turn have aprofound detrimental impact upon a virtually enabled built environment leading to physicalinterruption andor destruction of infrastructure assets (eg electricity generation) therebyendangering members of the public
Given this prevailing worldwide menace a comprehensive literature review of cyber-threats impacting upon the built environment and specifically critical infrastructure isconducted Concomitant objectives are to report upon case studies of cyber-physical attackto better comprehend distinct categories of hackers their motivations and thereconnaissance techniques adopted and explore innovative block chain technology as apotential risk mitigation measure for digital built environment vulnerabilities The researchconcludes with new hypothesis and research questions that will initiate much needed futureinvestigations and an expanded academicpractitioner discourse within this novel area
MethodologyThe methodology adopted an interpretivist research approach to reviewing extant literature(Walsham 1995) that contained elements of positivism where the latter was founded upon
246
ECAM262
the assumption that published material has already been scientifically verified by a robustpeer review process A systematic literature review conducted collected and criticallyanalyzed results emanating from existing studies found within extant literature where theliterature constituted data and the population frame (Levy and Ellis 2006) An iterative fourstage process was implemented that consisted of a broader review of wider literature to setthe context for this research study a specific review of cyber-space and cyber-physicalattacks ndash case studies of cyber-attacks extracted from the Repository of Industrial SecurityIncidents (RISI) online incident database were reviewed to identify the motivations forhacking and to delineate and define the various types of hackers (otherwise known asactors) a componential analysis of literature ndash a mixed methods componential analysis wasconducted to provide a richer understanding of the established but fragmented topic ofcyber-crime A componential analysis is a manual qualitative technique that assigns themeaning of a word(s) or other linguistic unit(s) to discrete semantic components (Fisher2018) In this instance a cross comparative tabulation matrix of key industries studied andrecurrent emergent themes identified was constructed to present analysis findings and areport upon innovative cyber-deterrence techniques ndash an iterative process flow diagram isutilized to explain how ldquoblock chainrdquo can be successfully employed to provide superiorprotection against ensuing cyber-threats (when compared to encryption and firewalls)Collectively this chain of documentary evidence and analysis of such provided a thoroughand holistic contextualization of cyber-threats confronting the digital built environment
The digital JacquerieGlobally an insatiable desire within rural communities for economic migration to citiescontinues to engender an upsurge in urbanization ndash a trend further exacerbated by aprojected 97bn population growth by 2050 (UN 2014a 2015) For both developed anddeveloping countries relentless urbanization presents a complex socio-economicconundrum and raises portentous political issues such as deficiencies in health careprovisions (UN 2014b) lack of resources and malnutrition (UN 2015) and environmentaldegradation and pollution (UN 2015) These dystopian challenges can be alleviated throughfor example shrewd allocation of resources via social circumscription measures (UN 2014b)However politicians worldwide have also contemplated the implicit assumption oftechnology inertia as an impediment to government reform (cf Mokyr 1992) Policiessubsequently developed have responded accordingly by mandating advanced technologieswithin smart city development as a panacea to these challenges within the AECO sector ndash asector sensu stricto berated for its reluctance to innovate (BSI 2014a) Despite a notabledisinclination to change the AECO sector is widely espoused as being a quintessentialeconomic stimulus (Eastman et al 2011) ndash significantly contributing to gross domesticproduct (HM Government 2015) and providing mass-labor employment (DBIS 2013)Consequently the AECO sector was a prime candidate for the UK governmentrsquos BIM Level2 mandate that seeks to immerse it within a digital economy Specifically the Digital BuiltBritain report (HM Government 2015) aspires that
The UK has the potential to lead one of the defining developments of the 21st century which willenable the country to capture not only all of the inherent value in our built assets but also the datato create a digital and smart city economy to transform the lives of all
Within this digital insurgency critical infrastructures are at the forefront of the UKgovernmentrsquos strategic agenda (Bradley et al 2016) Unabated advancements incomputerization have widened the capability of decision support to providing appropriateresolutions to pertinent infrastructure challenges such as optimizing planning and economicdevelopment (Ryan 2017) ensuring resilient clean air water and food supply (Bradley et al2016) andor safeguarding integrated data and security systems (BSI 2014a) Throughout the
247
Common dataenvironment
vulnerabilities
various stages of an infrastructure assetrsquos lifecycle this transition is further fortified by BIMtechnology and the use of a CDE that can improve information and performance management(Paumlrn and Edwards 2017) The palpable benefits of BIM and CDE extend beyond the designand construction phases into the operations phase of asset occupancy and use BIMtechnologyrsquos innate capability is essential during the assetrsquos operational phase whichconstitutes up to 80 percent of the overall whole lifecycle expenditure In congruence with thisstatistic the McNulty (2011) report ambitiously predicts that the potential savings associatedwith digital asset management and supply chain management may reach up to pound580mbetween 2018 and 2019 and will be facilitated through effective communications the rightspeed of action a focus on detail and change and incentives and contractual mechanisms thatencourage cost reduction For the purpose of this review digitization is acknowledged toproliferate throughout all stages of an infrastructure assetrsquos lifecycle in a smart cities anddigital economies context such has potentially severe implications businesses andgovernments who may be exposed to cyber-crime and -espionage
Smart cities and digital economiesThe British Standards Institute (BSI 2014a) defines smart cities as
The effective integration of physical digital and human systems in the built environment to delivera sustainable prosperous and inclusive future for its citizens
Within practice the term smart cities is a linguistic locution that encapsulates fullyintegrated and networked connectivity between digital infrastructure assets and physicalinfrastructure assets to form digital economies (BSI 2014a) A perspicacious hive mentalityis inextricably embedded within smart city philosophy and serves to augment intelligentanalysis of real-time data and information generated to rapidly optimize decisions in a costeffective manner (Szyliowicz 2013 Zamparini and Shiftan 2013) Consequently smart citieswithin the digital built environment form a cornerstone of a digital economy that seeks toprovide more with less maximize resource availability reduce cost and carbon emissions(whole lifecycle) enable significant domestic and international growth and ensure that aneconomy remains in the international vanguard (HM Government 2015) The unrelentingpace of digitization worldwide is set to continue with an expected $400bn (US Dollars)investment allocated for smart city development by 2020 where smart infrastructure willconsist of circa 12 percent of the cost (DBIS 2013) Yet despite this substantial forecastexpenditure scant academic attention has hitherto been paid to the complex array ofinterconnected arteries of infrastructural asset management (eg roads ports rail aviationand telecommunications) that provide an essential gateway to global markets (DBIS 2013)
The omnipresent threat of cyber-espionage and crimePrior to meticulous review of papers an established understanding of the omnipresent threatof cyber-espionage and crime is required The implementation of smart city technologies hasinadvertently increased the risk of cyber-attack facilitated through expansive networkedsystems (Mayo 2016) However cyber-crime has been largely overlooked within the builtenvironment and academic consensus concurs that a cavernous gap exists between the stateof security in practice and the achieved level of security maturity in standards (Markets andMarkets 2014) Security specialists and practitioners operating smart buildings grids andinfrastructures are said to coexist in a redundant dichotomy Instead academic and policyattention has focused upon either hypothesized scenarios within international securitystudies (eg the protection of military industrial and commercial secrets) (Rid 2012) policyplanning for cyber-warfare (McGraw 2013) andor the safety of computer systems ornetworks per se rather than cyber-physical attack (activities that could severely impactupon nuclear enrichment hospital operations public building operation and maintenance
248
ECAM262
and traffic management) (Stoddart 2016) Threats from cyber-crime have arisen partiallybecause of the increased adoption rate of networked devices but also as a result of industryrsquosoperational dependency upon IT systems (Boyes 2013b)
Cyber-criminals are particularly adept at harnessing the intrinsic intangible value of digitalassets (BSI 2015) and can decipher the digital economy and its intricacies more perceptivelythan their counterpart industrialists and businesses that are under attack (Kello 2013) Themost recent ldquoWannaCryrdquo ransomware attack personified the sophisticated measures deployedby cyber-criminals in navigating networks and identifying extracting and monetizing datafound (Hunton 2012) While the inherent value of digital assets to owners and creators is oftenindeterminate cyber-criminals manipulate data and information to encrypt ransom or sell itpiecemeal (Marinos 2016) Several prominent instances of unsecure critical infrastructureassets being physically damaged by persistent cyber-crime have been widely reportedupon (Peng et al 2015) These include the STUXNET worm that disarmed the Iranianindustrialmilitary assets at a nuclear facility (Lindsay 2013) and the malware ldquoWannaCryrdquothat caused significant damage to the UKrsquos National Health Service patient databases Germanrailway operations and businesses globally (Clarke and Youngstein 2017) Cyber-attacksremain an omnipresent national security threat to a digital economyrsquos prosperity and digitalbuilt environmentrsquos functionality and safety Reporting upon a veritable plethora of threatsposed presents significant challenges as cyber-attacks engender greater anonymity as amalicious activity (Fisk 2012) Nevertheless known cases and revolutionary deterrents willform the premise upon which this literature review is based
Cyber-space cyber-physical attacks and critical infrastructure hacksIn the UK security analysts fromMI5 andMI6 have warned that industrial cyber-espionage isincreasing in prevalence sophistication and maturity and could enable an entire shutdown ofcritical infrastructure and services including power transport food and water supplies(Hjortdal 2011) A number of pre-eminent politically driven infrastructure intrusions supportthis assertion and serve as illustrative examples that a prediction of a global pandemic mayprove to be distressingly accurate These intrusions include the Russian led cyber-attacks ondigital infrastructures (banking news outlets electronic voting systems) in Estonia in 2007(Lesk 2007) the Chinese led hacking of the US electricity network in 2009 (Hjortdal 2011) andthe USA led intrusion of Iranian nuclear plant facilities in 2005 (Denning 2012)
Cyber-space constitutes the global virtual computer based and networked environmentconsisting of ldquoopenrdquo and ldquoair gappedrdquo internet which directly or indirectly interconnectssystems networks and other infrastructures critical to societyrsquos needs (EuropeanCommission 2013) Within the vast expanse of cyber-space Kello (2013) proffers thatthree partially overlapping territories coexist namely the world wide web of nodesaccessible via URL the internet consisting of interconnected computers and theldquocyber-archipelagordquo of computer systems existing in isolation from the internet residingwithin a so-called air gap A CDE hosted on any of the aforementioned territories isprecariously exposed to cyber-physical attack (Figure 1)
Cyber-attack utilizes code to interfere with the functionality of a computer system forstrategic ambiguous experimental or political purposes (Nye 2017) Gandhi et al (2011)expand upon this definition stating that cyber-attack constitutes ldquoany act by an insider oran outsider that compromises the security expectations of an individual organization ornationrdquo Cyber-attacks can take many forms for example from publicized web defacementsinformation leaks denial of service (DoS) attacks and other cyber actions sometimes relatedto national security or military affairs Cyber-physical attacks can cause disruption ordamage to physical assets thus posing serious threats to public health and safety andor thedesecration of the environment (Peng et al 2015) One of the earliest publicly disclosedcyber-physical attacks took place during the Cold War period when a Soviet oil pipeline
249
Common dataenvironment
vulnerabilities
exploded due to a so-called logic bomb The NIST (2017) framework for enhancing theability of critical infrastructures to withstand cyber-physical attacks proposes that twodistinct dichotomous domains must be secured namely information technologies (IT) andindustrial control systems (ICS) (Rittinghouse and Hancock 2003) Common threats incurredvia IT and ICS include theft of intellectual property massive disruption to existingoperations and destruction degradation or disablement of physical assets and operationalability (Szyliowicz 2013) The European Union Agency for Network and InformationSecurity outlines multiple common sources of nefarious attacks in its malware taxonomyincluding viruses worms trojans botnets spywares scarewares roguewares adwaresand greywares (Marinos 2016)
Such attacks are made possible via a huge cyber-attack surface within cyber-spacewhere every circa 2500 lines of code presents a potential vulnerability that is identified by ahackerrsquos reconnaissance (Nye 2017) Reconnaissance is the first and most important stagefor a successful cyber-attack and seeks to determine the likely strategy for the intrusion(Marinos 2016) Strategies vary but prominent methods include scanning fingerprintingfootprinting sniffing and social engineering (refer to Table I)
Cyber-attack motivations and cyber-actors and incident analysisThe RISI database contains a comprehensive record of cyber-physical attack incidentscategorized as either confirmed or likely but confirmed (RISI 2015) However prominentcommentators contend that attacks are more prevalent than reports suggest and thatvictims are often reluctant to disclose malicious cyber-attacks against themselves due topotential reputational damage being incurred (Reggiani 2013) Cyber-physical attacks aretherefore shrouded in secrecy by states and private companies and many states havealready conceded the current digital arms race against a panoply of cyber-actors (orldquohackersrdquo) including hacktivists malware authors cyber-criminals cyber-militiascyber-terrorists patriot hackers and script kiddies
Cyber-actors are frequently classified within one of three thematic categories namelywhite hats grey hats and black hats where the color of the hat portrays their intrinsicintentions White hats are predominantly legitimately employed security researchers whoperform simulated penetration testing hacks to assess the robustness of an organizationrsquoscyber-enabled systems (Cavelty 2013) They do not have malevolent intentions but rather
LEVELS OF BIM
LOW TO MEDIUM VULNERABILITY MEDIUM TO HIGH VULNERABILITY
BIMLEVEL 0
LOWVULNERABILITY
LOWVULNERABILITY
MEDIUMVULNERABILITY
HIGH RISKVULNERABILITY
BIMLEVEL 1
BIMLEVEL 2
BIMLEVEL 3
URL
SQL
SQL DWG XML
DWG XML
INFORMATIONFORMAT 2D CAD 2D CAD + 3D 3D
LOD
7 ARCHIVED
URL NODES
INTERCONNECTED
COMPUTER
COMPUTER
ARCHIPELAGO
PUBLISHED
SHARED
WORK IN
PROGRESS
LOD
6LO
D 5
LOD
4LO
D 3
LOD
2LO
D 1
INFORMATIONEXCHANGE
PAPER-BASEDCOLLABORATION
i
FILE-BASEDCOLLABORATION
OBJECT MODEL-BASEDCOLLABORATION
NETWORK-BASEDCOLLABORATION
LOW
TO
ME
DIU
MV
ULN
ER
AB
ILIT
YM
ED
IUN
TO
HIG
HV
ULN
ER
AB
ILIT
Y
Figure 1Cyber vulnerabilitiesof CDE environmentadapted from BSIlevels of BIM
250
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyacross
thefour
journaltyp
es547
404
50
404
595
285
ArchitectureEng
ineering
Co
nstructio
nandOwner-
operated
(AECO
)
Chongetal(2014)
Autom
ationin
Construction
||
|How
elletal(2017)
Autom
ationin
Construction
||
||
Kochovski
and
Stankovski
(2018)
Autom
ationin
Construction
||
|
Fisk
(2012)
Intelligent
Buildings
Internationa
l|
Mike(2006)
Journa
lofFa
cilities
Man
agem
ent
||
|
Eom
andPa
ek(2006)
Journa
lofInform
ation
Techn
ologyin
Construction
(ITcon)
||
Jaatun
etal(2014)
Procedia
Engineering
||
||
Koo
etal(2015)
Procedia
Engineering
||
||
Nicał
andWodyń
ski
(2016)
Procedia
Engineering
||
Wangetal(2011)
Procedia
Engineering
||
|Percentage
frequencyin
AECO
journals
20
40
30
50
90
60
Transportandinfrastructure
Pateletal(2009)
Com
mun
ications
oftheACM
||
|WangandLu
(2013)
Com
puterNetworks
||
||
Liuetal(2012)
IEEEC
ommun
ications
Surveysamp
Tutorials
||
|
Jones(2016)
IEEEE
ngineering
ampTechn
ology
||
||
|
Paridarietal(2016)
IEEEInterna
tiona
lConferenceon
Cyber-Physical
System
s(ICCPS
)
||
||
Ryan(2017)
InternationalJournalof
Critical
Infrastructure
Protection
||
|
Papa
(2013)
TransportPo
licy
||
(con
tinued)
Table IEmerging thematic
groups in extantliterature
251
Common dataenvironment
vulnerabilities
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Reggiani(2013)
TransportPo
licy
|Reniers
andDullaert
(2013)
TransportPo
licy
||
Szyliowicz(2013)
TransportPo
licy
||
ZampariniandSh
iftan
(2013)
TransportPo
licy
|
Percentage
frequencyin
transportandinfrastructure
journals
545
545
818
272
363
181
Inform
ationtechnology
Hun
ton(2012)
Com
puterLa
wamp
Security
Review
||
|
Weber
andStud
er(2016)
Com
puterLa
wamp
Security
Review
||
||
Metke
andEkl
(2010)
IEEETransactio
nson
Smart
Grid
||
Tan
etal(2018)
IEEETransactio
nson
Smart
Grid
||
|
Xue
etal(2016)
IEEETrustcomBigDataS
E
ISPA
||
||
Ani
etal(2017)
Journa
lofCyber
Security
Techn
ology
||
||
|
Govinda
(2015)
Procedia
Techn
ology
||
||
Rasmia
ndJantan
(2013)
Procedia
Techn
ology
||
Safavi
etal(2013)
Procedia
Techn
ology
|Sh
itharth
and
Winston
(2015)
Procedia
Techn
ology
||
||
(con
tinued)
Table I
252
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyin
inform
ationtechnology
journals
40
60
80
20
90
30
Political
scienceinternational
relatio
nsBrantly
(2014)
Dem
ocracy
andSecurity
||
|Kello
(2013)
Internationa
lSecurity
|Lind
say(2015)
Internationa
lSecurity
||
||
|Nye
(2017)
Internationa
lSecurity
||
|Ca
velty
(2013)
Internationa
lStudies
Review
|Ca
nfil(2016)
Journa
lofInternationa
lAffairs
|
Hjortdal(2011)
Journa
lofStrategicSecurity
||
McG
raw
(2013)
Journa
lofStrategicStud
ies
||
Stoddart(2016)
PoliticalScienceQua
rterly
||
BetzandStevens
(2013)
Security
Dialog
||
|
Lind
say(2013)
Security
Stud
ies
||
Percentage
frequencyin
political
scienceinternationalrelations
journals
100
9182
636
272
9
Table I
253
Common dataenvironment
vulnerabilities
act on behalf of security companies and concomitant public interest (F-Secure 2014)Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and actas vigilantes to puncture prevailing power structures (such as Government) byembarrassing them with distributed denial of service (DDos) attacks web defacementsmalware ransomware and trojans These hacktivists often dabble with illegal means tohack but believe that they are addressing a social injustice andor otherwise supporting agood cause Black hats are often affiliated with a criminal fraternity or have other maliciousintent (Cavelty 2013) These criminals deploy the same tools used by grey and white hathackers but with the deliberate intention to cause harm vandalism sabotage websiteshutdown fraud or other illegitimate activities Many states have increasingly focused upongrey hats who have become the new uncontrolled source of hacking (Betz and Stevens2013) Table II highlights a number of prominent critical infrastructures hacks extractedfrom the RISI database and cross references these against the motivations and cyber-actors
Blurred lines governments and civiliansState and non-state actors represent a two pronged source of malicious attacks or threatsfacing the AECO sector motivations for these actors are fueled by various catalystsincluding patriotism liberal activism political ideology criminal intent and hobby interests(Hjortdal 2011 Rahimi 2011) A state is a political entity (ldquogovernmentrdquo) that hassovereignty over an area of territory and the people within it (Rahimi 2011) Within thisentity state actors are persons who are authorized to act on its behalf and are thereforesubject to regulatory control measures (Betz and Stevens 2013) A state actorrsquos role can bemyriad but often it strives to create positive policy outcomes through approaches such associal movement coalitions (cf Stearns and Almeida 2004) Conversely non-state actors arepersons or organizations who have sufficient political influence to act or participate ininternational relations for the purpose of exerting influence or causing change even thoughthey are not part of government or an established institution (Betz and Stevens 2013) Threekey types of legitimate non-state actors exist intergovernmental organizations such as theUnited Nations World Bank Group and International Monetary Fund which are establishedby a state usually through a treaty (Betz and Stevens 2013) international non-governmentorganizations such as Amnesty International Oxfam and Greenpeace which are non-profitvoluntary organizations that advocate or otherwise pursue the public good (ie economicdevelopment and humanitarian aid) (UN) and multinational corporations who pursue theirown business interests largely outside the control of national states (UN) Illegitimatenon-state actors include terrorist groups and hacktivists acting upon a range of differentmotivations including personal gain digital coercion malevolence and indoctrination ofothers using ideological doctrine (Brantly 2014) Since the millennium governmentsglobally have become increasingly aware of cyber-crime and threats stemming from suchnon-state actors Some of the more notable actors include Anonymous (Betz and Stevens2013) Ghost Net (Hunton 2012) The Red Hacker Alliance (Fisher 2018) Fancy BearldquoПрикольный медведьrdquo (Canfil 2016) and Iranian Cyber Army (Rahimi 2011)
However the boundary delineation between state actors and non-state actors engagingin cyber-physical attacks has become increasingly blurred (Betz and Stevens 2013 Papa2013) Such attribution has wider implications for the national security of states andnational responsibility for non-state actors who often act on behalf of the state underincitement of nationalistic and ideological motivation (Brantly 2014) Henderson (2008)aptly describes such blurred lines between governments and civilians by using Chinesecyber-patriot hackers as an exemplar
