Security-enhanced orchestration platform for Building Management System

<p dir="ltr">A Building Management System (BMS) is a critical infrastructure that includes different subsystems such as water supply management systems (WSMS), power monitoring systems (PMS), and heating, ventilation, and air conditioning systems (HVAC). In recent years, integrating Internet-of-Things (IoT) devices to improve the BMS has become a trend. The MQ Telemetry Transport (MQTT) protocol is widely used inside BMSs as the preferred communication protocol when integrating with IoT devices. However, these subsystems are typically isolated, which poses a challenge in managing them. Each subsystem has its own individual platform and a separate dashboard that is used to manage the particular system. This isolation makes it challenging to monitor cyber-attacks targeting a specific subsystem due to the lack of visibility. In this paper, we propose a proof-of-concept (POC) security-enhanced orchestration platform for BMS. The platform ingests information from various BMS subsystems and IoT devices to collect BMS activities. We have introduced and integrated a device auto-recovery and isolation methodology into the orchestration platform to mitigate threats and cyber-attacks. The proposed platform aims to enhance the security and visibility of the BMS by integrating the subsystems and devices under a single platform, allowing for a more efficient and secure management of the overall system.</p>