Singapore Institute of Technology
Secure Deployment Checklist for Building Management System.pdf (227.27 kB)

Secure IoT Deployment Checklist for Building Management System

Download (227.27 kB)
conference contribution
posted on 2023-09-28, 08:14 authored by Ching Bon ChanChing Bon Chan, Wye Kaye YanWye Kaye Yan, Jung Man Ma, Malcolm Yoke Hean LowMalcolm Yoke Hean Low, Kar Peo YarKar Peo Yar, Kai Mun Loh, Greger Chen Zhi En, Habib Rehman, Thong Chee Phua

A Building Management System (BMS) enables the capability to control the infrastructure within a building. BMS can be considered a miniature industrial control system, which is more conventional and prevalent. The legacy architecture of the BMS assumes every device has to be connected physically. Due to this reason, installing Internet of Things (IoT) devices may introduce new security loopholes in the existing BMS. Moreover, an adversary may utilize the communication channel between the BMS and IoT devices to launch cyber-attacks. In this paper, we created a prototype setup of a BMS with IoT devices to study the deployment and how the system can be installed. We introduced a comprehensive IoT security deployment checklist to assess IoT solutions’ security posture, specifically focusing on the BMS system. This checklist is novel to the market as the existing works are mostly targeted at IoT but are not fully applicable to BMS


Journal/Conference/Book title

2022 IEEE 8th World Forum on Internet of Things, WF-IoT 2022, 26 October - 11 November 2022, Yokohama, Japan.

Publication date



  • Post-print

Rights statement

© 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Usage metrics


    No categories selected