The alliance is exactly who and what they claim to be an independent confederation of patrioticyouth dedicated to defending China against what it perceives as threats to national pride
254
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
business profitability and environmental conservation (Lin et al 2006 Ryan 2017) Thesepalpable benefits have steered government reforms globally towards embeddingdigitalization throughout the Architecture Engineering Construction and Operations(AECO) sector ndash a sector that encapsulates the whole lifecycle of an assetrsquos designconstruction and subsequent use (Nye 2017) For example the UK governmentrsquos mandatedpolicy ldquoDigital Built Britain 2025rdquo represents a prominent epitome of ambitious plans tocoalesce digitized economies and infrastructure deployment (HM Government 2015) Thisstrategic vision has been enacted via the building information modelling (BIM) Level 2mandate to extend the frontiers of digitized asset handover for building and infrastructureasset owners (HM Government 2013) BIM has orchestrated a paradigm shift in the waythat information is managed exchanged and transformed to stimulating greatercollaboration between stakeholders who interact within a common data environment(CDE) throughout the buildinginfrastructure assetrsquos whole lifecycle (Eastman et al 2011)
Adaptation of a CDE for critical infrastructure (ie the processes systems technologiesand assets essential to economic security andor public safety) constitutes a key facet ofeffective asset digitalization and offers potential ldquolong-termrdquo lifecycle savings for bothgovernment and private sector funded projects (Bradley et al 2016) In the ldquoshort-termrdquo aprecipitous amount of front-loaded government expenditure earmarked to augmentoperations management means that a concerted effort has been made to develop accurateBIM asset information models (AIM) for large infrastructure asset managers (eg utilitycompanies Highways England Network Rail Environment Agency) (BSI 2014a)
Government policy edict will continue to transform the modus operandi for developingand maintaining buildings and infrastructure within the smart built environment (Bessisand Dobre 2014) However the proliferation of cyber-physical connectivity inherent withina CDE has inadvertently created opportunities for hackers and terrorists and anomnipresent threat of cyber-crime prevails (Boyes 2013a) ndash yet surprisingly extantliterature is overtly sanguine about the conspicuous benefits accrued from digitalization(BSI 2014a b c HM Government 2015) Infrastructure stakeholders (eg clients projectmanagers and designers and coordinators) are unwittingly confronted by clandestine cyber-assailants targeting critical infrastructures through a digital portal facilitated by the CDErsquosintegral networked systems that support OampM activities (Ficco et al 2017) Curiouslypertinent literature is replete with examples of public policy considerations that evaluatecritical infrastructure exposed to intentional attacks natural disasters or physical accidents(Mayo 2016) However the discourse is comparatively silent on substantial cyber-physicalsecurity risks posed by a wholesale digital shift within the AECO sector (Kello 2013)Significant risks posed could disrupt the stream of virtual data produced and in turn have aprofound detrimental impact upon a virtually enabled built environment leading to physicalinterruption andor destruction of infrastructure assets (eg electricity generation) therebyendangering members of the public
Given this prevailing worldwide menace a comprehensive literature review of cyber-threats impacting upon the built environment and specifically critical infrastructure isconducted Concomitant objectives are to report upon case studies of cyber-physical attackto better comprehend distinct categories of hackers their motivations and thereconnaissance techniques adopted and explore innovative block chain technology as apotential risk mitigation measure for digital built environment vulnerabilities The researchconcludes with new hypothesis and research questions that will initiate much needed futureinvestigations and an expanded academicpractitioner discourse within this novel area
MethodologyThe methodology adopted an interpretivist research approach to reviewing extant literature(Walsham 1995) that contained elements of positivism where the latter was founded upon
246
ECAM262
the assumption that published material has already been scientifically verified by a robustpeer review process A systematic literature review conducted collected and criticallyanalyzed results emanating from existing studies found within extant literature where theliterature constituted data and the population frame (Levy and Ellis 2006) An iterative fourstage process was implemented that consisted of a broader review of wider literature to setthe context for this research study a specific review of cyber-space and cyber-physicalattacks ndash case studies of cyber-attacks extracted from the Repository of Industrial SecurityIncidents (RISI) online incident database were reviewed to identify the motivations forhacking and to delineate and define the various types of hackers (otherwise known asactors) a componential analysis of literature ndash a mixed methods componential analysis wasconducted to provide a richer understanding of the established but fragmented topic ofcyber-crime A componential analysis is a manual qualitative technique that assigns themeaning of a word(s) or other linguistic unit(s) to discrete semantic components (Fisher2018) In this instance a cross comparative tabulation matrix of key industries studied andrecurrent emergent themes identified was constructed to present analysis findings and areport upon innovative cyber-deterrence techniques ndash an iterative process flow diagram isutilized to explain how ldquoblock chainrdquo can be successfully employed to provide superiorprotection against ensuing cyber-threats (when compared to encryption and firewalls)Collectively this chain of documentary evidence and analysis of such provided a thoroughand holistic contextualization of cyber-threats confronting the digital built environment
The digital JacquerieGlobally an insatiable desire within rural communities for economic migration to citiescontinues to engender an upsurge in urbanization ndash a trend further exacerbated by aprojected 97bn population growth by 2050 (UN 2014a 2015) For both developed anddeveloping countries relentless urbanization presents a complex socio-economicconundrum and raises portentous political issues such as deficiencies in health careprovisions (UN 2014b) lack of resources and malnutrition (UN 2015) and environmentaldegradation and pollution (UN 2015) These dystopian challenges can be alleviated throughfor example shrewd allocation of resources via social circumscription measures (UN 2014b)However politicians worldwide have also contemplated the implicit assumption oftechnology inertia as an impediment to government reform (cf Mokyr 1992) Policiessubsequently developed have responded accordingly by mandating advanced technologieswithin smart city development as a panacea to these challenges within the AECO sector ndash asector sensu stricto berated for its reluctance to innovate (BSI 2014a) Despite a notabledisinclination to change the AECO sector is widely espoused as being a quintessentialeconomic stimulus (Eastman et al 2011) ndash significantly contributing to gross domesticproduct (HM Government 2015) and providing mass-labor employment (DBIS 2013)Consequently the AECO sector was a prime candidate for the UK governmentrsquos BIM Level2 mandate that seeks to immerse it within a digital economy Specifically the Digital BuiltBritain report (HM Government 2015) aspires that
The UK has the potential to lead one of the defining developments of the 21st century which willenable the country to capture not only all of the inherent value in our built assets but also the datato create a digital and smart city economy to transform the lives of all
Within this digital insurgency critical infrastructures are at the forefront of the UKgovernmentrsquos strategic agenda (Bradley et al 2016) Unabated advancements incomputerization have widened the capability of decision support to providing appropriateresolutions to pertinent infrastructure challenges such as optimizing planning and economicdevelopment (Ryan 2017) ensuring resilient clean air water and food supply (Bradley et al2016) andor safeguarding integrated data and security systems (BSI 2014a) Throughout the
247
Common dataenvironment
vulnerabilities
various stages of an infrastructure assetrsquos lifecycle this transition is further fortified by BIMtechnology and the use of a CDE that can improve information and performance management(Paumlrn and Edwards 2017) The palpable benefits of BIM and CDE extend beyond the designand construction phases into the operations phase of asset occupancy and use BIMtechnologyrsquos innate capability is essential during the assetrsquos operational phase whichconstitutes up to 80 percent of the overall whole lifecycle expenditure In congruence with thisstatistic the McNulty (2011) report ambitiously predicts that the potential savings associatedwith digital asset management and supply chain management may reach up to pound580mbetween 2018 and 2019 and will be facilitated through effective communications the rightspeed of action a focus on detail and change and incentives and contractual mechanisms thatencourage cost reduction For the purpose of this review digitization is acknowledged toproliferate throughout all stages of an infrastructure assetrsquos lifecycle in a smart cities anddigital economies context such has potentially severe implications businesses andgovernments who may be exposed to cyber-crime and -espionage
Smart cities and digital economiesThe British Standards Institute (BSI 2014a) defines smart cities as
The effective integration of physical digital and human systems in the built environment to delivera sustainable prosperous and inclusive future for its citizens
Within practice the term smart cities is a linguistic locution that encapsulates fullyintegrated and networked connectivity between digital infrastructure assets and physicalinfrastructure assets to form digital economies (BSI 2014a) A perspicacious hive mentalityis inextricably embedded within smart city philosophy and serves to augment intelligentanalysis of real-time data and information generated to rapidly optimize decisions in a costeffective manner (Szyliowicz 2013 Zamparini and Shiftan 2013) Consequently smart citieswithin the digital built environment form a cornerstone of a digital economy that seeks toprovide more with less maximize resource availability reduce cost and carbon emissions(whole lifecycle) enable significant domestic and international growth and ensure that aneconomy remains in the international vanguard (HM Government 2015) The unrelentingpace of digitization worldwide is set to continue with an expected $400bn (US Dollars)investment allocated for smart city development by 2020 where smart infrastructure willconsist of circa 12 percent of the cost (DBIS 2013) Yet despite this substantial forecastexpenditure scant academic attention has hitherto been paid to the complex array ofinterconnected arteries of infrastructural asset management (eg roads ports rail aviationand telecommunications) that provide an essential gateway to global markets (DBIS 2013)
The omnipresent threat of cyber-espionage and crimePrior to meticulous review of papers an established understanding of the omnipresent threatof cyber-espionage and crime is required The implementation of smart city technologies hasinadvertently increased the risk of cyber-attack facilitated through expansive networkedsystems (Mayo 2016) However cyber-crime has been largely overlooked within the builtenvironment and academic consensus concurs that a cavernous gap exists between the stateof security in practice and the achieved level of security maturity in standards (Markets andMarkets 2014) Security specialists and practitioners operating smart buildings grids andinfrastructures are said to coexist in a redundant dichotomy Instead academic and policyattention has focused upon either hypothesized scenarios within international securitystudies (eg the protection of military industrial and commercial secrets) (Rid 2012) policyplanning for cyber-warfare (McGraw 2013) andor the safety of computer systems ornetworks per se rather than cyber-physical attack (activities that could severely impactupon nuclear enrichment hospital operations public building operation and maintenance
248
ECAM262
and traffic management) (Stoddart 2016) Threats from cyber-crime have arisen partiallybecause of the increased adoption rate of networked devices but also as a result of industryrsquosoperational dependency upon IT systems (Boyes 2013b)
Cyber-criminals are particularly adept at harnessing the intrinsic intangible value of digitalassets (BSI 2015) and can decipher the digital economy and its intricacies more perceptivelythan their counterpart industrialists and businesses that are under attack (Kello 2013) Themost recent ldquoWannaCryrdquo ransomware attack personified the sophisticated measures deployedby cyber-criminals in navigating networks and identifying extracting and monetizing datafound (Hunton 2012) While the inherent value of digital assets to owners and creators is oftenindeterminate cyber-criminals manipulate data and information to encrypt ransom or sell itpiecemeal (Marinos 2016) Several prominent instances of unsecure critical infrastructureassets being physically damaged by persistent cyber-crime have been widely reportedupon (Peng et al 2015) These include the STUXNET worm that disarmed the Iranianindustrialmilitary assets at a nuclear facility (Lindsay 2013) and the malware ldquoWannaCryrdquothat caused significant damage to the UKrsquos National Health Service patient databases Germanrailway operations and businesses globally (Clarke and Youngstein 2017) Cyber-attacksremain an omnipresent national security threat to a digital economyrsquos prosperity and digitalbuilt environmentrsquos functionality and safety Reporting upon a veritable plethora of threatsposed presents significant challenges as cyber-attacks engender greater anonymity as amalicious activity (Fisk 2012) Nevertheless known cases and revolutionary deterrents willform the premise upon which this literature review is based
Cyber-space cyber-physical attacks and critical infrastructure hacksIn the UK security analysts fromMI5 andMI6 have warned that industrial cyber-espionage isincreasing in prevalence sophistication and maturity and could enable an entire shutdown ofcritical infrastructure and services including power transport food and water supplies(Hjortdal 2011) A number of pre-eminent politically driven infrastructure intrusions supportthis assertion and serve as illustrative examples that a prediction of a global pandemic mayprove to be distressingly accurate These intrusions include the Russian led cyber-attacks ondigital infrastructures (banking news outlets electronic voting systems) in Estonia in 2007(Lesk 2007) the Chinese led hacking of the US electricity network in 2009 (Hjortdal 2011) andthe USA led intrusion of Iranian nuclear plant facilities in 2005 (Denning 2012)
Cyber-space constitutes the global virtual computer based and networked environmentconsisting of ldquoopenrdquo and ldquoair gappedrdquo internet which directly or indirectly interconnectssystems networks and other infrastructures critical to societyrsquos needs (EuropeanCommission 2013) Within the vast expanse of cyber-space Kello (2013) proffers thatthree partially overlapping territories coexist namely the world wide web of nodesaccessible via URL the internet consisting of interconnected computers and theldquocyber-archipelagordquo of computer systems existing in isolation from the internet residingwithin a so-called air gap A CDE hosted on any of the aforementioned territories isprecariously exposed to cyber-physical attack (Figure 1)
Cyber-attack utilizes code to interfere with the functionality of a computer system forstrategic ambiguous experimental or political purposes (Nye 2017) Gandhi et al (2011)expand upon this definition stating that cyber-attack constitutes ldquoany act by an insider oran outsider that compromises the security expectations of an individual organization ornationrdquo Cyber-attacks can take many forms for example from publicized web defacementsinformation leaks denial of service (DoS) attacks and other cyber actions sometimes relatedto national security or military affairs Cyber-physical attacks can cause disruption ordamage to physical assets thus posing serious threats to public health and safety andor thedesecration of the environment (Peng et al 2015) One of the earliest publicly disclosedcyber-physical attacks took place during the Cold War period when a Soviet oil pipeline
249
Common dataenvironment
vulnerabilities
exploded due to a so-called logic bomb The NIST (2017) framework for enhancing theability of critical infrastructures to withstand cyber-physical attacks proposes that twodistinct dichotomous domains must be secured namely information technologies (IT) andindustrial control systems (ICS) (Rittinghouse and Hancock 2003) Common threats incurredvia IT and ICS include theft of intellectual property massive disruption to existingoperations and destruction degradation or disablement of physical assets and operationalability (Szyliowicz 2013) The European Union Agency for Network and InformationSecurity outlines multiple common sources of nefarious attacks in its malware taxonomyincluding viruses worms trojans botnets spywares scarewares roguewares adwaresand greywares (Marinos 2016)
Such attacks are made possible via a huge cyber-attack surface within cyber-spacewhere every circa 2500 lines of code presents a potential vulnerability that is identified by ahackerrsquos reconnaissance (Nye 2017) Reconnaissance is the first and most important stagefor a successful cyber-attack and seeks to determine the likely strategy for the intrusion(Marinos 2016) Strategies vary but prominent methods include scanning fingerprintingfootprinting sniffing and social engineering (refer to Table I)
Cyber-attack motivations and cyber-actors and incident analysisThe RISI database contains a comprehensive record of cyber-physical attack incidentscategorized as either confirmed or likely but confirmed (RISI 2015) However prominentcommentators contend that attacks are more prevalent than reports suggest and thatvictims are often reluctant to disclose malicious cyber-attacks against themselves due topotential reputational damage being incurred (Reggiani 2013) Cyber-physical attacks aretherefore shrouded in secrecy by states and private companies and many states havealready conceded the current digital arms race against a panoply of cyber-actors (orldquohackersrdquo) including hacktivists malware authors cyber-criminals cyber-militiascyber-terrorists patriot hackers and script kiddies
Cyber-actors are frequently classified within one of three thematic categories namelywhite hats grey hats and black hats where the color of the hat portrays their intrinsicintentions White hats are predominantly legitimately employed security researchers whoperform simulated penetration testing hacks to assess the robustness of an organizationrsquoscyber-enabled systems (Cavelty 2013) They do not have malevolent intentions but rather
LEVELS OF BIM
LOW TO MEDIUM VULNERABILITY MEDIUM TO HIGH VULNERABILITY
BIMLEVEL 0
LOWVULNERABILITY
LOWVULNERABILITY
MEDIUMVULNERABILITY
HIGH RISKVULNERABILITY
BIMLEVEL 1
BIMLEVEL 2
BIMLEVEL 3
URL
SQL
SQL DWG XML
DWG XML
INFORMATIONFORMAT 2D CAD 2D CAD + 3D 3D
LOD
7 ARCHIVED
URL NODES
INTERCONNECTED
COMPUTER
COMPUTER
ARCHIPELAGO
PUBLISHED
SHARED
WORK IN
PROGRESS
LOD
6LO
D 5
LOD
4LO
D 3
LOD
2LO
D 1
INFORMATIONEXCHANGE
PAPER-BASEDCOLLABORATION
i
FILE-BASEDCOLLABORATION
OBJECT MODEL-BASEDCOLLABORATION
NETWORK-BASEDCOLLABORATION
LOW
TO
ME
DIU
MV
ULN
ER
AB
ILIT
YM
ED
IUN
TO
HIG
HV
ULN
ER
AB
ILIT
Y
Figure 1Cyber vulnerabilitiesof CDE environmentadapted from BSIlevels of BIM
250
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyacross
thefour
journaltyp
es547
404
50
404
595
285
ArchitectureEng
ineering
Co
nstructio
nandOwner-
operated
(AECO
)
Chongetal(2014)
Autom
ationin
Construction
||
|How
elletal(2017)
Autom
ationin
Construction
||
||
Kochovski
and
Stankovski
(2018)
Autom
ationin
Construction
||
|
Fisk
(2012)
Intelligent
Buildings
Internationa
l|
Mike(2006)
Journa
lofFa
cilities
Man
agem
ent
||
|
Eom
andPa
ek(2006)
Journa
lofInform
ation
Techn
ologyin
Construction
(ITcon)
||
Jaatun
etal(2014)
Procedia
Engineering
||
||
Koo
etal(2015)
Procedia
Engineering
||
||
Nicał
andWodyń
ski
(2016)
Procedia
Engineering
||
Wangetal(2011)
Procedia
Engineering
||
|Percentage
frequencyin
AECO
journals
20
40
30
50
90
60
Transportandinfrastructure
Pateletal(2009)
Com
mun
ications
oftheACM
||
|WangandLu
(2013)
Com
puterNetworks
||
||
Liuetal(2012)
IEEEC
ommun
ications
Surveysamp
Tutorials
||
|
Jones(2016)
IEEEE
ngineering
ampTechn
ology
||
||
|
Paridarietal(2016)
IEEEInterna
tiona
lConferenceon
Cyber-Physical
System
s(ICCPS
)
||
||
Ryan(2017)
InternationalJournalof
Critical
Infrastructure
Protection
||
|
Papa
(2013)
TransportPo
licy
||
(con
tinued)
Table IEmerging thematic
groups in extantliterature
251
Common dataenvironment
vulnerabilities
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Reggiani(2013)
TransportPo
licy
|Reniers
andDullaert
(2013)
TransportPo
licy
||
Szyliowicz(2013)
TransportPo
licy
||
ZampariniandSh
iftan
(2013)
TransportPo
licy
|
Percentage
frequencyin
transportandinfrastructure
journals
545
545
818
272
363
181
Inform
ationtechnology
Hun
ton(2012)
Com
puterLa
wamp
Security
Review
||
|
Weber
andStud
er(2016)
Com
puterLa
wamp
Security
Review
||
||
Metke
andEkl
(2010)
IEEETransactio
nson
Smart
Grid
||
Tan
etal(2018)
IEEETransactio
nson
Smart
Grid
||
|
Xue
etal(2016)
IEEETrustcomBigDataS
E
ISPA
||
||
Ani
etal(2017)
Journa
lofCyber
Security
Techn
ology
||
||
|
Govinda
(2015)
Procedia
Techn
ology
||
||
Rasmia
ndJantan
(2013)
Procedia
Techn
ology
||
Safavi
etal(2013)
Procedia
Techn
ology
|Sh
itharth
and
Winston
(2015)
Procedia
Techn
ology
||
||
(con
tinued)
Table I
252
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyin
inform
ationtechnology
journals
40
60
80
20
90
30
Political
scienceinternational
relatio
nsBrantly
(2014)
Dem
ocracy
andSecurity
||
|Kello
(2013)
Internationa
lSecurity
|Lind
say(2015)
Internationa
lSecurity
||
||
|Nye
(2017)
Internationa
lSecurity
||
|Ca
velty
(2013)
Internationa
lStudies
Review
|Ca
nfil(2016)
Journa
lofInternationa
lAffairs
|
Hjortdal(2011)
Journa
lofStrategicSecurity
||
McG
raw
(2013)
Journa
lofStrategicStud
ies
||
Stoddart(2016)
PoliticalScienceQua
rterly
||
BetzandStevens
(2013)
Security
Dialog
||
|
Lind
say(2013)
Security
Stud
ies
||
Percentage
frequencyin
political
scienceinternationalrelations
journals
100
9182
636
272
9
Table I
253
Common dataenvironment
vulnerabilities
