increased vulnerabilities. A lack of preparation for the treatment of cyber vulnerabilities can jeopardize the safety, functionality, and reputation of intelligent buildings. Threat actors seizing upon untreated vulnerabilities can transform intelligent buildings from innovative assets to high-risk liabilities. In a 2018 Harvard Business Review article titled The End of Cybersecurity , the authors argue that traditional cybersecurity measures are no longer sufficient in the face of evolving digital threats. 2 A shift from reactive defense strategies to proactive risk management approaches is required. This involves integrating cybersecurity into overall business strategy and continuously adapting to emerging threats. This article explores the application of cyber- informed engineering (CIE) principles 3 , as championed by Idaho National Laboratory, in designing and securing intelligent buildings. By embedding cybersecurity considerations into the engineering lifecycle, CIE provides a proactive framework to mitigate risks. This approach ensures that intelligent
buildings are technologically advanced and resilient against cyberattacks that could compromise critical systems such as HVAC, lighting, access control, and emergency response mechanisms. The loss of trust in an intelligent building can be devastating—whether it is a corporate headquarters paralyzed by a ransomware attack, a hospital with its critical systems disabled, or a public facility unable to guarantee occupant safety. Beyond operational disruptions, the reputational damage from such incidents can irreparably tarnish the image of even the most cutting-edge structures. There are 12 principles of CIE, and while it would not be possible to cover them all in detail in this article, the focus will be given to ones that go beyond traditional cybersecurity roles. Some of the principles include layered defenses, active defenses, and supply chain management that are addressed by traditional cyber experts. This article will cover some of the unique features of CIE.
Cyber-Informed Engineering: Safeguarding Intelligent Buildings By Jim Walters
In an era where buildings are no longer just static structures but interconnected ecosystems, intelligent buildings have become a cornerstone of modern infrastructure. An intelligent building is a term given to a building or premise that utilizes communication technology to integrate building systems (Figure 1), allowing for intersystem coordination that provides a safer, more comfortable, productive, and efficient environment. 1 The user of the premise should be oblivious to the behind-the-scenes coordination, and enjoy the
environment designed for positive user experiences and enhanced safety. This integration of systems requires many disciplines in the design process. Historically, ICT designers were brought into the process after the most important design decisions had already been made. Developers quickly realized this was inefficient and ICT designers have since become an integrated part of the design process. The growing number of systems and their interdependence caused by integration has created
FIGURE 2 : the 12 principles of cyber informed engineering
FIGURE 1 : Intelligent buildings contain a myriad of interconnected systems that utilize ICT infrastructure to provide safety and improved user experience.
FIGURE 2 : The 12 principles of cyber informed engineering.
I
12
ICT TODAY
April/May/June 2025
I
13
Made with FlippingBook - Online catalogs