act on behalf of security companies and concomitant public interest (F-Secure 2014)Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and actas vigilantes to puncture prevailing power structures (such as Government) byembarrassing them with distributed denial of service (DDos) attacks web defacementsmalware ransomware and trojans These hacktivists often dabble with illegal means tohack but believe that they are addressing a social injustice andor otherwise supporting agood cause Black hats are often affiliated with a criminal fraternity or have other maliciousintent (Cavelty 2013) These criminals deploy the same tools used by grey and white hathackers but with the deliberate intention to cause harm vandalism sabotage websiteshutdown fraud or other illegitimate activities Many states have increasingly focused upongrey hats who have become the new uncontrolled source of hacking (Betz and Stevens2013) Table II highlights a number of prominent critical infrastructures hacks extractedfrom the RISI database and cross references these against the motivations and cyber-actors
Blurred lines governments and civiliansState and non-state actors represent a two pronged source of malicious attacks or threatsfacing the AECO sector motivations for these actors are fueled by various catalystsincluding patriotism liberal activism political ideology criminal intent and hobby interests(Hjortdal 2011 Rahimi 2011) A state is a political entity (ldquogovernmentrdquo) that hassovereignty over an area of territory and the people within it (Rahimi 2011) Within thisentity state actors are persons who are authorized to act on its behalf and are thereforesubject to regulatory control measures (Betz and Stevens 2013) A state actorrsquos role can bemyriad but often it strives to create positive policy outcomes through approaches such associal movement coalitions (cf Stearns and Almeida 2004) Conversely non-state actors arepersons or organizations who have sufficient political influence to act or participate ininternational relations for the purpose of exerting influence or causing change even thoughthey are not part of government or an established institution (Betz and Stevens 2013) Threekey types of legitimate non-state actors exist intergovernmental organizations such as theUnited Nations World Bank Group and International Monetary Fund which are establishedby a state usually through a treaty (Betz and Stevens 2013) international non-governmentorganizations such as Amnesty International Oxfam and Greenpeace which are non-profitvoluntary organizations that advocate or otherwise pursue the public good (ie economicdevelopment and humanitarian aid) (UN) and multinational corporations who pursue theirown business interests largely outside the control of national states (UN) Illegitimatenon-state actors include terrorist groups and hacktivists acting upon a range of differentmotivations including personal gain digital coercion malevolence and indoctrination ofothers using ideological doctrine (Brantly 2014) Since the millennium governmentsglobally have become increasingly aware of cyber-crime and threats stemming from suchnon-state actors Some of the more notable actors include Anonymous (Betz and Stevens2013) Ghost Net (Hunton 2012) The Red Hacker Alliance (Fisher 2018) Fancy BearldquoПрикольный медведьrdquo (Canfil 2016) and Iranian Cyber Army (Rahimi 2011)
However the boundary delineation between state actors and non-state actors engagingin cyber-physical attacks has become increasingly blurred (Betz and Stevens 2013 Papa2013) Such attribution has wider implications for the national security of states andnational responsibility for non-state actors who often act on behalf of the state underincitement of nationalistic and ideological motivation (Brantly 2014) Henderson (2008)aptly describes such blurred lines between governments and civilians by using Chinesecyber-patriot hackers as an exemplar
The alliance is exactly who and what they claim to be an independent confederation of patrioticyouth dedicated to defending China against what it perceives as threats to national pride
254
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
the assumption that published material has already been scientifically verified by a robustpeer review process A systematic literature review conducted collected and criticallyanalyzed results emanating from existing studies found within extant literature where theliterature constituted data and the population frame (Levy and Ellis 2006) An iterative fourstage process was implemented that consisted of a broader review of wider literature to setthe context for this research study a specific review of cyber-space and cyber-physicalattacks ndash case studies of cyber-attacks extracted from the Repository of Industrial SecurityIncidents (RISI) online incident database were reviewed to identify the motivations forhacking and to delineate and define the various types of hackers (otherwise known asactors) a componential analysis of literature ndash a mixed methods componential analysis wasconducted to provide a richer understanding of the established but fragmented topic ofcyber-crime A componential analysis is a manual qualitative technique that assigns themeaning of a word(s) or other linguistic unit(s) to discrete semantic components (Fisher2018) In this instance a cross comparative tabulation matrix of key industries studied andrecurrent emergent themes identified was constructed to present analysis findings and areport upon innovative cyber-deterrence techniques ndash an iterative process flow diagram isutilized to explain how ldquoblock chainrdquo can be successfully employed to provide superiorprotection against ensuing cyber-threats (when compared to encryption and firewalls)Collectively this chain of documentary evidence and analysis of such provided a thoroughand holistic contextualization of cyber-threats confronting the digital built environment
The digital JacquerieGlobally an insatiable desire within rural communities for economic migration to citiescontinues to engender an upsurge in urbanization ndash a trend further exacerbated by aprojected 97bn population growth by 2050 (UN 2014a 2015) For both developed anddeveloping countries relentless urbanization presents a complex socio-economicconundrum and raises portentous political issues such as deficiencies in health careprovisions (UN 2014b) lack of resources and malnutrition (UN 2015) and environmentaldegradation and pollution (UN 2015) These dystopian challenges can be alleviated throughfor example shrewd allocation of resources via social circumscription measures (UN 2014b)However politicians worldwide have also contemplated the implicit assumption oftechnology inertia as an impediment to government reform (cf Mokyr 1992) Policiessubsequently developed have responded accordingly by mandating advanced technologieswithin smart city development as a panacea to these challenges within the AECO sector ndash asector sensu stricto berated for its reluctance to innovate (BSI 2014a) Despite a notabledisinclination to change the AECO sector is widely espoused as being a quintessentialeconomic stimulus (Eastman et al 2011) ndash significantly contributing to gross domesticproduct (HM Government 2015) and providing mass-labor employment (DBIS 2013)Consequently the AECO sector was a prime candidate for the UK governmentrsquos BIM Level2 mandate that seeks to immerse it within a digital economy Specifically the Digital BuiltBritain report (HM Government 2015) aspires that
The UK has the potential to lead one of the defining developments of the 21st century which willenable the country to capture not only all of the inherent value in our built assets but also the datato create a digital and smart city economy to transform the lives of all
Within this digital insurgency critical infrastructures are at the forefront of the UKgovernmentrsquos strategic agenda (Bradley et al 2016) Unabated advancements incomputerization have widened the capability of decision support to providing appropriateresolutions to pertinent infrastructure challenges such as optimizing planning and economicdevelopment (Ryan 2017) ensuring resilient clean air water and food supply (Bradley et al2016) andor safeguarding integrated data and security systems (BSI 2014a) Throughout the
247
Common dataenvironment
vulnerabilities
various stages of an infrastructure assetrsquos lifecycle this transition is further fortified by BIMtechnology and the use of a CDE that can improve information and performance management(Paumlrn and Edwards 2017) The palpable benefits of BIM and CDE extend beyond the designand construction phases into the operations phase of asset occupancy and use BIMtechnologyrsquos innate capability is essential during the assetrsquos operational phase whichconstitutes up to 80 percent of the overall whole lifecycle expenditure In congruence with thisstatistic the McNulty (2011) report ambitiously predicts that the potential savings associatedwith digital asset management and supply chain management may reach up to pound580mbetween 2018 and 2019 and will be facilitated through effective communications the rightspeed of action a focus on detail and change and incentives and contractual mechanisms thatencourage cost reduction For the purpose of this review digitization is acknowledged toproliferate throughout all stages of an infrastructure assetrsquos lifecycle in a smart cities anddigital economies context such has potentially severe implications businesses andgovernments who may be exposed to cyber-crime and -espionage
Smart cities and digital economiesThe British Standards Institute (BSI 2014a) defines smart cities as
The effective integration of physical digital and human systems in the built environment to delivera sustainable prosperous and inclusive future for its citizens
Within practice the term smart cities is a linguistic locution that encapsulates fullyintegrated and networked connectivity between digital infrastructure assets and physicalinfrastructure assets to form digital economies (BSI 2014a) A perspicacious hive mentalityis inextricably embedded within smart city philosophy and serves to augment intelligentanalysis of real-time data and information generated to rapidly optimize decisions in a costeffective manner (Szyliowicz 2013 Zamparini and Shiftan 2013) Consequently smart citieswithin the digital built environment form a cornerstone of a digital economy that seeks toprovide more with less maximize resource availability reduce cost and carbon emissions(whole lifecycle) enable significant domestic and international growth and ensure that aneconomy remains in the international vanguard (HM Government 2015) The unrelentingpace of digitization worldwide is set to continue with an expected $400bn (US Dollars)investment allocated for smart city development by 2020 where smart infrastructure willconsist of circa 12 percent of the cost (DBIS 2013) Yet despite this substantial forecastexpenditure scant academic attention has hitherto been paid to the complex array ofinterconnected arteries of infrastructural asset management (eg roads ports rail aviationand telecommunications) that provide an essential gateway to global markets (DBIS 2013)
The omnipresent threat of cyber-espionage and crimePrior to meticulous review of papers an established understanding of the omnipresent threatof cyber-espionage and crime is required The implementation of smart city technologies hasinadvertently increased the risk of cyber-attack facilitated through expansive networkedsystems (Mayo 2016) However cyber-crime has been largely overlooked within the builtenvironment and academic consensus concurs that a cavernous gap exists between the stateof security in practice and the achieved level of security maturity in standards (Markets andMarkets 2014) Security specialists and practitioners operating smart buildings grids andinfrastructures are said to coexist in a redundant dichotomy Instead academic and policyattention has focused upon either hypothesized scenarios within international securitystudies (eg the protection of military industrial and commercial secrets) (Rid 2012) policyplanning for cyber-warfare (McGraw 2013) andor the safety of computer systems ornetworks per se rather than cyber-physical attack (activities that could severely impactupon nuclear enrichment hospital operations public building operation and maintenance
248
ECAM262
and traffic management) (Stoddart 2016) Threats from cyber-crime have arisen partiallybecause of the increased adoption rate of networked devices but also as a result of industryrsquosoperational dependency upon IT systems (Boyes 2013b)
Cyber-criminals are particularly adept at harnessing the intrinsic intangible value of digitalassets (BSI 2015) and can decipher the digital economy and its intricacies more perceptivelythan their counterpart industrialists and businesses that are under attack (Kello 2013) Themost recent ldquoWannaCryrdquo ransomware attack personified the sophisticated measures deployedby cyber-criminals in navigating networks and identifying extracting and monetizing datafound (Hunton 2012) While the inherent value of digital assets to owners and creators is oftenindeterminate cyber-criminals manipulate data and information to encrypt ransom or sell itpiecemeal (Marinos 2016) Several prominent instances of unsecure critical infrastructureassets being physically damaged by persistent cyber-crime have been widely reportedupon (Peng et al 2015) These include the STUXNET worm that disarmed the Iranianindustrialmilitary assets at a nuclear facility (Lindsay 2013) and the malware ldquoWannaCryrdquothat caused significant damage to the UKrsquos National Health Service patient databases Germanrailway operations and businesses globally (Clarke and Youngstein 2017) Cyber-attacksremain an omnipresent national security threat to a digital economyrsquos prosperity and digitalbuilt environmentrsquos functionality and safety Reporting upon a veritable plethora of threatsposed presents significant challenges as cyber-attacks engender greater anonymity as amalicious activity (Fisk 2012) Nevertheless known cases and revolutionary deterrents willform the premise upon which this literature review is based
Cyber-space cyber-physical attacks and critical infrastructure hacksIn the UK security analysts fromMI5 andMI6 have warned that industrial cyber-espionage isincreasing in prevalence sophistication and maturity and could enable an entire shutdown ofcritical infrastructure and services including power transport food and water supplies(Hjortdal 2011) A number of pre-eminent politically driven infrastructure intrusions supportthis assertion and serve as illustrative examples that a prediction of a global pandemic mayprove to be distressingly accurate These intrusions include the Russian led cyber-attacks ondigital infrastructures (banking news outlets electronic voting systems) in Estonia in 2007(Lesk 2007) the Chinese led hacking of the US electricity network in 2009 (Hjortdal 2011) andthe USA led intrusion of Iranian nuclear plant facilities in 2005 (Denning 2012)
Cyber-space constitutes the global virtual computer based and networked environmentconsisting of ldquoopenrdquo and ldquoair gappedrdquo internet which directly or indirectly interconnectssystems networks and other infrastructures critical to societyrsquos needs (EuropeanCommission 2013) Within the vast expanse of cyber-space Kello (2013) proffers thatthree partially overlapping territories coexist namely the world wide web of nodesaccessible via URL the internet consisting of interconnected computers and theldquocyber-archipelagordquo of computer systems existing in isolation from the internet residingwithin a so-called air gap A CDE hosted on any of the aforementioned territories isprecariously exposed to cyber-physical attack (Figure 1)
Cyber-attack utilizes code to interfere with the functionality of a computer system forstrategic ambiguous experimental or political purposes (Nye 2017) Gandhi et al (2011)expand upon this definition stating that cyber-attack constitutes ldquoany act by an insider oran outsider that compromises the security expectations of an individual organization ornationrdquo Cyber-attacks can take many forms for example from publicized web defacementsinformation leaks denial of service (DoS) attacks and other cyber actions sometimes relatedto national security or military affairs Cyber-physical attacks can cause disruption ordamage to physical assets thus posing serious threats to public health and safety andor thedesecration of the environment (Peng et al 2015) One of the earliest publicly disclosedcyber-physical attacks took place during the Cold War period when a Soviet oil pipeline
249
Common dataenvironment
vulnerabilities
exploded due to a so-called logic bomb The NIST (2017) framework for enhancing theability of critical infrastructures to withstand cyber-physical attacks proposes that twodistinct dichotomous domains must be secured namely information technologies (IT) andindustrial control systems (ICS) (Rittinghouse and Hancock 2003) Common threats incurredvia IT and ICS include theft of intellectual property massive disruption to existingoperations and destruction degradation or disablement of physical assets and operationalability (Szyliowicz 2013) The European Union Agency for Network and InformationSecurity outlines multiple common sources of nefarious attacks in its malware taxonomyincluding viruses worms trojans botnets spywares scarewares roguewares adwaresand greywares (Marinos 2016)
Such attacks are made possible via a huge cyber-attack surface within cyber-spacewhere every circa 2500 lines of code presents a potential vulnerability that is identified by ahackerrsquos reconnaissance (Nye 2017) Reconnaissance is the first and most important stagefor a successful cyber-attack and seeks to determine the likely strategy for the intrusion(Marinos 2016) Strategies vary but prominent methods include scanning fingerprintingfootprinting sniffing and social engineering (refer to Table I)
Cyber-attack motivations and cyber-actors and incident analysisThe RISI database contains a comprehensive record of cyber-physical attack incidentscategorized as either confirmed or likely but confirmed (RISI 2015) However prominentcommentators contend that attacks are more prevalent than reports suggest and thatvictims are often reluctant to disclose malicious cyber-attacks against themselves due topotential reputational damage being incurred (Reggiani 2013) Cyber-physical attacks aretherefore shrouded in secrecy by states and private companies and many states havealready conceded the current digital arms race against a panoply of cyber-actors (orldquohackersrdquo) including hacktivists malware authors cyber-criminals cyber-militiascyber-terrorists patriot hackers and script kiddies
Cyber-actors are frequently classified within one of three thematic categories namelywhite hats grey hats and black hats where the color of the hat portrays their intrinsicintentions White hats are predominantly legitimately employed security researchers whoperform simulated penetration testing hacks to assess the robustness of an organizationrsquoscyber-enabled systems (Cavelty 2013) They do not have malevolent intentions but rather
LEVELS OF BIM
LOW TO MEDIUM VULNERABILITY MEDIUM TO HIGH VULNERABILITY
BIMLEVEL 0
LOWVULNERABILITY
LOWVULNERABILITY
MEDIUMVULNERABILITY
HIGH RISKVULNERABILITY
BIMLEVEL 1
BIMLEVEL 2
BIMLEVEL 3
URL
SQL
SQL DWG XML
DWG XML
INFORMATIONFORMAT 2D CAD 2D CAD + 3D 3D
LOD
7 ARCHIVED
URL NODES
INTERCONNECTED
COMPUTER
COMPUTER
ARCHIPELAGO
PUBLISHED
SHARED
WORK IN
PROGRESS
LOD
6LO
D 5
LOD
4LO
D 3
LOD
2LO
D 1
INFORMATIONEXCHANGE
PAPER-BASEDCOLLABORATION
i
FILE-BASEDCOLLABORATION
OBJECT MODEL-BASEDCOLLABORATION
NETWORK-BASEDCOLLABORATION
LOW
TO
ME
DIU
MV
ULN
ER
AB
ILIT
YM
ED
IUN
TO
HIG
HV
ULN
ER
AB
ILIT
Y
Figure 1Cyber vulnerabilitiesof CDE environmentadapted from BSIlevels of BIM
250
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyacross
thefour
journaltyp
es547
404
50
404
595
285
ArchitectureEng
ineering
Co
nstructio
nandOwner-
operated
(AECO
)
Chongetal(2014)
Autom
ationin
Construction
||
|How
elletal(2017)
Autom
ationin
Construction
||
||
Kochovski
and
Stankovski
(2018)
Autom
ationin
Construction
||
|
Fisk
(2012)
Intelligent
Buildings
Internationa
l|
Mike(2006)
Journa
lofFa
cilities
Man
agem
ent
||
|
Eom
andPa
ek(2006)
Journa
lofInform
ation
Techn
ologyin
Construction
(ITcon)
||
Jaatun
etal(2014)
Procedia
Engineering
||
||
Koo
etal(2015)
Procedia
Engineering
||
||
Nicał
andWodyń
ski
(2016)
Procedia
Engineering
||
Wangetal(2011)
Procedia
Engineering
||
|Percentage
frequencyin
AECO
journals
20
40
30
50
90
60
Transportandinfrastructure
Pateletal(2009)
Com
mun
ications
oftheACM
||
|WangandLu
(2013)
Com
puterNetworks
||
||
Liuetal(2012)
IEEEC
ommun
ications
Surveysamp
Tutorials
||
|
Jones(2016)
IEEEE
ngineering
ampTechn
ology
||
||
|
Paridarietal(2016)
IEEEInterna
tiona
lConferenceon
Cyber-Physical
System
s(ICCPS
)
||
||
Ryan(2017)
InternationalJournalof
Critical
Infrastructure
Protection
||
|
Papa
(2013)
TransportPo
licy
||
(con
tinued)
Table IEmerging thematic
groups in extantliterature
251
Common dataenvironment
vulnerabilities
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Reggiani(2013)
TransportPo
licy
|Reniers
andDullaert
(2013)
TransportPo
licy
||
Szyliowicz(2013)
TransportPo
licy
||
ZampariniandSh
iftan
(2013)
TransportPo
licy
|
Percentage
frequencyin
transportandinfrastructure
journals
545
545
818
272
363
181
Inform
ationtechnology
Hun
ton(2012)
Com
puterLa
wamp
Security
Review
||
|
Weber
andStud
er(2016)
Com
puterLa
wamp
Security
Review
||
||
Metke
andEkl
(2010)
IEEETransactio
nson
Smart
Grid
||
Tan
etal(2018)
IEEETransactio
nson
Smart
Grid
||
|
Xue
etal(2016)
IEEETrustcomBigDataS
E
ISPA
||
||
Ani
etal(2017)
Journa
lofCyber
Security
Techn
ology
||
||
|
Govinda
(2015)
Procedia
Techn
ology
||
||
Rasmia
ndJantan
(2013)
Procedia
Techn
ology
||
Safavi
etal(2013)
Procedia
Techn
ology
|Sh
itharth
and
Winston
(2015)
Procedia
Techn
ology
||
||
(con
tinued)
Table I
252
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyin
inform
ationtechnology
journals
40
60
80
20
90
30
Political
scienceinternational
relatio
nsBrantly
(2014)
Dem
ocracy
andSecurity
||
|Kello
(2013)
Internationa
lSecurity
|Lind
say(2015)
Internationa
lSecurity
||
||
|Nye
(2017)
Internationa
lSecurity
||
|Ca
velty
(2013)
Internationa
lStudies
Review
|Ca
nfil(2016)
Journa
lofInternationa
lAffairs
|
Hjortdal(2011)
Journa
lofStrategicSecurity
||
McG
raw
(2013)
Journa
lofStrategicStud
ies
||
Stoddart(2016)
PoliticalScienceQua
rterly
||
BetzandStevens
(2013)
Security
Dialog
||
|
Lind
say(2013)
Security
Stud
ies
||
Percentage
frequencyin
political
scienceinternationalrelations
journals
100
9182
636
272
9
Table I
253
Common dataenvironment
vulnerabilities
act on behalf of security companies and concomitant public interest (F-Secure 2014)Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and actas vigilantes to puncture prevailing power structures (such as Government) byembarrassing them with distributed denial of service (DDos) attacks web defacementsmalware ransomware and trojans These hacktivists often dabble with illegal means tohack but believe that they are addressing a social injustice andor otherwise supporting agood cause Black hats are often affiliated with a criminal fraternity or have other maliciousintent (Cavelty 2013) These criminals deploy the same tools used by grey and white hathackers but with the deliberate intention to cause harm vandalism sabotage websiteshutdown fraud or other illegitimate activities Many states have increasingly focused upongrey hats who have become the new uncontrolled source of hacking (Betz and Stevens2013) Table II highlights a number of prominent critical infrastructures hacks extractedfrom the RISI database and cross references these against the motivations and cyber-actors
Blurred lines governments and civiliansState and non-state actors represent a two pronged source of malicious attacks or threatsfacing the AECO sector motivations for these actors are fueled by various catalystsincluding patriotism liberal activism political ideology criminal intent and hobby interests(Hjortdal 2011 Rahimi 2011) A state is a political entity (ldquogovernmentrdquo) that hassovereignty over an area of territory and the people within it (Rahimi 2011) Within thisentity state actors are persons who are authorized to act on its behalf and are thereforesubject to regulatory control measures (Betz and Stevens 2013) A state actorrsquos role can bemyriad but often it strives to create positive policy outcomes through approaches such associal movement coalitions (cf Stearns and Almeida 2004) Conversely non-state actors arepersons or organizations who have sufficient political influence to act or participate ininternational relations for the purpose of exerting influence or causing change even thoughthey are not part of government or an established institution (Betz and Stevens 2013) Threekey types of legitimate non-state actors exist intergovernmental organizations such as theUnited Nations World Bank Group and International Monetary Fund which are establishedby a state usually through a treaty (Betz and Stevens 2013) international non-governmentorganizations such as Amnesty International Oxfam and Greenpeace which are non-profitvoluntary organizations that advocate or otherwise pursue the public good (ie economicdevelopment and humanitarian aid) (UN) and multinational corporations who pursue theirown business interests largely outside the control of national states (UN) Illegitimatenon-state actors include terrorist groups and hacktivists acting upon a range of differentmotivations including personal gain digital coercion malevolence and indoctrination ofothers using ideological doctrine (Brantly 2014) Since the millennium governmentsglobally have become increasingly aware of cyber-crime and threats stemming from suchnon-state actors Some of the more notable actors include Anonymous (Betz and Stevens2013) Ghost Net (Hunton 2012) The Red Hacker Alliance (Fisher 2018) Fancy BearldquoПрикольный медведьrdquo (Canfil 2016) and Iranian Cyber Army (Rahimi 2011)
However the boundary delineation between state actors and non-state actors engagingin cyber-physical attacks has become increasingly blurred (Betz and Stevens 2013 Papa2013) Such attribution has wider implications for the national security of states andnational responsibility for non-state actors who often act on behalf of the state underincitement of nationalistic and ideological motivation (Brantly 2014) Henderson (2008)aptly describes such blurred lines between governments and civilians by using Chinesecyber-patriot hackers as an exemplar
The alliance is exactly who and what they claim to be an independent confederation of patrioticyouth dedicated to defending China against what it perceives as threats to national pride
254
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
various stages of an infrastructure assetrsquos lifecycle this transition is further fortified by BIMtechnology and the use of a CDE that can improve information and performance management(Paumlrn and Edwards 2017) The palpable benefits of BIM and CDE extend beyond the designand construction phases into the operations phase of asset occupancy and use BIMtechnologyrsquos innate capability is essential during the assetrsquos operational phase whichconstitutes up to 80 percent of the overall whole lifecycle expenditure In congruence with thisstatistic the McNulty (2011) report ambitiously predicts that the potential savings associatedwith digital asset management and supply chain management may reach up to pound580mbetween 2018 and 2019 and will be facilitated through effective communications the rightspeed of action a focus on detail and change and incentives and contractual mechanisms thatencourage cost reduction For the purpose of this review digitization is acknowledged toproliferate throughout all stages of an infrastructure assetrsquos lifecycle in a smart cities anddigital economies context such has potentially severe implications businesses andgovernments who may be exposed to cyber-crime and -espionage
Smart cities and digital economiesThe British Standards Institute (BSI 2014a) defines smart cities as
The effective integration of physical digital and human systems in the built environment to delivera sustainable prosperous and inclusive future for its citizens
Within practice the term smart cities is a linguistic locution that encapsulates fullyintegrated and networked connectivity between digital infrastructure assets and physicalinfrastructure assets to form digital economies (BSI 2014a) A perspicacious hive mentalityis inextricably embedded within smart city philosophy and serves to augment intelligentanalysis of real-time data and information generated to rapidly optimize decisions in a costeffective manner (Szyliowicz 2013 Zamparini and Shiftan 2013) Consequently smart citieswithin the digital built environment form a cornerstone of a digital economy that seeks toprovide more with less maximize resource availability reduce cost and carbon emissions(whole lifecycle) enable significant domestic and international growth and ensure that aneconomy remains in the international vanguard (HM Government 2015) The unrelentingpace of digitization worldwide is set to continue with an expected $400bn (US Dollars)investment allocated for smart city development by 2020 where smart infrastructure willconsist of circa 12 percent of the cost (DBIS 2013) Yet despite this substantial forecastexpenditure scant academic attention has hitherto been paid to the complex array ofinterconnected arteries of infrastructural asset management (eg roads ports rail aviationand telecommunications) that provide an essential gateway to global markets (DBIS 2013)
The omnipresent threat of cyber-espionage and crimePrior to meticulous review of papers an established understanding of the omnipresent threatof cyber-espionage and crime is required The implementation of smart city technologies hasinadvertently increased the risk of cyber-attack facilitated through expansive networkedsystems (Mayo 2016) However cyber-crime has been largely overlooked within the builtenvironment and academic consensus concurs that a cavernous gap exists between the stateof security in practice and the achieved level of security maturity in standards (Markets andMarkets 2014) Security specialists and practitioners operating smart buildings grids andinfrastructures are said to coexist in a redundant dichotomy Instead academic and policyattention has focused upon either hypothesized scenarios within international securitystudies (eg the protection of military industrial and commercial secrets) (Rid 2012) policyplanning for cyber-warfare (McGraw 2013) andor the safety of computer systems ornetworks per se rather than cyber-physical attack (activities that could severely impactupon nuclear enrichment hospital operations public building operation and maintenance
248
ECAM262
and traffic management) (Stoddart 2016) Threats from cyber-crime have arisen partiallybecause of the increased adoption rate of networked devices but also as a result of industryrsquosoperational dependency upon IT systems (Boyes 2013b)
Cyber-criminals are particularly adept at harnessing the intrinsic intangible value of digitalassets (BSI 2015) and can decipher the digital economy and its intricacies more perceptivelythan their counterpart industrialists and businesses that are under attack (Kello 2013) Themost recent ldquoWannaCryrdquo ransomware attack personified the sophisticated measures deployedby cyber-criminals in navigating networks and identifying extracting and monetizing datafound (Hunton 2012) While the inherent value of digital assets to owners and creators is oftenindeterminate cyber-criminals manipulate data and information to encrypt ransom or sell itpiecemeal (Marinos 2016) Several prominent instances of unsecure critical infrastructureassets being physically damaged by persistent cyber-crime have been widely reportedupon (Peng et al 2015) These include the STUXNET worm that disarmed the Iranianindustrialmilitary assets at a nuclear facility (Lindsay 2013) and the malware ldquoWannaCryrdquothat caused significant damage to the UKrsquos National Health Service patient databases Germanrailway operations and businesses globally (Clarke and Youngstein 2017) Cyber-attacksremain an omnipresent national security threat to a digital economyrsquos prosperity and digitalbuilt environmentrsquos functionality and safety Reporting upon a veritable plethora of threatsposed presents significant challenges as cyber-attacks engender greater anonymity as amalicious activity (Fisk 2012) Nevertheless known cases and revolutionary deterrents willform the premise upon which this literature review is based
Cyber-space cyber-physical attacks and critical infrastructure hacksIn the UK security analysts fromMI5 andMI6 have warned that industrial cyber-espionage isincreasing in prevalence sophistication and maturity and could enable an entire shutdown ofcritical infrastructure and services including power transport food and water supplies(Hjortdal 2011) A number of pre-eminent politically driven infrastructure intrusions supportthis assertion and serve as illustrative examples that a prediction of a global pandemic mayprove to be distressingly accurate These intrusions include the Russian led cyber-attacks ondigital infrastructures (banking news outlets electronic voting systems) in Estonia in 2007(Lesk 2007) the Chinese led hacking of the US electricity network in 2009 (Hjortdal 2011) andthe USA led intrusion of Iranian nuclear plant facilities in 2005 (Denning 2012)
Cyber-space constitutes the global virtual computer based and networked environmentconsisting of ldquoopenrdquo and ldquoair gappedrdquo internet which directly or indirectly interconnectssystems networks and other infrastructures critical to societyrsquos needs (EuropeanCommission 2013) Within the vast expanse of cyber-space Kello (2013) proffers thatthree partially overlapping territories coexist namely the world wide web of nodesaccessible via URL the internet consisting of interconnected computers and theldquocyber-archipelagordquo of computer systems existing in isolation from the internet residingwithin a so-called air gap A CDE hosted on any of the aforementioned territories isprecariously exposed to cyber-physical attack (Figure 1)
Cyber-attack utilizes code to interfere with the functionality of a computer system forstrategic ambiguous experimental or political purposes (Nye 2017) Gandhi et al (2011)expand upon this definition stating that cyber-attack constitutes ldquoany act by an insider oran outsider that compromises the security expectations of an individual organization ornationrdquo Cyber-attacks can take many forms for example from publicized web defacementsinformation leaks denial of service (DoS) attacks and other cyber actions sometimes relatedto national security or military affairs Cyber-physical attacks can cause disruption ordamage to physical assets thus posing serious threats to public health and safety andor thedesecration of the environment (Peng et al 2015) One of the earliest publicly disclosedcyber-physical attacks took place during the Cold War period when a Soviet oil pipeline
249
Common dataenvironment
vulnerabilities
exploded due to a so-called logic bomb The NIST (2017) framework for enhancing theability of critical infrastructures to withstand cyber-physical attacks proposes that twodistinct dichotomous domains must be secured namely information technologies (IT) andindustrial control systems (ICS) (Rittinghouse and Hancock 2003) Common threats incurredvia IT and ICS include theft of intellectual property massive disruption to existingoperations and destruction degradation or disablement of physical assets and operationalability (Szyliowicz 2013) The European Union Agency for Network and InformationSecurity outlines multiple common sources of nefarious attacks in its malware taxonomyincluding viruses worms trojans botnets spywares scarewares roguewares adwaresand greywares (Marinos 2016)
Such attacks are made possible via a huge cyber-attack surface within cyber-spacewhere every circa 2500 lines of code presents a potential vulnerability that is identified by ahackerrsquos reconnaissance (Nye 2017) Reconnaissance is the first and most important stagefor a successful cyber-attack and seeks to determine the likely strategy for the intrusion(Marinos 2016) Strategies vary but prominent methods include scanning fingerprintingfootprinting sniffing and social engineering (refer to Table I)
Cyber-attack motivations and cyber-actors and incident analysisThe RISI database contains a comprehensive record of cyber-physical attack incidentscategorized as either confirmed or likely but confirmed (RISI 2015) However prominentcommentators contend that attacks are more prevalent than reports suggest and thatvictims are often reluctant to disclose malicious cyber-attacks against themselves due topotential reputational damage being incurred (Reggiani 2013) Cyber-physical attacks aretherefore shrouded in secrecy by states and private companies and many states havealready conceded the current digital arms race against a panoply of cyber-actors (orldquohackersrdquo) including hacktivists malware authors cyber-criminals cyber-militiascyber-terrorists patriot hackers and script kiddies
Cyber-actors are frequently classified within one of three thematic categories namelywhite hats grey hats and black hats where the color of the hat portrays their intrinsicintentions White hats are predominantly legitimately employed security researchers whoperform simulated penetration testing hacks to assess the robustness of an organizationrsquoscyber-enabled systems (Cavelty 2013) They do not have malevolent intentions but rather
LEVELS OF BIM
LOW TO MEDIUM VULNERABILITY MEDIUM TO HIGH VULNERABILITY
BIMLEVEL 0
LOWVULNERABILITY
LOWVULNERABILITY
MEDIUMVULNERABILITY
HIGH RISKVULNERABILITY
BIMLEVEL 1
BIMLEVEL 2
BIMLEVEL 3
URL
SQL
SQL DWG XML
DWG XML
INFORMATIONFORMAT 2D CAD 2D CAD + 3D 3D
LOD
7 ARCHIVED
URL NODES
INTERCONNECTED
COMPUTER
COMPUTER
ARCHIPELAGO
PUBLISHED
SHARED
WORK IN
PROGRESS
LOD
6LO
D 5
LOD
4LO
D 3
LOD
2LO
D 1
INFORMATIONEXCHANGE
PAPER-BASEDCOLLABORATION
i
FILE-BASEDCOLLABORATION
OBJECT MODEL-BASEDCOLLABORATION
NETWORK-BASEDCOLLABORATION
LOW
TO
ME
DIU
MV
ULN
ER
AB
ILIT
YM
ED
IUN
TO
HIG
HV
ULN
ER
AB
ILIT
Y
Figure 1Cyber vulnerabilitiesof CDE environmentadapted from BSIlevels of BIM
250
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyacross
thefour
journaltyp
es547
404
50
404
595
285
ArchitectureEng
ineering
Co
nstructio
nandOwner-
operated
(AECO
)
Chongetal(2014)
Autom
ationin
Construction
||
|How
elletal(2017)
Autom
ationin
Construction
||
||
Kochovski
and
Stankovski
(2018)
Autom
ationin
Construction
||
|
Fisk
(2012)
Intelligent
Buildings
Internationa
l|
Mike(2006)
Journa
lofFa
cilities
Man
agem
ent
||
|
Eom
andPa
ek(2006)
Journa
lofInform
ation
Techn
ologyin
Construction
(ITcon)
||
Jaatun
etal(2014)
Procedia
Engineering
||
||
Koo
etal(2015)
Procedia
Engineering
||
||
Nicał
andWodyń
ski
(2016)
Procedia
Engineering
||
Wangetal(2011)
Procedia
Engineering
||
|Percentage
frequencyin
AECO
journals
20
40
30
50
90
60
Transportandinfrastructure
Pateletal(2009)
Com
mun
ications
oftheACM
||
|WangandLu
(2013)
Com
puterNetworks
||
||
Liuetal(2012)
IEEEC
ommun
ications
Surveysamp
Tutorials
||
|
Jones(2016)
IEEEE
ngineering
ampTechn
ology
||
||
|
Paridarietal(2016)
IEEEInterna
tiona
lConferenceon
Cyber-Physical
System
s(ICCPS
)
||
||
Ryan(2017)
InternationalJournalof
Critical
Infrastructure
Protection
||
|
Papa
(2013)
TransportPo
licy
||
(con
tinued)
Table IEmerging thematic
groups in extantliterature
251
Common dataenvironment
vulnerabilities
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Reggiani(2013)
TransportPo
licy
|Reniers
andDullaert
(2013)
TransportPo
licy
||
Szyliowicz(2013)
TransportPo
licy
||
ZampariniandSh
iftan
(2013)
TransportPo
licy
|
Percentage
frequencyin
transportandinfrastructure
journals
545
545
818
272
363
181
Inform
ationtechnology
Hun
ton(2012)
Com
puterLa
wamp
Security
Review
||
|
Weber
andStud
er(2016)
Com
puterLa
wamp
Security
Review
||
||
Metke
andEkl
(2010)
IEEETransactio
nson
Smart
Grid
||
Tan
etal(2018)
IEEETransactio
nson
Smart
Grid
||
|
Xue
etal(2016)
IEEETrustcomBigDataS
E
ISPA
||
||
Ani
etal(2017)
Journa
lofCyber
Security
Techn
ology
||
||
|
Govinda
(2015)
Procedia
Techn
ology
||
||
Rasmia
ndJantan
(2013)
Procedia
Techn
ology
||
Safavi
etal(2013)
Procedia
Techn
ology
|Sh
itharth
and
Winston
(2015)
Procedia
Techn
ology
||
||
(con
tinued)
Table I
252
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyin
inform
ationtechnology
journals
40
60
80
20
90
30
Political
scienceinternational
relatio
nsBrantly
(2014)
Dem
ocracy
andSecurity
||
|Kello
(2013)
Internationa
lSecurity
|Lind
say(2015)
Internationa
lSecurity
||
||
|Nye
(2017)
Internationa
lSecurity
||
|Ca
velty
(2013)
Internationa
lStudies
Review
|Ca
nfil(2016)
Journa
lofInternationa
lAffairs
|
Hjortdal(2011)
Journa
lofStrategicSecurity
||
McG
raw
(2013)
Journa
lofStrategicStud
ies
||
Stoddart(2016)
PoliticalScienceQua
rterly
||
BetzandStevens
(2013)
Security
Dialog
||
|
Lind
say(2013)
Security
Stud
ies
||
Percentage
frequencyin
political
scienceinternationalrelations
journals
100
9182
636
272
9
Table I
253
Common dataenvironment
vulnerabilities
act on behalf of security companies and concomitant public interest (F-Secure 2014)Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and actas vigilantes to puncture prevailing power structures (such as Government) byembarrassing them with distributed denial of service (DDos) attacks web defacementsmalware ransomware and trojans These hacktivists often dabble with illegal means tohack but believe that they are addressing a social injustice andor otherwise supporting agood cause Black hats are often affiliated with a criminal fraternity or have other maliciousintent (Cavelty 2013) These criminals deploy the same tools used by grey and white hathackers but with the deliberate intention to cause harm vandalism sabotage websiteshutdown fraud or other illegitimate activities Many states have increasingly focused upongrey hats who have become the new uncontrolled source of hacking (Betz and Stevens2013) Table II highlights a number of prominent critical infrastructures hacks extractedfrom the RISI database and cross references these against the motivations and cyber-actors
Blurred lines governments and civiliansState and non-state actors represent a two pronged source of malicious attacks or threatsfacing the AECO sector motivations for these actors are fueled by various catalystsincluding patriotism liberal activism political ideology criminal intent and hobby interests(Hjortdal 2011 Rahimi 2011) A state is a political entity (ldquogovernmentrdquo) that hassovereignty over an area of territory and the people within it (Rahimi 2011) Within thisentity state actors are persons who are authorized to act on its behalf and are thereforesubject to regulatory control measures (Betz and Stevens 2013) A state actorrsquos role can bemyriad but often it strives to create positive policy outcomes through approaches such associal movement coalitions (cf Stearns and Almeida 2004) Conversely non-state actors arepersons or organizations who have sufficient political influence to act or participate ininternational relations for the purpose of exerting influence or causing change even thoughthey are not part of government or an established institution (Betz and Stevens 2013) Threekey types of legitimate non-state actors exist intergovernmental organizations such as theUnited Nations World Bank Group and International Monetary Fund which are establishedby a state usually through a treaty (Betz and Stevens 2013) international non-governmentorganizations such as Amnesty International Oxfam and Greenpeace which are non-profitvoluntary organizations that advocate or otherwise pursue the public good (ie economicdevelopment and humanitarian aid) (UN) and multinational corporations who pursue theirown business interests largely outside the control of national states (UN) Illegitimatenon-state actors include terrorist groups and hacktivists acting upon a range of differentmotivations including personal gain digital coercion malevolence and indoctrination ofothers using ideological doctrine (Brantly 2014) Since the millennium governmentsglobally have become increasingly aware of cyber-crime and threats stemming from suchnon-state actors Some of the more notable actors include Anonymous (Betz and Stevens2013) Ghost Net (Hunton 2012) The Red Hacker Alliance (Fisher 2018) Fancy BearldquoПрикольный медведьrdquo (Canfil 2016) and Iranian Cyber Army (Rahimi 2011)
However the boundary delineation between state actors and non-state actors engagingin cyber-physical attacks has become increasingly blurred (Betz and Stevens 2013 Papa2013) Such attribution has wider implications for the national security of states andnational responsibility for non-state actors who often act on behalf of the state underincitement of nationalistic and ideological motivation (Brantly 2014) Henderson (2008)aptly describes such blurred lines between governments and civilians by using Chinesecyber-patriot hackers as an exemplar
The alliance is exactly who and what they claim to be an independent confederation of patrioticyouth dedicated to defending China against what it perceives as threats to national pride
254
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
and traffic management) (Stoddart 2016) Threats from cyber-crime have arisen partiallybecause of the increased adoption rate of networked devices but also as a result of industryrsquosoperational dependency upon IT systems (Boyes 2013b)
Cyber-criminals are particularly adept at harnessing the intrinsic intangible value of digitalassets (BSI 2015) and can decipher the digital economy and its intricacies more perceptivelythan their counterpart industrialists and businesses that are under attack (Kello 2013) Themost recent ldquoWannaCryrdquo ransomware attack personified the sophisticated measures deployedby cyber-criminals in navigating networks and identifying extracting and monetizing datafound (Hunton 2012) While the inherent value of digital assets to owners and creators is oftenindeterminate cyber-criminals manipulate data and information to encrypt ransom or sell itpiecemeal (Marinos 2016) Several prominent instances of unsecure critical infrastructureassets being physically damaged by persistent cyber-crime have been widely reportedupon (Peng et al 2015) These include the STUXNET worm that disarmed the Iranianindustrialmilitary assets at a nuclear facility (Lindsay 2013) and the malware ldquoWannaCryrdquothat caused significant damage to the UKrsquos National Health Service patient databases Germanrailway operations and businesses globally (Clarke and Youngstein 2017) Cyber-attacksremain an omnipresent national security threat to a digital economyrsquos prosperity and digitalbuilt environmentrsquos functionality and safety Reporting upon a veritable plethora of threatsposed presents significant challenges as cyber-attacks engender greater anonymity as amalicious activity (Fisk 2012) Nevertheless known cases and revolutionary deterrents willform the premise upon which this literature review is based
Cyber-space cyber-physical attacks and critical infrastructure hacksIn the UK security analysts fromMI5 andMI6 have warned that industrial cyber-espionage isincreasing in prevalence sophistication and maturity and could enable an entire shutdown ofcritical infrastructure and services including power transport food and water supplies(Hjortdal 2011) A number of pre-eminent politically driven infrastructure intrusions supportthis assertion and serve as illustrative examples that a prediction of a global pandemic mayprove to be distressingly accurate These intrusions include the Russian led cyber-attacks ondigital infrastructures (banking news outlets electronic voting systems) in Estonia in 2007(Lesk 2007) the Chinese led hacking of the US electricity network in 2009 (Hjortdal 2011) andthe USA led intrusion of Iranian nuclear plant facilities in 2005 (Denning 2012)
Cyber-space constitutes the global virtual computer based and networked environmentconsisting of ldquoopenrdquo and ldquoair gappedrdquo internet which directly or indirectly interconnectssystems networks and other infrastructures critical to societyrsquos needs (EuropeanCommission 2013) Within the vast expanse of cyber-space Kello (2013) proffers thatthree partially overlapping territories coexist namely the world wide web of nodesaccessible via URL the internet consisting of interconnected computers and theldquocyber-archipelagordquo of computer systems existing in isolation from the internet residingwithin a so-called air gap A CDE hosted on any of the aforementioned territories isprecariously exposed to cyber-physical attack (Figure 1)
Cyber-attack utilizes code to interfere with the functionality of a computer system forstrategic ambiguous experimental or political purposes (Nye 2017) Gandhi et al (2011)expand upon this definition stating that cyber-attack constitutes ldquoany act by an insider oran outsider that compromises the security expectations of an individual organization ornationrdquo Cyber-attacks can take many forms for example from publicized web defacementsinformation leaks denial of service (DoS) attacks and other cyber actions sometimes relatedto national security or military affairs Cyber-physical attacks can cause disruption ordamage to physical assets thus posing serious threats to public health and safety andor thedesecration of the environment (Peng et al 2015) One of the earliest publicly disclosedcyber-physical attacks took place during the Cold War period when a Soviet oil pipeline
249
Common dataenvironment
vulnerabilities
exploded due to a so-called logic bomb The NIST (2017) framework for enhancing theability of critical infrastructures to withstand cyber-physical attacks proposes that twodistinct dichotomous domains must be secured namely information technologies (IT) andindustrial control systems (ICS) (Rittinghouse and Hancock 2003) Common threats incurredvia IT and ICS include theft of intellectual property massive disruption to existingoperations and destruction degradation or disablement of physical assets and operationalability (Szyliowicz 2013) The European Union Agency for Network and InformationSecurity outlines multiple common sources of nefarious attacks in its malware taxonomyincluding viruses worms trojans botnets spywares scarewares roguewares adwaresand greywares (Marinos 2016)
Such attacks are made possible via a huge cyber-attack surface within cyber-spacewhere every circa 2500 lines of code presents a potential vulnerability that is identified by ahackerrsquos reconnaissance (Nye 2017) Reconnaissance is the first and most important stagefor a successful cyber-attack and seeks to determine the likely strategy for the intrusion(Marinos 2016) Strategies vary but prominent methods include scanning fingerprintingfootprinting sniffing and social engineering (refer to Table I)
Cyber-attack motivations and cyber-actors and incident analysisThe RISI database contains a comprehensive record of cyber-physical attack incidentscategorized as either confirmed or likely but confirmed (RISI 2015) However prominentcommentators contend that attacks are more prevalent than reports suggest and thatvictims are often reluctant to disclose malicious cyber-attacks against themselves due topotential reputational damage being incurred (Reggiani 2013) Cyber-physical attacks aretherefore shrouded in secrecy by states and private companies and many states havealready conceded the current digital arms race against a panoply of cyber-actors (orldquohackersrdquo) including hacktivists malware authors cyber-criminals cyber-militiascyber-terrorists patriot hackers and script kiddies
Cyber-actors are frequently classified within one of three thematic categories namelywhite hats grey hats and black hats where the color of the hat portrays their intrinsicintentions White hats are predominantly legitimately employed security researchers whoperform simulated penetration testing hacks to assess the robustness of an organizationrsquoscyber-enabled systems (Cavelty 2013) They do not have malevolent intentions but rather
LEVELS OF BIM
LOW TO MEDIUM VULNERABILITY MEDIUM TO HIGH VULNERABILITY
BIMLEVEL 0
LOWVULNERABILITY
LOWVULNERABILITY
MEDIUMVULNERABILITY
HIGH RISKVULNERABILITY
BIMLEVEL 1
BIMLEVEL 2
BIMLEVEL 3
URL
SQL
SQL DWG XML
DWG XML
INFORMATIONFORMAT 2D CAD 2D CAD + 3D 3D
LOD
7 ARCHIVED
URL NODES
INTERCONNECTED
COMPUTER
COMPUTER
ARCHIPELAGO
PUBLISHED
SHARED
WORK IN
PROGRESS
LOD
6LO
D 5
LOD
4LO
D 3
LOD
2LO
D 1
INFORMATIONEXCHANGE
PAPER-BASEDCOLLABORATION
i
FILE-BASEDCOLLABORATION
OBJECT MODEL-BASEDCOLLABORATION
NETWORK-BASEDCOLLABORATION
LOW
TO
ME
DIU
MV
ULN
ER
AB
ILIT
YM
ED
IUN
TO
HIG
HV
ULN
ER
AB
ILIT
Y
Figure 1Cyber vulnerabilitiesof CDE environmentadapted from BSIlevels of BIM
250
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyacross
thefour
journaltyp
es547
404
50
404
595
285
ArchitectureEng
ineering
Co
nstructio
nandOwner-
operated
(AECO
)
Chongetal(2014)
Autom
ationin
Construction
||
|How
elletal(2017)
Autom
ationin
Construction
||
||
Kochovski
and
Stankovski
(2018)
Autom
ationin
Construction
||
|
Fisk
(2012)
Intelligent
Buildings
Internationa
l|
Mike(2006)
Journa
lofFa
cilities
Man
agem
ent
||
|
Eom
andPa
ek(2006)
Journa
lofInform
ation
Techn
ologyin
Construction
(ITcon)
||
Jaatun
etal(2014)
Procedia
Engineering
||
||
Koo
etal(2015)
Procedia
Engineering
||
||
Nicał
andWodyń
ski
(2016)
Procedia
Engineering
||
Wangetal(2011)
Procedia
Engineering
||
|Percentage
frequencyin
AECO
journals
20
40
30
50
90
60
Transportandinfrastructure
Pateletal(2009)
Com
mun
ications
oftheACM
||
|WangandLu
(2013)
Com
puterNetworks
||
||
Liuetal(2012)
IEEEC
ommun
ications
Surveysamp
Tutorials
||
|
Jones(2016)
IEEEE
ngineering
ampTechn
ology
||
||
|
Paridarietal(2016)
IEEEInterna
tiona
lConferenceon
Cyber-Physical
System
s(ICCPS
)
||
||
Ryan(2017)
InternationalJournalof
Critical
Infrastructure
Protection
||
|
Papa
(2013)
TransportPo
licy
||
(con
tinued)
Table IEmerging thematic
groups in extantliterature
251
Common dataenvironment
vulnerabilities
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Reggiani(2013)
TransportPo
licy
|Reniers
andDullaert
(2013)
TransportPo
licy
||
Szyliowicz(2013)
TransportPo
licy
||
ZampariniandSh
iftan
(2013)
TransportPo
licy
|
Percentage
frequencyin
transportandinfrastructure
journals
545
545
818
272
363
181
Inform
ationtechnology
Hun
ton(2012)
Com
puterLa
wamp
Security
Review
||
|
Weber
andStud
er(2016)
Com
puterLa
wamp
Security
Review
||
||
Metke
andEkl
(2010)
IEEETransactio
nson
Smart
Grid
||
Tan
etal(2018)
IEEETransactio
nson
Smart
Grid
||
|
Xue
etal(2016)
IEEETrustcomBigDataS
E
ISPA
||
||
Ani
etal(2017)
Journa
lofCyber
Security
Techn
ology
||
||
|
Govinda
(2015)
Procedia
Techn
ology
||
||
Rasmia
ndJantan
(2013)
Procedia
Techn
ology
||
Safavi
etal(2013)
Procedia
Techn
ology
|Sh
itharth
and
Winston
(2015)
Procedia
Techn
ology
||
||
(con
tinued)
Table I
252
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyin
inform
ationtechnology
journals
40
60
80
20
90
30
Political
scienceinternational
relatio
nsBrantly
(2014)
Dem
ocracy
andSecurity
||
|Kello
(2013)
Internationa
lSecurity
|Lind
say(2015)
Internationa
lSecurity
||
||
|Nye
(2017)
Internationa
lSecurity
||
|Ca
velty
(2013)
Internationa
lStudies
Review
|Ca
nfil(2016)
Journa
lofInternationa
lAffairs
|
Hjortdal(2011)
Journa
lofStrategicSecurity
||
McG
raw
(2013)
Journa
lofStrategicStud
ies
||
Stoddart(2016)
PoliticalScienceQua
rterly
||
BetzandStevens
(2013)
Security
Dialog
||
|
Lind
say(2013)
Security
Stud
ies
||
Percentage
frequencyin
political
scienceinternationalrelations
journals
100
9182
636
272
9
Table I
253
Common dataenvironment
vulnerabilities
act on behalf of security companies and concomitant public interest (F-Secure 2014)Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and actas vigilantes to puncture prevailing power structures (such as Government) byembarrassing them with distributed denial of service (DDos) attacks web defacementsmalware ransomware and trojans These hacktivists often dabble with illegal means tohack but believe that they are addressing a social injustice andor otherwise supporting agood cause Black hats are often affiliated with a criminal fraternity or have other maliciousintent (Cavelty 2013) These criminals deploy the same tools used by grey and white hathackers but with the deliberate intention to cause harm vandalism sabotage websiteshutdown fraud or other illegitimate activities Many states have increasingly focused upongrey hats who have become the new uncontrolled source of hacking (Betz and Stevens2013) Table II highlights a number of prominent critical infrastructures hacks extractedfrom the RISI database and cross references these against the motivations and cyber-actors
Blurred lines governments and civiliansState and non-state actors represent a two pronged source of malicious attacks or threatsfacing the AECO sector motivations for these actors are fueled by various catalystsincluding patriotism liberal activism political ideology criminal intent and hobby interests(Hjortdal 2011 Rahimi 2011) A state is a political entity (ldquogovernmentrdquo) that hassovereignty over an area of territory and the people within it (Rahimi 2011) Within thisentity state actors are persons who are authorized to act on its behalf and are thereforesubject to regulatory control measures (Betz and Stevens 2013) A state actorrsquos role can bemyriad but often it strives to create positive policy outcomes through approaches such associal movement coalitions (cf Stearns and Almeida 2004) Conversely non-state actors arepersons or organizations who have sufficient political influence to act or participate ininternational relations for the purpose of exerting influence or causing change even thoughthey are not part of government or an established institution (Betz and Stevens 2013) Threekey types of legitimate non-state actors exist intergovernmental organizations such as theUnited Nations World Bank Group and International Monetary Fund which are establishedby a state usually through a treaty (Betz and Stevens 2013) international non-governmentorganizations such as Amnesty International Oxfam and Greenpeace which are non-profitvoluntary organizations that advocate or otherwise pursue the public good (ie economicdevelopment and humanitarian aid) (UN) and multinational corporations who pursue theirown business interests largely outside the control of national states (UN) Illegitimatenon-state actors include terrorist groups and hacktivists acting upon a range of differentmotivations including personal gain digital coercion malevolence and indoctrination ofothers using ideological doctrine (Brantly 2014) Since the millennium governmentsglobally have become increasingly aware of cyber-crime and threats stemming from suchnon-state actors Some of the more notable actors include Anonymous (Betz and Stevens2013) Ghost Net (Hunton 2012) The Red Hacker Alliance (Fisher 2018) Fancy BearldquoПрикольный медведьrdquo (Canfil 2016) and Iranian Cyber Army (Rahimi 2011)
However the boundary delineation between state actors and non-state actors engagingin cyber-physical attacks has become increasingly blurred (Betz and Stevens 2013 Papa2013) Such attribution has wider implications for the national security of states andnational responsibility for non-state actors who often act on behalf of the state underincitement of nationalistic and ideological motivation (Brantly 2014) Henderson (2008)aptly describes such blurred lines between governments and civilians by using Chinesecyber-patriot hackers as an exemplar
The alliance is exactly who and what they claim to be an independent confederation of patrioticyouth dedicated to defending China against what it perceives as threats to national pride
254
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
exploded due to a so-called logic bomb The NIST (2017) framework for enhancing theability of critical infrastructures to withstand cyber-physical attacks proposes that twodistinct dichotomous domains must be secured namely information technologies (IT) andindustrial control systems (ICS) (Rittinghouse and Hancock 2003) Common threats incurredvia IT and ICS include theft of intellectual property massive disruption to existingoperations and destruction degradation or disablement of physical assets and operationalability (Szyliowicz 2013) The European Union Agency for Network and InformationSecurity outlines multiple common sources of nefarious attacks in its malware taxonomyincluding viruses worms trojans botnets spywares scarewares roguewares adwaresand greywares (Marinos 2016)
Such attacks are made possible via a huge cyber-attack surface within cyber-spacewhere every circa 2500 lines of code presents a potential vulnerability that is identified by ahackerrsquos reconnaissance (Nye 2017) Reconnaissance is the first and most important stagefor a successful cyber-attack and seeks to determine the likely strategy for the intrusion(Marinos 2016) Strategies vary but prominent methods include scanning fingerprintingfootprinting sniffing and social engineering (refer to Table I)
Cyber-attack motivations and cyber-actors and incident analysisThe RISI database contains a comprehensive record of cyber-physical attack incidentscategorized as either confirmed or likely but confirmed (RISI 2015) However prominentcommentators contend that attacks are more prevalent than reports suggest and thatvictims are often reluctant to disclose malicious cyber-attacks against themselves due topotential reputational damage being incurred (Reggiani 2013) Cyber-physical attacks aretherefore shrouded in secrecy by states and private companies and many states havealready conceded the current digital arms race against a panoply of cyber-actors (orldquohackersrdquo) including hacktivists malware authors cyber-criminals cyber-militiascyber-terrorists patriot hackers and script kiddies
Cyber-actors are frequently classified within one of three thematic categories namelywhite hats grey hats and black hats where the color of the hat portrays their intrinsicintentions White hats are predominantly legitimately employed security researchers whoperform simulated penetration testing hacks to assess the robustness of an organizationrsquoscyber-enabled systems (Cavelty 2013) They do not have malevolent intentions but rather
LEVELS OF BIM
LOW TO MEDIUM VULNERABILITY MEDIUM TO HIGH VULNERABILITY
BIMLEVEL 0
LOWVULNERABILITY
LOWVULNERABILITY
MEDIUMVULNERABILITY
HIGH RISKVULNERABILITY
BIMLEVEL 1
BIMLEVEL 2
BIMLEVEL 3
URL
SQL
SQL DWG XML
DWG XML
INFORMATIONFORMAT 2D CAD 2D CAD + 3D 3D
LOD
7 ARCHIVED
URL NODES
INTERCONNECTED
COMPUTER
COMPUTER
ARCHIPELAGO
PUBLISHED
SHARED
WORK IN
PROGRESS
LOD
6LO
D 5
LOD
4LO
D 3
LOD
2LO
D 1
INFORMATIONEXCHANGE
PAPER-BASEDCOLLABORATION
i
FILE-BASEDCOLLABORATION
OBJECT MODEL-BASEDCOLLABORATION
NETWORK-BASEDCOLLABORATION
LOW
TO
ME
DIU
MV
ULN
ER
AB
ILIT
YM
ED
IUN
TO
HIG
HV
ULN
ER
AB
ILIT
Y
Figure 1Cyber vulnerabilitiesof CDE environmentadapted from BSIlevels of BIM
250
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyacross
thefour
journaltyp
es547
404
50
404
595
285
ArchitectureEng
ineering
Co
nstructio
nandOwner-
operated
(AECO
)
Chongetal(2014)
Autom
ationin
Construction
||
|How
elletal(2017)
Autom
ationin
Construction
||
||
Kochovski
and
Stankovski
(2018)
Autom
ationin
Construction
||
|
Fisk
(2012)
Intelligent
Buildings
Internationa
l|
Mike(2006)
Journa
lofFa
cilities
Man
agem
ent
||
|
Eom
andPa
ek(2006)
Journa
lofInform
ation
Techn
ologyin
Construction
(ITcon)
||
Jaatun
etal(2014)
Procedia
Engineering
||
||
Koo
etal(2015)
Procedia
Engineering
||
||
Nicał
andWodyń
ski
(2016)
Procedia
Engineering
||
Wangetal(2011)
Procedia
Engineering
||
|Percentage
frequencyin
AECO
journals
20
40
30
50
90
60
Transportandinfrastructure
Pateletal(2009)
Com
mun
ications
oftheACM
||
|WangandLu
(2013)
Com
puterNetworks
||
||
Liuetal(2012)
IEEEC
ommun
ications
Surveysamp
Tutorials
||
|
Jones(2016)
IEEEE
ngineering
ampTechn
ology
||
||
|
Paridarietal(2016)
IEEEInterna
tiona
lConferenceon
Cyber-Physical
System
s(ICCPS
)
||
||
Ryan(2017)
InternationalJournalof
Critical
Infrastructure
Protection
||
|
Papa
(2013)
TransportPo
licy
||
(con
tinued)
Table IEmerging thematic
groups in extantliterature
251
Common dataenvironment
vulnerabilities
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Reggiani(2013)
TransportPo
licy
|Reniers
andDullaert
(2013)
TransportPo
licy
||
Szyliowicz(2013)
TransportPo
licy
||
ZampariniandSh
iftan
(2013)
TransportPo
licy
|
Percentage
frequencyin
transportandinfrastructure
journals
545
545
818
272
363
181
Inform
ationtechnology
Hun
ton(2012)
Com
puterLa
wamp
Security
Review
||
|
Weber
andStud
er(2016)
Com
puterLa
wamp
Security
Review
||
||
Metke
andEkl
(2010)
IEEETransactio
nson
Smart
Grid
||
Tan
etal(2018)
IEEETransactio
nson
Smart
Grid
||
|
Xue
etal(2016)
IEEETrustcomBigDataS
E
ISPA
||
||
Ani
etal(2017)
Journa
lofCyber
Security
Techn
ology
||
||
|
Govinda
(2015)
Procedia
Techn
ology
||
||
Rasmia
ndJantan
(2013)
Procedia
Techn
ology
||
Safavi
etal(2013)
Procedia
Techn
ology
|Sh
itharth
and
Winston
(2015)
Procedia
Techn
ology
||
||
(con
tinued)
Table I
252
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyin
inform
ationtechnology
journals
40
60
80
20
90
30
Political
scienceinternational
relatio
nsBrantly
(2014)
Dem
ocracy
andSecurity
||
|Kello
(2013)
Internationa
lSecurity
|Lind
say(2015)
Internationa
lSecurity
||
||
|Nye
(2017)
Internationa
lSecurity
||
|Ca
velty
(2013)
Internationa
lStudies
Review
|Ca
nfil(2016)
Journa
lofInternationa
lAffairs
|
Hjortdal(2011)
Journa
lofStrategicSecurity
||
McG
raw
(2013)
Journa
lofStrategicStud
ies
||
Stoddart(2016)
PoliticalScienceQua
rterly
||
BetzandStevens
(2013)
Security
Dialog
||
|
Lind
say(2013)
Security
Stud
ies
||
Percentage
frequencyin
political
scienceinternationalrelations
journals
100
9182
636
272
9
Table I
253
Common dataenvironment
vulnerabilities
act on behalf of security companies and concomitant public interest (F-Secure 2014)Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and actas vigilantes to puncture prevailing power structures (such as Government) byembarrassing them with distributed denial of service (DDos) attacks web defacementsmalware ransomware and trojans These hacktivists often dabble with illegal means tohack but believe that they are addressing a social injustice andor otherwise supporting agood cause Black hats are often affiliated with a criminal fraternity or have other maliciousintent (Cavelty 2013) These criminals deploy the same tools used by grey and white hathackers but with the deliberate intention to cause harm vandalism sabotage websiteshutdown fraud or other illegitimate activities Many states have increasingly focused upongrey hats who have become the new uncontrolled source of hacking (Betz and Stevens2013) Table II highlights a number of prominent critical infrastructures hacks extractedfrom the RISI database and cross references these against the motivations and cyber-actors
Blurred lines governments and civiliansState and non-state actors represent a two pronged source of malicious attacks or threatsfacing the AECO sector motivations for these actors are fueled by various catalystsincluding patriotism liberal activism political ideology criminal intent and hobby interests(Hjortdal 2011 Rahimi 2011) A state is a political entity (ldquogovernmentrdquo) that hassovereignty over an area of territory and the people within it (Rahimi 2011) Within thisentity state actors are persons who are authorized to act on its behalf and are thereforesubject to regulatory control measures (Betz and Stevens 2013) A state actorrsquos role can bemyriad but often it strives to create positive policy outcomes through approaches such associal movement coalitions (cf Stearns and Almeida 2004) Conversely non-state actors arepersons or organizations who have sufficient political influence to act or participate ininternational relations for the purpose of exerting influence or causing change even thoughthey are not part of government or an established institution (Betz and Stevens 2013) Threekey types of legitimate non-state actors exist intergovernmental organizations such as theUnited Nations World Bank Group and International Monetary Fund which are establishedby a state usually through a treaty (Betz and Stevens 2013) international non-governmentorganizations such as Amnesty International Oxfam and Greenpeace which are non-profitvoluntary organizations that advocate or otherwise pursue the public good (ie economicdevelopment and humanitarian aid) (UN) and multinational corporations who pursue theirown business interests largely outside the control of national states (UN) Illegitimatenon-state actors include terrorist groups and hacktivists acting upon a range of differentmotivations including personal gain digital coercion malevolence and indoctrination ofothers using ideological doctrine (Brantly 2014) Since the millennium governmentsglobally have become increasingly aware of cyber-crime and threats stemming from suchnon-state actors Some of the more notable actors include Anonymous (Betz and Stevens2013) Ghost Net (Hunton 2012) The Red Hacker Alliance (Fisher 2018) Fancy BearldquoПрикольный медведьrdquo (Canfil 2016) and Iranian Cyber Army (Rahimi 2011)
However the boundary delineation between state actors and non-state actors engagingin cyber-physical attacks has become increasingly blurred (Betz and Stevens 2013 Papa2013) Such attribution has wider implications for the national security of states andnational responsibility for non-state actors who often act on behalf of the state underincitement of nationalistic and ideological motivation (Brantly 2014) Henderson (2008)aptly describes such blurred lines between governments and civilians by using Chinesecyber-patriot hackers as an exemplar
The alliance is exactly who and what they claim to be an independent confederation of patrioticyouth dedicated to defending China against what it perceives as threats to national pride
254
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyacross
thefour
journaltyp
es547
404
50
404
595
285
ArchitectureEng
ineering
Co
nstructio
nandOwner-
operated
(AECO
)
Chongetal(2014)
Autom
ationin
Construction
||
|How
elletal(2017)
Autom
ationin
Construction
||
||
Kochovski
and
Stankovski
(2018)
Autom
ationin
Construction
||
|
Fisk
(2012)
Intelligent
Buildings
Internationa
l|
Mike(2006)
Journa
lofFa
cilities
Man
agem
ent
||
|
Eom
andPa
ek(2006)
Journa
lofInform
ation
Techn
ologyin
Construction
(ITcon)
||
Jaatun
etal(2014)
Procedia
Engineering
||
||
Koo
etal(2015)
Procedia
Engineering
||
||
Nicał
andWodyń
ski
(2016)
Procedia
Engineering
||
Wangetal(2011)
Procedia
Engineering
||
|Percentage
frequencyin
AECO
journals
20
40
30
50
90
60
Transportandinfrastructure
Pateletal(2009)
Com
mun
ications
oftheACM
||
|WangandLu
(2013)
Com
puterNetworks
||
||
Liuetal(2012)
IEEEC
ommun
ications
Surveysamp
Tutorials
||
|
Jones(2016)
IEEEE
ngineering
ampTechn
ology
||
||
|
Paridarietal(2016)
IEEEInterna
tiona
lConferenceon
Cyber-Physical
System
s(ICCPS
)
||
||
Ryan(2017)
InternationalJournalof
Critical
Infrastructure
Protection
||
|
Papa
(2013)
TransportPo
licy
||
(con
tinued)
Table IEmerging thematic
groups in extantliterature
251
Common dataenvironment
vulnerabilities
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Reggiani(2013)
TransportPo
licy
|Reniers
andDullaert
(2013)
TransportPo
licy
||
Szyliowicz(2013)
TransportPo
licy
||
ZampariniandSh
iftan
(2013)
TransportPo
licy
|
Percentage
frequencyin
transportandinfrastructure
journals
545
545
818
272
363
181
Inform
ationtechnology
Hun
ton(2012)
Com
puterLa
wamp
Security
Review
||
|
Weber
andStud
er(2016)
Com
puterLa
wamp
Security
Review
||
||
Metke
andEkl
(2010)
IEEETransactio
nson
Smart
Grid
||
Tan
etal(2018)
IEEETransactio
nson
Smart
Grid
||
|
Xue
etal(2016)
IEEETrustcomBigDataS
E
ISPA
||
||
Ani
etal(2017)
Journa
lofCyber
Security
Techn
ology
||
||
|
Govinda
(2015)
Procedia
Techn
ology
||
||
Rasmia
ndJantan
(2013)
Procedia
Techn
ology
||
Safavi
etal(2013)
Procedia
Techn
ology
|Sh
itharth
and
Winston
(2015)
Procedia
Techn
ology
||
||
(con
tinued)
Table I
252
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyin
inform
ationtechnology
journals
40
60
80
20
90
30
Political
scienceinternational
relatio
nsBrantly
(2014)
Dem
ocracy
andSecurity
||
|Kello
(2013)
Internationa
lSecurity
|Lind
say(2015)
Internationa
lSecurity
||
||
|Nye
(2017)
Internationa
lSecurity
||
|Ca
velty
(2013)
Internationa
lStudies
Review
|Ca
nfil(2016)
Journa
lofInternationa
lAffairs
|
Hjortdal(2011)
Journa
lofStrategicSecurity
||
McG
raw
(2013)
Journa
lofStrategicStud
ies
||
Stoddart(2016)
PoliticalScienceQua
rterly
||
BetzandStevens
(2013)
Security
Dialog
||
|
Lind
say(2013)
Security
Stud
ies
||
Percentage
frequencyin
political
scienceinternationalrelations
journals
100
9182
636
272
9
Table I
253
Common dataenvironment
vulnerabilities
act on behalf of security companies and concomitant public interest (F-Secure 2014)Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and actas vigilantes to puncture prevailing power structures (such as Government) byembarrassing them with distributed denial of service (DDos) attacks web defacementsmalware ransomware and trojans These hacktivists often dabble with illegal means tohack but believe that they are addressing a social injustice andor otherwise supporting agood cause Black hats are often affiliated with a criminal fraternity or have other maliciousintent (Cavelty 2013) These criminals deploy the same tools used by grey and white hathackers but with the deliberate intention to cause harm vandalism sabotage websiteshutdown fraud or other illegitimate activities Many states have increasingly focused upongrey hats who have become the new uncontrolled source of hacking (Betz and Stevens2013) Table II highlights a number of prominent critical infrastructures hacks extractedfrom the RISI database and cross references these against the motivations and cyber-actors
Blurred lines governments and civiliansState and non-state actors represent a two pronged source of malicious attacks or threatsfacing the AECO sector motivations for these actors are fueled by various catalystsincluding patriotism liberal activism political ideology criminal intent and hobby interests(Hjortdal 2011 Rahimi 2011) A state is a political entity (ldquogovernmentrdquo) that hassovereignty over an area of territory and the people within it (Rahimi 2011) Within thisentity state actors are persons who are authorized to act on its behalf and are thereforesubject to regulatory control measures (Betz and Stevens 2013) A state actorrsquos role can bemyriad but often it strives to create positive policy outcomes through approaches such associal movement coalitions (cf Stearns and Almeida 2004) Conversely non-state actors arepersons or organizations who have sufficient political influence to act or participate ininternational relations for the purpose of exerting influence or causing change even thoughthey are not part of government or an established institution (Betz and Stevens 2013) Threekey types of legitimate non-state actors exist intergovernmental organizations such as theUnited Nations World Bank Group and International Monetary Fund which are establishedby a state usually through a treaty (Betz and Stevens 2013) international non-governmentorganizations such as Amnesty International Oxfam and Greenpeace which are non-profitvoluntary organizations that advocate or otherwise pursue the public good (ie economicdevelopment and humanitarian aid) (UN) and multinational corporations who pursue theirown business interests largely outside the control of national states (UN) Illegitimatenon-state actors include terrorist groups and hacktivists acting upon a range of differentmotivations including personal gain digital coercion malevolence and indoctrination ofothers using ideological doctrine (Brantly 2014) Since the millennium governmentsglobally have become increasingly aware of cyber-crime and threats stemming from suchnon-state actors Some of the more notable actors include Anonymous (Betz and Stevens2013) Ghost Net (Hunton 2012) The Red Hacker Alliance (Fisher 2018) Fancy BearldquoПрикольный медведьrdquo (Canfil 2016) and Iranian Cyber Army (Rahimi 2011)
However the boundary delineation between state actors and non-state actors engagingin cyber-physical attacks has become increasingly blurred (Betz and Stevens 2013 Papa2013) Such attribution has wider implications for the national security of states andnational responsibility for non-state actors who often act on behalf of the state underincitement of nationalistic and ideological motivation (Brantly 2014) Henderson (2008)aptly describes such blurred lines between governments and civilians by using Chinesecyber-patriot hackers as an exemplar
The alliance is exactly who and what they claim to be an independent confederation of patrioticyouth dedicated to defending China against what it perceives as threats to national pride
254
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Reggiani(2013)
TransportPo
licy
|Reniers
andDullaert
(2013)
TransportPo
licy
||
Szyliowicz(2013)
TransportPo
licy
||
ZampariniandSh
iftan
(2013)
TransportPo
licy
|
Percentage
frequencyin
transportandinfrastructure
journals
545
545
818
272
363
181
Inform
ationtechnology
Hun
ton(2012)
Com
puterLa
wamp
Security
Review
||
|
Weber
andStud
er(2016)
Com
puterLa
wamp
Security
Review
||
||
Metke
andEkl
(2010)
IEEETransactio
nson
Smart
Grid
||
Tan
etal(2018)
IEEETransactio
nson
Smart
Grid
||
|
Xue
etal(2016)
IEEETrustcomBigDataS
E
ISPA
||
||
Ani
etal(2017)
Journa
lofCyber
Security
Techn
ology
||
||
|
Govinda
(2015)
Procedia
Techn
ology
||
||
Rasmia
ndJantan
(2013)
Procedia
Techn
ology
||
Safavi
etal(2013)
Procedia
Techn
ology
|Sh
itharth
and
Winston
(2015)
Procedia
Techn
ology
||
||
(con
tinued)
Table I
252
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyin
inform
ationtechnology
journals
40
60
80
20
90
30
Political
scienceinternational
relatio
nsBrantly
(2014)
Dem
ocracy
andSecurity
||
|Kello
(2013)
Internationa
lSecurity
|Lind
say(2015)
Internationa
lSecurity
||
||
|Nye
(2017)
Internationa
lSecurity
||
|Ca
velty
(2013)
Internationa
lStudies
Review
|Ca
nfil(2016)
Journa
lofInternationa
lAffairs
|
Hjortdal(2011)
Journa
lofStrategicSecurity
||
McG
raw
(2013)
Journa
lofStrategicStud
ies
||
Stoddart(2016)
PoliticalScienceQua
rterly
||
BetzandStevens
(2013)
Security
Dialog
||
|
Lind
say(2013)
Security
Stud
ies
||
Percentage
frequencyin
political
scienceinternationalrelations
journals
100
9182
636
272
9
Table I
253
Common dataenvironment
vulnerabilities
act on behalf of security companies and concomitant public interest (F-Secure 2014)Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and actas vigilantes to puncture prevailing power structures (such as Government) byembarrassing them with distributed denial of service (DDos) attacks web defacementsmalware ransomware and trojans These hacktivists often dabble with illegal means tohack but believe that they are addressing a social injustice andor otherwise supporting agood cause Black hats are often affiliated with a criminal fraternity or have other maliciousintent (Cavelty 2013) These criminals deploy the same tools used by grey and white hathackers but with the deliberate intention to cause harm vandalism sabotage websiteshutdown fraud or other illegitimate activities Many states have increasingly focused upongrey hats who have become the new uncontrolled source of hacking (Betz and Stevens2013) Table II highlights a number of prominent critical infrastructures hacks extractedfrom the RISI database and cross references these against the motivations and cyber-actors
Blurred lines governments and civiliansState and non-state actors represent a two pronged source of malicious attacks or threatsfacing the AECO sector motivations for these actors are fueled by various catalystsincluding patriotism liberal activism political ideology criminal intent and hobby interests(Hjortdal 2011 Rahimi 2011) A state is a political entity (ldquogovernmentrdquo) that hassovereignty over an area of territory and the people within it (Rahimi 2011) Within thisentity state actors are persons who are authorized to act on its behalf and are thereforesubject to regulatory control measures (Betz and Stevens 2013) A state actorrsquos role can bemyriad but often it strives to create positive policy outcomes through approaches such associal movement coalitions (cf Stearns and Almeida 2004) Conversely non-state actors arepersons or organizations who have sufficient political influence to act or participate ininternational relations for the purpose of exerting influence or causing change even thoughthey are not part of government or an established institution (Betz and Stevens 2013) Threekey types of legitimate non-state actors exist intergovernmental organizations such as theUnited Nations World Bank Group and International Monetary Fund which are establishedby a state usually through a treaty (Betz and Stevens 2013) international non-governmentorganizations such as Amnesty International Oxfam and Greenpeace which are non-profitvoluntary organizations that advocate or otherwise pursue the public good (ie economicdevelopment and humanitarian aid) (UN) and multinational corporations who pursue theirown business interests largely outside the control of national states (UN) Illegitimatenon-state actors include terrorist groups and hacktivists acting upon a range of differentmotivations including personal gain digital coercion malevolence and indoctrination ofothers using ideological doctrine (Brantly 2014) Since the millennium governmentsglobally have become increasingly aware of cyber-crime and threats stemming from suchnon-state actors Some of the more notable actors include Anonymous (Betz and Stevens2013) Ghost Net (Hunton 2012) The Red Hacker Alliance (Fisher 2018) Fancy BearldquoПрикольный медведьrdquo (Canfil 2016) and Iranian Cyber Army (Rahimi 2011)
However the boundary delineation between state actors and non-state actors engagingin cyber-physical attacks has become increasingly blurred (Betz and Stevens 2013 Papa2013) Such attribution has wider implications for the national security of states andnational responsibility for non-state actors who often act on behalf of the state underincitement of nationalistic and ideological motivation (Brantly 2014) Henderson (2008)aptly describes such blurred lines between governments and civilians by using Chinesecyber-patriot hackers as an exemplar
The alliance is exactly who and what they claim to be an independent confederation of patrioticyouth dedicated to defending China against what it perceives as threats to national pride
254
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
Thematicgroup
Indu
strial
sector
Author(s)
Journal
National
andglobal
security
Smart
cities
Critical
infrastructure
Indu
strial
control
system
s
Mobile
orcloud
compu
ting
Digita
lization
ofbu
iltenvironm
ent
Percentage
frequencyin
inform
ationtechnology
journals
40
60
80
20
90
30
Political
scienceinternational
relatio
nsBrantly
(2014)
Dem
ocracy
andSecurity
||
|Kello
(2013)
Internationa
lSecurity
|Lind
say(2015)
Internationa
lSecurity
||
||
|Nye
(2017)
Internationa
lSecurity
||
|Ca
velty
(2013)
Internationa
lStudies
Review
|Ca
nfil(2016)
Journa
lofInternationa
lAffairs
|
Hjortdal(2011)
Journa
lofStrategicSecurity
||
McG
raw
(2013)
Journa
lofStrategicStud
ies
||
Stoddart(2016)
PoliticalScienceQua
rterly
||
BetzandStevens
(2013)
Security
Dialog
||
|
Lind
say(2013)
Security
Stud
ies
||
Percentage
frequencyin
political
scienceinternationalrelations
journals
100
9182
636
272
9
Table I
253
Common dataenvironment
vulnerabilities
act on behalf of security companies and concomitant public interest (F-Secure 2014)Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and actas vigilantes to puncture prevailing power structures (such as Government) byembarrassing them with distributed denial of service (DDos) attacks web defacementsmalware ransomware and trojans These hacktivists often dabble with illegal means tohack but believe that they are addressing a social injustice andor otherwise supporting agood cause Black hats are often affiliated with a criminal fraternity or have other maliciousintent (Cavelty 2013) These criminals deploy the same tools used by grey and white hathackers but with the deliberate intention to cause harm vandalism sabotage websiteshutdown fraud or other illegitimate activities Many states have increasingly focused upongrey hats who have become the new uncontrolled source of hacking (Betz and Stevens2013) Table II highlights a number of prominent critical infrastructures hacks extractedfrom the RISI database and cross references these against the motivations and cyber-actors
Blurred lines governments and civiliansState and non-state actors represent a two pronged source of malicious attacks or threatsfacing the AECO sector motivations for these actors are fueled by various catalystsincluding patriotism liberal activism political ideology criminal intent and hobby interests(Hjortdal 2011 Rahimi 2011) A state is a political entity (ldquogovernmentrdquo) that hassovereignty over an area of territory and the people within it (Rahimi 2011) Within thisentity state actors are persons who are authorized to act on its behalf and are thereforesubject to regulatory control measures (Betz and Stevens 2013) A state actorrsquos role can bemyriad but often it strives to create positive policy outcomes through approaches such associal movement coalitions (cf Stearns and Almeida 2004) Conversely non-state actors arepersons or organizations who have sufficient political influence to act or participate ininternational relations for the purpose of exerting influence or causing change even thoughthey are not part of government or an established institution (Betz and Stevens 2013) Threekey types of legitimate non-state actors exist intergovernmental organizations such as theUnited Nations World Bank Group and International Monetary Fund which are establishedby a state usually through a treaty (Betz and Stevens 2013) international non-governmentorganizations such as Amnesty International Oxfam and Greenpeace which are non-profitvoluntary organizations that advocate or otherwise pursue the public good (ie economicdevelopment and humanitarian aid) (UN) and multinational corporations who pursue theirown business interests largely outside the control of national states (UN) Illegitimatenon-state actors include terrorist groups and hacktivists acting upon a range of differentmotivations including personal gain digital coercion malevolence and indoctrination ofothers using ideological doctrine (Brantly 2014) Since the millennium governmentsglobally have become increasingly aware of cyber-crime and threats stemming from suchnon-state actors Some of the more notable actors include Anonymous (Betz and Stevens2013) Ghost Net (Hunton 2012) The Red Hacker Alliance (Fisher 2018) Fancy BearldquoПрикольный медведьrdquo (Canfil 2016) and Iranian Cyber Army (Rahimi 2011)
However the boundary delineation between state actors and non-state actors engagingin cyber-physical attacks has become increasingly blurred (Betz and Stevens 2013 Papa2013) Such attribution has wider implications for the national security of states andnational responsibility for non-state actors who often act on behalf of the state underincitement of nationalistic and ideological motivation (Brantly 2014) Henderson (2008)aptly describes such blurred lines between governments and civilians by using Chinesecyber-patriot hackers as an exemplar
The alliance is exactly who and what they claim to be an independent confederation of patrioticyouth dedicated to defending China against what it perceives as threats to national pride
254
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
act on behalf of security companies and concomitant public interest (F-Secure 2014)Contemporary cyber-Robin Hood(s) (or hacktivists) fall within the grey hat category and actas vigilantes to puncture prevailing power structures (such as Government) byembarrassing them with distributed denial of service (DDos) attacks web defacementsmalware ransomware and trojans These hacktivists often dabble with illegal means tohack but believe that they are addressing a social injustice andor otherwise supporting agood cause Black hats are often affiliated with a criminal fraternity or have other maliciousintent (Cavelty 2013) These criminals deploy the same tools used by grey and white hathackers but with the deliberate intention to cause harm vandalism sabotage websiteshutdown fraud or other illegitimate activities Many states have increasingly focused upongrey hats who have become the new uncontrolled source of hacking (Betz and Stevens2013) Table II highlights a number of prominent critical infrastructures hacks extractedfrom the RISI database and cross references these against the motivations and cyber-actors
Blurred lines governments and civiliansState and non-state actors represent a two pronged source of malicious attacks or threatsfacing the AECO sector motivations for these actors are fueled by various catalystsincluding patriotism liberal activism political ideology criminal intent and hobby interests(Hjortdal 2011 Rahimi 2011) A state is a political entity (ldquogovernmentrdquo) that hassovereignty over an area of territory and the people within it (Rahimi 2011) Within thisentity state actors are persons who are authorized to act on its behalf and are thereforesubject to regulatory control measures (Betz and Stevens 2013) A state actorrsquos role can bemyriad but often it strives to create positive policy outcomes through approaches such associal movement coalitions (cf Stearns and Almeida 2004) Conversely non-state actors arepersons or organizations who have sufficient political influence to act or participate ininternational relations for the purpose of exerting influence or causing change even thoughthey are not part of government or an established institution (Betz and Stevens 2013) Threekey types of legitimate non-state actors exist intergovernmental organizations such as theUnited Nations World Bank Group and International Monetary Fund which are establishedby a state usually through a treaty (Betz and Stevens 2013) international non-governmentorganizations such as Amnesty International Oxfam and Greenpeace which are non-profitvoluntary organizations that advocate or otherwise pursue the public good (ie economicdevelopment and humanitarian aid) (UN) and multinational corporations who pursue theirown business interests largely outside the control of national states (UN) Illegitimatenon-state actors include terrorist groups and hacktivists acting upon a range of differentmotivations including personal gain digital coercion malevolence and indoctrination ofothers using ideological doctrine (Brantly 2014) Since the millennium governmentsglobally have become increasingly aware of cyber-crime and threats stemming from suchnon-state actors Some of the more notable actors include Anonymous (Betz and Stevens2013) Ghost Net (Hunton 2012) The Red Hacker Alliance (Fisher 2018) Fancy BearldquoПрикольный медведьrdquo (Canfil 2016) and Iranian Cyber Army (Rahimi 2011)
However the boundary delineation between state actors and non-state actors engagingin cyber-physical attacks has become increasingly blurred (Betz and Stevens 2013 Papa2013) Such attribution has wider implications for the national security of states andnational responsibility for non-state actors who often act on behalf of the state underincitement of nationalistic and ideological motivation (Brantly 2014) Henderson (2008)aptly describes such blurred lines between governments and civilians by using Chinesecyber-patriot hackers as an exemplar
The alliance is exactly who and what they claim to be an independent confederation of patrioticyouth dedicated to defending China against what it perceives as threats to national pride
254
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
Standard Title Description
BS ISOIEC291002011(ISO 2011)
Information TechnologySecurity Techniques PrivacyFramework
This standard is applicable to organizations and businessesproviding a privacy framework for those ldquoinvolved inspecifying procuring architecting designing developingtesting maintaining administering and operatinginformation and communication technology systems orservicesrdquo with personally identifiable information (PII)
BS ISOIEC270012013(ISO 2013)
Information TechnologySecurity TechniquesInformation SecurityManagement SystemsRequirements
This international standard provides a framework for themanagement of an information security management system(ISMS) in order to keep digital information assets secure fromcyber-criminal activities and information breaches itencompasses procedures for creating implementingoperating auditing and maintaining an ISMS The standardcan be applied within organizations of any size nature or type
IETCPNITechnicalBriefing(IET 2013)
Resilience and Cyber Securityof Technology in the BuiltEnvironment
This document applies to professionals involved in thedevelopment procurement and operation of intelligent orsmart buildings The guidance considers the whole buildinglifecycle and examines the potential threats to resilience andcyber security arising from the merging of technicalinfrastructure and computer-based systems and theirconnection in cyber-space Case studies are provided plus aset of 20 critical measures which could be applied to reducethreats
PAS5552013(BSI 2013)
Cyber Security RiskGovernance and ManagementSpecification
The specification uses a business-led ldquooutcomes-basedapproachrdquo which studies physical cultural and behavioralfeatures alongside technical ones to aid organizations indetecting which of their business assets need most protectioneg corporate and customer data intellectual property brandor reputation The approach can be applied to any sizetype oforganization throughout its business activities
PAS7542014(BSI 2014c)
Software TrustworthinessGovernance and ManagementSpecification
This document identifies five principles of softwaretrustworthiness (safety reliability availability resilience andsecurity) which should be attained when implementingsoftware on distributed applications in order to reduce therisks from potential malicious threats These principles arebased upon four concepts governance measures riskassessment control application for risk management(physical procedural and technical) and a compliance regimeto ensure execution of the first three
IETStandards(IET 2014)
Code of Practice for CyberSecurity in the BuiltEnvironment
This book provides good practice guidance on the need forand development of cyber security strategy and policyrelated to a buildingrsquos complete lifecycle as an integral part ofan organizationrsquos management systems with particularemphasis on cyber physically connected building-relatedsystems The pertinence of cyber security to each of themultidisciplinary roles and responsibilities within anorganization is provided
PAS1192-52015(BSI 2015)
Specification for Security-minded Building InformationModeling Digital BuiltEnvironments and Smart AssetManagement
This is the first standard published for security minded use ofBIM and digitalization of built assets Relevant to all ownersand stakeholders of digitally built assets it assists inassessing security risks to the asset and implementingmeasures to reduce the risk of loss or disclosure ofinformation which could impact on the safety and security ofthe built asset personnel and other users of the asset and itsservices and commercial and other asset data andinformation
Table IIIndustry standardsand codes of bestpractice on cyber
security in theAECO sector
255
Common dataenvironment
vulnerabilities
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
A componential analysis of literatureFrom an operational perspective the review protocol sourced published journal materialscontained within Science Direct Web of Science Scopus and Research Gate databasesKeyword search terms used included cyber security hacking and any of the followingvariations of the word cyber crimecybercrimeor cyber-crime Following a comprehensivereview of the journals four prominent and pertinent clusters of industrial settings wereselected to provide the contextual sampling framework and knowledge base for theanalysis namely AECO transport and infrastructure information technology and politicalscienceinternational relations These clusters were selected because they contained themajority of the journal publications on cyber-crime Within the clusters six recurrentleitmotifs were identified national and global security smart cities critical infrastructureICS mobile or cloud computing and digitalization of the built environment A crosscomparative componential analysis was then conducted (refer to Table III)
The componential analysis reveals the percentage frequency that each of the identifiedthematic groups occur across the four industrial classifications and the percentagefrequency that each thematic group occurs within each individual industrial classificationIn ascending order of frequency across all four sectors the most popular discussed topicswere mobile cloud computing (595 percent) national global security (547 percent) andcritical infrastructure (50 percent) smart cities (404 percent) ICS (404 percent) anddigitization of the built environment (285 percent) Yet curiously within the AECO sector aninordinate amount of effort was input into mobile and cloud computing (90 percent) anddigitization of the built environment (60 percent) while far less attention was paid to criticalinfrastructure (30 percent) and national and global security (20 percent) Moreover none ofthe papers reviewed were heavily focused upon expounding the virtues and concomitantbenefits of digitization but were similarly obvious to the omnipresent threat of cyber-crimeposed via the vulnerable CDE portal
A CDE is commonly established during the feasibility or concept design phases of abuildinginfrastructure project (BSI 2014a b) An information manager will then manage andvalidate the processes and procedures for the exchange of information across a network foreach key decision gateway stage (including work in progress shared published and archivestages) Cloud-based CDE platforms are ubiquitous but common solutions include ProjectWiseViewpoint (4P) Aconex Asite and SharePoint (Shafiq et al 2013) The internal work flow andtypical external information exchange in BIM relies upon the re-use and sharing of information
Reconnaissance Technique Definition Example
In an active manner to monitor network packets passingbetween hosts or passive manner to transmit speciallycreated packets to the target machine and analyze theresponse (Peng et al 2015)
Scanning Ping sweep Network scanning is integral to stealthy information gathering froma computer system Prior knowledge of the operating system (OS) iscombined with the use of one of a plethora of readily available toolsin order to identify and map out potential vulnerabilities on a targetnetwork
Port scan
Network MappingFingerprinting (OS)
Footprinting
Sniffing
Social Engineering
Device fingerprinting endeavors to break the privacy of URLdevelopers by revealing user actions and anonymity It utilizes theinformation collected from a remote computing device for the purposeof uniquely identifying the device (Formby et al 2016) Fingerprintingcan be used to identify the OS used on the target systemFootprinting is a process of obtaining as much information about thetarget to be hacked as possible by drawing down open sourceinformation from the internet Footprinting is the most convenient wayof gathering information about a computer system andor parties suchbelong toSniffing has been likened to wiretapping and can be used to obtainsensitive information that is being transferred over a network such asFTP passwords e-mail traffic web traffic telnet passwords routerconfigurations chat sessions and DNS traffic ldquoIndustrial ControlSystems (ICS)Supervisory Control and Data Acquisition (SCADA)sniffingrdquo activites pose an imminent threat to cyber-physical connecteddevices in buildings factories and large industrial plants
Social engineering is an attack vector that relies upon tricking peopleinto breaking security procedures Consequently these are used toexploit an individualrsquos weaknesses typically employees and otherindividuals who are familiar with the system When successfullyimplemented hackers can help obtain information about the targetedsystem
Techniques include port scanning to identify theavailable and open ports DNS enumeration to locate thedomain name server and IP address and PING sweepingto map the IP address to a live host (Rittinghouse andHancock 2003)
During footprinting a hacker can use passive or activemeans to obtain information such as domain name IPaddresses namespaces employee information phonenumbers e-mails and job information
ldquoHavexrdquo Malware reported by F-Secure laboratories is thefirst of its kind since STUXNET and attempts to ldquosniffrdquofactory automation gear such as ICS and SCADA systems(F-Secure Labs 2014) Anonymized victims have includedtwo major educational institutions in France two Germanindustrial machine producers one French industrial machineproducer and a Russian structural engineering constructioncompany (F-Secure Labs 2014)Two common methods adopted are the physical gainingof access to a computer through deception or the use ofphishing e-mails which involves sending personalizede-mails to targeted employees in an attempt to make themclick malicious links contained within
Table IIICommonreconnaissancetechniques
256
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
in a CDE Integrating BIM (and other file databases eg IFC GBXML CSV DWG XML)within a CDE ensures a smooth flow of information between all stakeholders and is specifiedand articulated through its levels of development or design (Eastman et al 2011 Lin andSu 2013) The level of design (LOD) is classified on a linear scale ranging from LOD 1 (coveringa conceptual ldquolow definitionrdquo design) to LOD 7 (for an as-built ldquohigh definitionrdquo model) Witheach incremental increase in LOD the range and complexity of asset information within modelsbuilt begins to swell and the data contained within becomes accessible to an increased amountof stakeholders As a consequence the magnitude of potential cyber-crime also increases and itis imperative therefore that effective cyber security deterrence measures are set
Perhaps the most crippling aspect of deterrence is the poor rate of attribution (alsoknown as tracebacking or source tracking) where attribution seeks to determine theidentity or location of an attacker or attackerrsquos intermediary (Brantly 2014) Affiliationfurther exacerbates attribution rates for example nefarious and malicious attacks oncritical infrastructure by non-state ldquopatriotrdquo actors who proclaim cyber-warfare in the nameof nationalist ideologies can create ambiguity with state actors (Lindsay 2015) Extantliterature widely acknowledges that states actively recruit highly skilled hackers tocounter-attack other state governed cyber-activities in particular against criticalinfrastructure assets (Thomas 2009) Yet the paucity of identification or disclosure ofattacker identities has made the hacking culture even more enticing for both non-stateactors and state actors Whilst network attribution or IP address traceability to a particulargeographical region is possible lifting the cyber veil to reveal the affiliation between theattacker and their government remains difficult (Canfil 2016) In the case of potential threatsto the AECO sector attribution of industrial cyber-espionage remains an imminent threatnot only to the business in operation but also for the nation state security
Cyber-deterrenceCyber-deterrence measures rely largely upon good practice adopted from standards ISO27001 and ISO 27032 (ISO 2012 2013) In the context of the digital built environment (andspecifically BIM) recently published cyber security good practice manual PAS 1198-Part 5suggests deploying five measures of deterrence a built asset security manager a built assetsecurity strategy a built asset security management plan a security breachincidentmanagement plan and built asset security information requirements For other sources ofcyber security guidance PAS 1198-Part 5 recommends adherence to other pre-existinglegislative documentation ndash refer to Table IV
Other ambiguous guidance notes that refer to taking ldquoappropriate mitigation strategiesrdquohave largely ignored the increased vulnerability of semantic and geometric information thatis sustained within a BIM (BSI 2013 2014c) For example Institute of Engineering andTechnology (Boyes 2013b) report entitled ldquoResilience and Cyber Security of Technology inthe Built Environmentrdquo states that
Unauthorised access to BIM data could jeopardise security of sensitive facilities such as bankscourts prisons and defence establishments and in fact most of the Critical National Infrastructure
Deterrence measures recommended in PAS 1192-5 have largely overlooked BIM datacontained within a CDE and the onslaught of cyber-physical connectivity in criticalinfrastructures (Liu et al 2012) Currently the most common means of deterrence forcyber-physical connectivity in critical BMS infrastructures is via network segregation (thefirewall) (Mayo 2016) and secure gateway protection (encryption) for securing from externalthreats complicit with ANSIISA-99 (ANSI 2007) However in a digital economy where over50bn devices are continuously communicating neither firewalls nor encryption alone canguarantee effective cyber security Hence a more robust systemic means of data integrity isrequired in the digital built environment
257
Common dataenvironment
vulnerabilities
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
Block chain ndash a new frontier for cyber-deterrenceUnder the alias Satoshi Namamoto the Bitcoin (crypto currency) was published as the firstblock chain application on the internet (Turk and Klinc 2017) This advancement opened aspringboard of applications that utilize block chain technology to remove third partydistribution of digital assets using peer-to-peer sharing (Turk and Klinc 2017) While themajority of current applications have utilized crypto currency and smart contracts theapplications for digital asset transference seem limitless Block chainrsquos earliest applicationswere in economics (Huckle et al 2016) software engineering (Turk and Klinc 2017) Internetof Things (Zhang and Wen 2016) and medicine (Yue et al 2016) ndash albeit more recentlyapplications within the built environment have been explored (Sun et al 2016) Block chaintechnology has the potential to overcome the aforementioned cyber security challengesfaced in the digital environment as a result of its distributed secure and private nature ofdata distribution A positive correlation exists between an increasing number ofcollaborators (or peers) within a CDE and the potential to secure such assets in a peer-to-peerenvironment which thrives and increases in security
Block chain technology is suitable for sectors with increased risk of fraud ndash such assusceptible crucial infrastructures containing sensitive industrial information that is at riskfrom industrial espionage intermediaries ndash for example providers of BMS systems andother IT software vendors hosting sensitive infrastructure asset details throughput ndash suchas operators updating and sharing asset information in a CDE and stable data ndash forinstance data generated for built assets can be utilized for up to 40 years post projectinception Block chain technology offers better encryption against hacking than any othercurrent deterrence measures available and is commonly suggested in the cyber securitystandards available (Turk and Klinc 2017)
The application of block chain technology within digital built asset informationexchange is suggested due to its secure framework for data transference Block chaintechnology has been hailed as a hackertamper safe ecosystem for digital asset transfers(Turk and Klinc 2017) Figure 2 delineates a ten stage process to demonstrate how theexisting functionality of block chain technology can be harnessed in a CDE environmentwhen sharing sensitive digital information about assets ndash namely asset information issecurely shared via a network (eg URL nodes interconnected computer networks or an air
Motivation Actor ExampleBlack Hat Hacktivists USA 2014 ndash Power and utilities ndash Hackers took advantage of a weak password vulnerability where mechanical devices were disconnected from
the control system for scheduled maintenancePoland 2008 ndash Transport ndash A 14-year old Polish student hacked into the tram system enabling him to change track points in Lodz 4 trams werederailed and as a consequence 12 people were injuredUSA 2001 ndash Petroleum ndash The network monitoring personal computer (PC) provided a path from the internet via the company business networkonto the automation network This made the company vulnerable to the Code Red Worm used to deface the automation web pages of a largeoil company
Script kiddies
Cyber insiders
Cyber terrorists
Malware authors
Patriot hackers
Cyber militias
Script kiddies
Ordinary citizens
Hacktivists
Script kiddies
Organized cybercriminals
Ego personal animosityeconomic gain
Grey Hat
Ambiguous
White Hat
Idealismcreativityrespect for thelaw
Spain 2011 ndash Traffic ndash Spanair flight 5022 crashed just after take-off from Madrid-Brajas International Airport killing 154 with 18 survivorsTrojan malware detected on the central computer system is speculated to have played a role in the crash by causing the computer to fail todeliver power to the take-off early warning system and detect three technical problems with the aircraftIran 2012 ndash Petroleum ndash Iran was forced to disconnect key oil facilities after suffering a malware attack which it is believed hit the internalcomputer systems at Iranrsquos oil ministry and its national oil companyUSA and Europe 2014 ndash Energy sector ndash Operating since 2011 the Dragonfly group has targeted defence and aviation companies in USAand Canada cyber-espionage with the likely intention of sabotage In 2013 the group targeted USA and European energy firms gaining entrythrough spear phishing e-mails malware watering hole attacks and infecting legitimate software from three different industrial control systems(ICS) equipment manufacturersCanada 2012 ndash Energy sector ndash Telvent Canada Ltd provider of software and services for remote administration of large sections of theenergy industry was subject to information theft Installed malware was used to steal project files related to one of its key products The digitalfingerprints were traced to a Chinese hacking group (the ldquoComment Grouprdquo) linked to cyber-espionage against Western interestsIran 2010 ndash Nuclear ndash The Stuxnet malworm was responsible for damaging crucial centrifugal devices used for Uranium enrichment at theNatanz nuclear plant causing it to be shut down for week This remains as one of the most profilic cyber-physical attacks in an exemplifiedcase of government and civilian blurred lines and created a new forefront of cyber militia becoming the first proclaimed cyber weaponUSA 2012 ndash Waterwaste management ndash A former employee of the Key Largo Wastewater Treatment District hacked the company resultingin modification and deletion of files
Venezuela 2002 ndash Petroleum ndash Venezuelarsquos state oil company became embroiled in a bitter strike when it was extensively sabotaged by anemployee who gained remote access to a program terminal and erased all Programmable Logic Controller (PLC) programs in port facility
Canada 2002 ndash Petroleum ndash A white hat hacker simulated an attack on a data center security (DCS) where network access to the control localarea network (LAN) was used to connect to selected DCS operator stations and obtain full administration privileges This was accomplishedthrough the vulnerabilities in the Windows operating system and a number of Netbios that lacked proper password protection
USA 2014 ndash Traffic ndash One of the first hacks on a traffic management system was incurred on road signs in San Francisco where the signswere photographed flashing ldquoGodzilla Attack Turn Backrdquo
Source Available online at wwwrisidatacom
Table IVSnapshot of cyber-physical hackingexamples from theRISI online incidentdatabase
258
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
gapped internet) asset data (whether a 3D or digital model) are converted into a block whichrepresent a digital transaction of asset data stakeholder interaction within a federated CDEenvironment will receive a tracked record of the individual transaction created by nodessharing the block block chain miners (usually computer scientists) validate and maintainthe newly created block chain payment methods for block chain miners vary but a group ofminers enter into a competitive process where the first to validate the block chain receivespayment the federated block chain environment is approved the new block is added to theexisting chain of digital transactions to extend the block chain the digital asset can now besecurely shared upon validation to hack the network assailants would need to hack everysingle node within the block chain thus making the task far more difficult the network ofnodes created by multiple stakeholdersrsquo transactions provides a more sophisticated andsecure approach to protecting digital assets when compared to encryption and firewallsHerein lies the novelty of this review ndash blockchain technology can offer a potentialframework to future AECO software applications and systems designed to secure thetransfer of sensitive project data in a BIM and CDE environment
Limitations and future workContrary to within the fields of computer science political scienceinternational relationsand international law cyber security is far less understood within the AECO sector (Mayo2016) Consequently existing controls are inadequate and poorly managed Key findingsemanating from these other eminent fields provide invaluable insights into the cybersecurity technologies and developments (such as block chain) that can be successfullytransferred and applied to critical infrastructure within the AECO sector to address currentdeficiencies (Baumeister 2010) However successful practitioner alignment and knowledgeenhancement requires time and investment for additional research and testing of suchconcepts (Metke and Ekl 2010) ndash such exceeded the current confines of this review paperWithin the international security research realm the following predispositions have
ASSET NEEDS TO BESHARED SECURELY
ASSET IS CONVERTEDINTO A BLOCK
BLOCK IS BROADCAST TO ALLNODES IN FEDERATED CDE
ENVIRONMENT
BLOCK CHAIN MINERSCOMPETE TO MINE NEW
BLOCK
BLOCK CHAIN IS EXTENDEDWITH NEW DIGITAL ASSET
XML DWG
DWGXML
FEDERATED CDEENVIRONMENT APPROVES
BLOCK CHAIN MINERVALIDATES BLOCK AGAINST
CHAIN
BLOCK OF DIGITAL ASSETIS SHARED SECURELY
BLOCK CHAIN OF ASSETS NEEDS TOBE HACKED INDIVIDUALLY ACROSS AN
ENTIRE NETWORK
BLOCK CHAIN OF SHARING ASSETS
i) ii) iii) iv)
v) vi) vii)
viii) ix) x)
Figure 2Block chain
technology applicationwith digital built assetinformation exchange
259
Common dataenvironment
vulnerabilities
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
weakened scholarly understanding of cyber-threat occurrences and the likelihood of attackson critical infrastructure These limitations require future work namely
(1) Improved understanding of motivations ndash an inordinate amount of attention is paidto ldquocyber-threatsrdquo under the guise of malevolent lines of code Yet finding aresolution to the root cause of cyber-crime requires a deeper understanding of themotivations behind such malicious scripts and attacks
(2) Address the specific operational threats to bespoke critical infrastructure ndash eachindividual critical infrastructure project (eg hospitals nuclear facilities trafficmanagement systems) has bespoke operational functionality and hence differentvulnerabilities Mapping of these vulnerabilities is required as a first step todeveloping efficient and effective risk mitigation strategies to better secure assets
(3) Distinguish between physical destruction and theft ndash literature and standards havepredominantly focused upon data protection within the context of cyber-attackHowever physical damage has received far less attention even though such could leadto catastrophic economic damage Greater distinction between physical destructionand theft is therefore needed to delineate the scale and magnitude of cyber-crime
(4) Consolidate greater international governmental collaboration ndash cyber-attacks canreadily cross international borders and national law enforcement agencies often find itdifficult to take action in jurisdictions where limited extradition arrangements areavailable Although standard international agreements have been made on suchissues (cf the Budapest Convention on Cyber-crime) which seek to criminalizemalevolent cyber-activities notable signatories (such as China and Russia) are absentFar greater cooperation between sovereign states is therefore urgently needed todevelop robust international agreements that are supported by all major governments
(5) Gauge practitioner awareness ndash future work should seek to identify existingpredispositions and awareness of cyber-attack and cyber-crime amongst AECOprofessionals either through in depth interviews or practitioner surveys Casestudies are also required to measure and report upon contemporary industrypractice and how any cyber-crime incidents were managed
(6) Proof of concept ndash development and testing of an innovative proof of conceptblockchain application specifically designed for AECO professionals Suchdevelopmental work would allow the thorough testing of blockchain technologyin practice to confirm or otherwise its effectiveness
Future workTo reconcile the challenges of future work researchers and practitioners within the AECOsector will have to investigate how to adopt cyber-deterrence approaches applied within moretechnologically advanced and sensitive industries such as aerospace and automotive Suchknowledge transference may propagate readily available solutions to challenges posed Cybersecurity awareness and deterrence measures within the BIM and CDE process will help securecritical infrastructure developed built and utilized ndash the challenges and opportunities identifiedhere require innovative solutions such as block chain technologies to transform standardindustry practice and should be augmented with far greater industry-academic collaboration
ConclusionInfrastructure provides the essential arteries and tributaries of a digital built environmentthat underpins a contemporary digital economy However cyber-attack threatens the
260
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
availability and trustworthiness of interdependent networked services on both corporateand national security levels At particular risk are the critical infrastructure assets (suchas energy networks transport and financial services) hosted on large networks connectedto the internet (via a CDE) to enable cost-efficient remote monitoring and maintenanceAny disruption or damage to these assets could have an immediate and widespreadimpact by jeopardizing the well-being safety and security of citizens To combat thepotential threat posed greater awareness among AECO stakeholders is urgentlyneeded this must include governments internationally and private sector partnerscollaborating together to expand upon existing ISO and BIM-related standards forimproved response to a cyber-incident As well as preventative measures reactivenational plans are required (ie raising cyber security awareness on government fundedBIM projects) to quickly deal with breaches in security and ensure services are providedwith minimum disruption
It is argued in this paper that the CDE adopted with BIM in the AECO sector acts as aspringboard for the wider stakeholder engagement with networked data sharing in acentralized manner yielding such systems vulnerable for future cyber-physical attacks Thepinnacle of cyber security research breakthroughs in cryptography have resulted in thedevelopment of decentralized block chain technology It is hypothesized that block chaintechnology offers a novel and secure approach to storing information making datatransactions performing functions and establishing trust making it suitable for sensitivedigital infrastructure data contained in BIM and CDE environment high securityrequirements While block chain applications are largely at a nascent stage of developmentwithin the AECO sector this review paper has highlighted its novel application to fortifysecurity of digital assets residing within a BIM and CDE environment ndash thus extendingapplications beyond its origins in crypto currency Future research will be required to provemodify or disprove this hypothesis presented However block chain alone cannot guaranteetotal immunity to cyber-attacks so additional research is required to understand themotivations for cyber-attackcrime identify the specific operational threats to bespokecritical infrastructure and develop appropriate strategies to mitigate these develop moreexhaustive international standards (or enhance existing standards) to distinguish betweenphysical destruction and theft and establish measures needed to consolidate greaterinternational governmental collaboration
References
Ani UPD He H and Tiwari A (2017) ldquoReview of cybersecurity issues in industrial criticalinfrastructure manufacturing in perspectiverdquo Journal of Cyber Security Technology Vol 1 No 1pp 32-74
ANSI (2007) ldquoISA-990001-2007 security for industrial automation and control systems part 1terminology concepts and modelsrdquo ISA available at httpswebarchiveorgweb20110312111418wwwisaorgTemplatecfmSection=Shop_ISAampTemplate=2FEcommerce2FProductDisplaycfmampProductid=9661 (accessed February 9 2019)
Baumeister T (2010) ldquoLiterature review on smart grid cyber security collaborative softwaredevelopment laboratory at the University of Hawaiirdquo available at wwwtbaumeistcompublicationsLiteratureReviewOnSmartGridCyberSecurity_2010pdf (accessed February 9 2019)
Bessis N and Dobre C (2014) Big Data and Internet of Things A Roadmap for Smart EnvironmentsISBN 978-3-319-05029-4 Springer International Publishing London
Betz DJ and Stevens T (2013) ldquoAnalogical reasoning and cyber securityrdquo Security Dialogue Vol 44No 2 pp 147-164
Boyes H (2013a) ldquoCyber security of intelligent buildingsrdquo 8th IET International System SafetyConference Incorporating the Cyber Security Conference Cardiff
261
Common dataenvironment
vulnerabilities
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
Boyes H (2013b) Resilience and Cyber Security of Technology in the Built Environment the Institution ofEngineering and Technology IET Standards Technical Briefing London available at wwwtheietorgresourcesstandards-filescyber-securitycfmtype=pdf (accessed February 9 2019)
Bradley A Li H Lark R and Dunn S (2016) ldquoBIM for infrastructure an overall review andconstructor perspectiverdquo Automation in Construction Vol 71 No 2 pp 139-152
Brantly AF (2014) ldquoThe cyber losersrdquo Democracy amp Security Vol 10 No 2 pp 132-155
BSI (2013) ldquoPAS 5552013 cyber security riskrdquo Governance and Management Specification available athttpsshopbsigroupcomProductDetailpid=000000000030261972 (accessed February 9 2019)
BSI (2014a) PAS 180 Smart Cities Vocabulary British Standards Institution London available atwwwbsigroupcomen-GBsmart-citiesSmart-Cities-Standards-and-PublicationPAS-180-smart-cities-terminology (accessed February 9 2019)
BSI (2014b) PAS 1192-3 Specification for Information Management for the Operational Phase of Assetsusing Building Information Modelling British Standards Institution London available athttpsshopbsigroupcomProductDetailpid=000000000030311237 (accessed February 9 2019)
BSI (2014c) PAS 7542014 software trustworthiness governance and management Specificationavailable at httpsshopbsigroupcomProductDetailpid=000000000030284608 (accessedFebruary 9 2019)
BSI (2015) PAS 1192-5 (2015) Specification for Security Minded Building Information ModellingDigital Built Environments and Smart Asset Management British Standards InstitutionLondon available at httpsshopbsigroupcomProductDetailpid=000000000030314119(accessed February 9 2019)
Canfil JK (2016) ldquoHoning cyber attribution a framework for assessing foreign state complicityrdquo Journalof International Affairs Vol 70 No 1 pp 217-226 available at wwwquestiacomread1G1-476843518honing-cyber-attribution-a-framework-for-assessing (accessed February 9 2019)
Cavelty MD (2013) ldquoFrom cyber-bombs to political fallout threat representations with an impact inthe cyber-security discourserdquo International Studies Review Vol 15 No 1 pp 105-122
Chong HY Wong JS and Wang X (2014) ldquoAn explanatory case study on cloud computingapplicationsrdquo Automation in Construction Vol 44 pp 152-162
Clarke R and Youngstein T (2017) ldquoCyberattack on Britainrsquos national health servicerdquo New EnglandJournal of Medicine Vol 377 August pp 409-411
DBIS (2013) ldquoSmart city market opportunities for the UKrdquo Department for Business Innovation andSkills BIS Research Papers Ref BIS131217 DBIS London available at wwwgovukgovernmentpublicationssmart-city-market-uk-opportunities (accessed February 9 2019)
Denning D (2012) ldquoStuxnet what has changedrdquo Future Internet Vol 4 No 3 pp 672-687
Eastman C Eastman CM Teicholz P Sacks R and Liston K (2011) BIM Handbook A Guide toBuilding Information Modeling for Owners Managers Designers Engineers and ContractorsISBN 978-0-470-54137-1 John Wiley amp Sons Hoboken NJ
Edwards DJ Paumlrn AE Love PED and El-Gohary H (2017) ldquoResearch note machinerymanumission and economic machinationsrdquo Journal of Business Research Vol 70 Januarypp 391-394
Eom S-J and Paek J-H (2006) ldquoPlanning digital home services through an analysis of customersacceptancerdquo ITcon Vol 11 Special issue IT in Facility Management pp 697-710 available atwwwitconorg200649 (accessed February 9 2019)
European Commission (2013) Cybersecurity Strategy of the European Union An Open Safe and SecureCyberspace JOIN 1 Final European Commission Brussels available at httpseeaseuropaeuarchivesdocspolicieseu-cyber-securitycybsec_comm_enpdf (accessed February 9 2019)
Ficco M Choraś M and Kozik R (2017) ldquoSimulation platform for cyber-security and vulnerabilityanalysis of critical infrastructuresrdquo Journal of Computational Science Vol 22 Septemberpp 179-186
262
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
Fisher RD (2018) ldquoCyber warfare challenges and the increasing use of American and European dual-usetechnology for military purposes by the peoplersquos Republic of China (PRC)rdquo United States House ofRepresentatives Committee on Foreign Affairs Birmingham available at httparchives-republicans-foreignaffairshousegov112Fis041511pdf (accessed February 9 2019)
Fisk D (2012) ldquoCyber security building automation and the intelligent buildingrdquo Intelligent BuildingsInternational Vol 4 No 3 pp 169-181
Formby D Srinivasan P Leonard A Rogers J and Beyah RA (2016) ldquoWhorsquos in control of yourcontrol system Device fingerprinting for cyber-physical systemsrdquo Network and DistributedSystem Security Symposium (NDSS) February 26ndashMarch 1 San Diego CA
F-Secure Labs (2014) ldquoHavex hunts for ICS and SCADA systemsrdquo available at wwwf-securecomweblogarchives00002718html (accessed February 9 2019)
Gandhi R Sharma A Mahoney W Sousan W Zhu Q and Laplante P (2011) ldquoDimensions ofcyber-attacks cultural social economic and politicalrdquo IEEE Technology and Society MagazineVol 30 No 1 pp 28-38
Govinda K (2015) ldquoDesign of smart meter using Atmel 89s52 microcontrollerrdquo Procedia TechnologyVol 21 pp 376-380 available at httpsdoiorg101016jprotcy201510053
Henderson S (2008) ldquoBeijingrsquos rising hacker stars how does mother China reactrdquo IO Sphere JournalBirmingham February 28 available at wwwnoexperiencenecessarybookcomjplV6beijing-39-s-rising-hacker-stars-how-does-mother-china-reacthtml (accessed February 9 2019)
Hjortdal M (2011) ldquoChinarsquos use of cyber warfare espionage meets strategic deterrencerdquo Journal ofStrategic Security Vol 4 No 2 pp 1-24
HM Government (2013) Building Information Modeling Industrial Strategy Government and Industryin Partnership Government Construction Strategy London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile3471012-1327-building-information-modellingpdf (accessed February 9 2019)
HM Government (2015) Digital Built Britain Level 3 Building Information Modelling ndash Strategic Plan26 February 2015 HM Publications London available at wwwgovukgovernmentpublicationsuk-construction-industry-digital-technology (accessed February 9 2019)
Howell S Rezgui Y and Beach T (2017) ldquoIntegrating building and urban semantics toempower smart water solutionsrdquo Automation in Construction Vol 81 Septemberpp 434-448
Huckle S Bhattacharya R White M and Beloff N (2016) ldquoInternet of things blockchain and sharedeconomy applicationsrdquo Procedia Computer Science Vol 98 pp 461-466 available at httpsdoiorg101016jprocs201609074
Hunton P (2012) ldquoData attack of the cybercriminal investigating the digital currency of cybercrimerdquoComputer Law amp Security Review Vol 28 No 2 pp 201-207
IET (2013) ldquoResilience and cyber security of technology in the built environmentrdquo Institution ofEngineering and Technology Birmingham available at wwwtheietorgresourcesstandardscyber-buildingscfmorigin=pr (accessed February 9 2019)
IET (2014) ldquoCode of practice for cyber security in the built environmentrdquo Institution of Engineeringand Technology Birmingham available at httpselectricaltheietorgbooksstandardscyber-copcfm (accessed February 9 2019)
ISO (2011) ldquoISOIEC 291002011 information technology ndash security techniques ndash privacy frameworkrdquoavailable at wwwisoorgstandard45123html (accessed February 2018)
ISO (2012) 27032 Information Technology ndash Security Techniques ndash Guidelines for CybersecurityInternational Organization for Standardization (ISO) Geneva available at wwwitgovernancecoukshopproductiso27032-iso-27032-guidelines-for-cybersecurity (accessed February 9 2019)
ISO (2013) 27001 The International Information Security Standard International Organization forStandardization (ISO) Geneva available at wwwitgovernancecoukiso27001 (accessedFebruary 9 2019)
263
Common dataenvironment
vulnerabilities
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
Jaatun MG Roslashstum J Petersen S and Ugarelli R (2014) ldquoSecurity checklists a compliance alibi or auseful tool for water network operatorsrdquo Procedia Engineering Vol 70 pp 872-876
Jones L (2016) ldquoSecuring the smart city built environment cyber securityrdquo Engineering andTechnology Vol 11 No 5 pp 30-33 doi 101049et20160501
Kello L (2013) ldquoThe meaning of the cyber revolution perils to theory and statecraftrdquo InternationalSecurity Vol 38 No 2 pp 7-40
Kochovski P and Stankovski V (2018) ldquoSupporting smart construction with dependable edgecomputing infrastructures and applicationsrdquo Automation in Construction Vol 85 Januarypp 182-192
Koo D Piratla K and Matthews CJ (2015) ldquoTowards sustainable water supply schematicdevelopment of big data collection using internet of things (IoT)rdquo Procedia EngineeringVol 118 pp 489-497
Lesk M (2007) ldquoThe new front line Estonia under cyber assaultrdquo IEEE Security amp Privacy Vol 5No 4 pp 76-79
Levy Y and Ellis TJ (2006) ldquoA systems approach to conduct an effective literature review in supportof information systems researchrdquo Informing Science Vol 9 pp 181-212 available at httpinformnuArticlesVol9V9p181-212Levy99pdf (accessed February 9 2019)
Lin S Gao J and Koronios A (2006) ldquoKey data quality issues for enterprise asset management inengineering organisationsrdquo International Journal of Electronic Business Management Vol 4No 1 pp 96-110 available at httpijebmienthuedutwIJEBM_WebIJEBM_staticPaper-V4_N1A10-E684_3pdf (accessed February 2018)
Lin YC and Su YC (2013) ldquoDeveloping mobile-and BIM-based integrated visual facility maintenancemanagement systemrdquo The Scientific World Journal Vol 2013 10pp available at httpsdoiorg1011552013124249
Lindsay JR (2013) ldquoStuxnet and the limits of cyber warfarerdquo Security Studies Vol 22 No 3 pp 365-404
Lindsay JR (2015) ldquoThe impact of China on cybersecurity fiction and frictionrdquo International SecurityVol 39 No 3 pp 7-47
Liu J Xiao Y Li S Liang W and Chen CP (2012) ldquoCyber security and privacy issues in smartgridsrdquo IEEE Communications Surveys amp Tutorials Vol 14 No 4 pp 981-997
McGraw G (2013) ldquoCyber war is inevitable (unless we build security in)rdquo Journal of Strategic StudiesVol 36 No 1 pp 109-119
McNulty (2011) ldquoRealising the potential of GB Rail ndash final independent report of the rail value formoney study ndash summary reportrdquo Department for Transport London available at wwwgovukgovernmentuploadssystemuploadsattachment_datafile4203realising-the-potential-of-gb-rail-summarypdf (accessed February 9 2019)
Marinos L (2016) ENISA Threat Taxonomy A Tool for Structuring Threat InformationEuropean Union Agency for Network and Information Security Birmingham available atwwwenisaeuropaeutopicsthreat-risk-managementthreats-and-trendsenisa-threat-landscapeetl2015enisa-threat-taxonomy-a-tool-for-structuring-threat-informationview(accessed February 9 2019)
Markets and Markets (2014) ldquoSmart HVAC controls market by product type components applicationoperation amp geography ndash analysis and forecast to 2014ndash2020rdquo Birmingham available athttpgooglAy2LjI (accessed February 9 2019)
Mayo G (2016) ldquoBas and cyber security a multiple discipline perspectiverdquo in Long S Ng E-HDowning C and Nepal B (Eds) Proceedings of the American Society for Engineering Management2016 International Annual Conference American Society for Engineering Management ConcordNC available at wwwresearchgatenetpublication309480358_BAS_AND_CYBER_SECURITY_A_MULTIPLE_DISCIPLINE_PERSPECTIVE (accessed February 2018)
Metke AR and Ekl RL (2010) ldquoSecurity technology for smart grid networksrdquo IEEE Transactions onSmart Grid Vol 1 No 1 pp 99-107
264
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
Mike T (2006) ldquoIntegrated building systems strengthening building security while decreasingoperating costsrdquo Journal of Facilities Management Vol 4 No 1 pp 63-71
Mokyr J (1992) ldquoTechnological inertia in economic historyrdquo The Journal of Economic History Vol 52No 2 pp 325-338
Nicał AK and Wodyński W (2016) ldquoEnhancing facility management through BIM 6Drdquo ProcediaEngineering Vol 164 pp 299-306 available at httpsdoiorg101016jproeng201611623
NIST (2017) ldquoFramework for improving critical infrastructure cybersecurityrdquo National Institute ofStandards and Technology Draft Vesion 11 January 10 Birmingham available at wwwgooglecoukurlsa=tamprct=jampq=ampesrc=sampsource=webampcd=2ampved=0ahUKEwiq0orLhOHUAhVkBsAKHfJLB6oQFgg8MAEampurl=https3A2F2Fwwwnistgov2Fdocument2Fdraft-cybersecurity-framework-v11pdfampusg=AFQjCNGCtebSkMYn_Eo8A-49ANj7TEz2NAampcad=rjt (accessedFebruary 9 2019)
Nye JS (2017) ldquoDeterrence and dissuasion in cyberspacerdquo International Security Vol 41 No 3 pp 44-71
Papa P (2013) ldquoUS and EU strategies for maritime transport security a comparative perspectiverdquoTransport Policy Vol 28 pp 75-85
Paridari K Mady AE La Porta S Chabukswar R Blanco J Teixeira A Sandberg H andBoubekeur M (2016) ldquoCyber-physical-security framework for building energy managementsystemrdquo ACMIEEE 7th International Conference on Cyber-Physical Systems (ICCPS) Viennapp 1-9 doi 101109ICCPS20167479072
Paumlrn EA and Edwards DJ (2017) ldquoConceptualizing the FINDD API plug-in a case study of BIMFMintegrationrdquo Automation in Construction Vol 80 August pp 11-21
Patel SC Bhatt GD and Graham JH (2009) ldquoImproving the cyber security of SCADAcommunication networksrdquo Communications of the ACM Vol 52 No 7 pp 139-142
Peng Y Wang Y Xiang C Liu X Wen Z and Chen D (2015) ldquoCyber-physical attack-orientedIndustrial Control Systems (ICS) modeling analysis and experiment environmentrdquo InternationalConference on Intelligent Information Hiding and Multimedia Signal Processing pp 322-326
Rahimi B (2011) ldquoThe agonistic social media cyberspace in the formation of dissent and consolidationof state power in postelection Iranrdquo The Communication Review Vol 14 No 3 pp 158-178
Rasmi M and Jantan A (2013) ldquoA new algorithm to estimate the similarity between the intentions ofthe cyber crimes for network forensicsrdquo Procedia Technology Vol 11 pp 540-547
Reggiani A (2013) ldquoNetwork resilience for transport security some methodological considerationsrdquoTransport Policy Vol 28 July pp 63-68
Reniers GLL and Dullaert W (2013) ldquoA method to assess multi-modal hazmat transport securityvulnerabilities hazmat transport SVArdquo Transport Policy Vol 28 July pp 103-113
Rid T (2012) ldquoCyber war will not take placerdquo Journal of Strategic Studies Vol 35 No 1 pp 5-32
RISI (2015) ldquoThe repository of industrial security incidents databaserdquo Birmingham available atwwwrisidatacomDatabase (accessed February 9 2019)
Rittinghouse J and Hancock WM (2003) Cybersecurity Operations Handbook Elsevier ScienceAmsterdam ISBN 978-1-55558-306-4
Ryan DJ (2017) ldquoEngineering sustainable critical infrastructuresrdquo International Journal of CriticalInfrastructure Protection Vol 17 pp 28-29
Safavi S Shukur Z and Razali R (2013) ldquoReviews on cybercrime affecting portable devicesrdquoProcedia Technology Vol 11 pp 650-657
Shafiq MT Matthews J and Lockley SR (2013) ldquoA study of BIM collaboration requirements andavailable features in existing model collaboration systemsrdquo Journal of Information Technologyin Construction (ITcon) Vol 18 pp 148-161
Shitharth S and Winston DP (2015) ldquoA comparative analysis between two countermeasuretechniques to detect DDoS with sniffers in a SCADA networkrdquo Procedia Technology Vol 21pp 179-186
265
Common dataenvironment
vulnerabilities
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262
Stearns LB and Almeida PD (2004) ldquoThe formation of state actor-social movement coalitions andfavorable policy outcomesrdquo Social Policy Vol 51 No 4 pp 478-504
Stoddart K (2016) ldquoLive free or die hard US-UK cybersecurity policiesrdquo Political Science QuarterlyVol 131 No 4 pp 803-842
Sun J Yan J and Zhang KZ (2016) ldquoBlockchain-based sharing services what blockchain technologycan contribute to smart citiesrdquo Financial Innovation Vol 2 No 1 pp 1-26 doi 101186s40854-016-0040-y
Szyliowicz JS (2013) ldquoSafeguarding critical transportation infrastructure the US caserdquo TransportPolicy Vol 28 No C pp 69-74
Tan S Song WZ Stewart M Yang J and Tong L (2018) ldquoOnline data integrity attacks againstreal-time electrical market in smart gridrdquo IEEE Transactions on Smart Grid Vol 9 No 1pp 313-322
Thomas N (2009) ldquoCyber security in East Asia governing anarchyrdquoAsian Security Vol 5 No 1 pp 3-23Toy S (2006) History of Fortification from 3000 BC to AD 1700 (No 75) Pen and Sword Military
Classics Barnsley ISBN 1-88415-358-4
Turk Ž and Klinc R (2017) ldquoPotentials of blockchain technology for construction managementrdquoProcedia Engineering Vol 196 pp 638-645
UN (2014a) ldquo2014 revision of the world urbanization prospectsrdquo Birmingham available at httpsgooglxwOSDS (accessed February 9 2019)
UN (2014b) ldquoWorld urbanization trends 2014 key factsrdquo Statistical Papers ndash United Nations (Ser A)Population and Vital Statistics Report United Nations New York NY
UN (2015) ldquoWorld population projected to reach 97 billion by 2050rdquo Birmingham available at wwwunorgendevelopmentdesanewspopulation2015-reporthtml (accessed February 9 2019)
Walsham G (1995) ldquoThe emergence of interpretivism in is researchrdquo Information Systems ResearchVol 6 No 4 pp 376-394
Wang S Zhang G Shen B and Xie X (2011) ldquoAn integrated scheme for cyber-physical buildingenergy management systemrdquo Procedia Engineering Vol 15 pp 3616-3620
Wang W and Lu Z (2013) ldquoCyber security in the smart grid survey and challengesrdquo ComputerNetworks Vol 57 No 5 pp 1344-1371
Weber RH and Studer E (2016) ldquoCybersecurity in the internet of things legal aspectsrdquo ComputerLaw amp Security Review Vol 32 No 5 pp 715-728
Xue N Huang X and Zhang J (2016) ldquoS2Net a security framework for software defined intelligentbuilding networksrdquo IEEE TrustcomBigDataSEISPA Tianjin August 23-26 pp 654-661
Yue X Wang H Jin D Li M and Jiang W (2016) ldquoHealthcare data gateways found healthcareintelligence on blockchain with novel privacy risk controlrdquo Journal of Medical Systems Vol 40No 10 pp 218-229
Zamparini L and Shiftan Y (2013) ldquoSpecial issue ndash transport security theoretical frameworks andempirical applicationsrdquo Transport Policy Vol 28 pp 61-62
Zhang Y and Wen J (2016) ldquoThe IoT electric business model using blockchain technology for IoTrdquoPeer-to-Peer Networking and Applications Vol 10 No 4 pp 1-12
Corresponding authorErika A Parn can be contacted at erikaparngmailcom
For instructions on how to order reprints of this article please visit our websitewwwemeraldgrouppublishingcomlicensingreprintshtmOr contact us for further details permissionsemeraldinsightcom
266
ECAM262