Secure RTOS Architecture for Building Automation.

ABSTRACTBuilding Automation System (BAS) is a computer-based control system that is widely installed in office buildings and laboratories for monitoring and controlling mechanical/electrical equipment. With the advancements in Cyber-Physical System (CPS) and Internet of Things (IoTs), BAS is in the process of becoming more intelligent by merging computing resources and network communication with physical control. Along with potential benefits, it also brings tremendous risks of security breaches and safety violations, especially when it comes to Programmable Logic Controllers (PLCs). In this paper, we systematically analyze biocontainment laboratory control models based on real case scenarios from Biosecurity Research Institute (BRI) at Kansas State University. We present a vision for a new secure Real-Time Operating System (RTOS) architecture, which leverages various technologies, including microkernel structure, Trusted Platform Module (TPM), proxy-based policy enforcement, and formal verification. The secure RTOS architecture is designed specifically to work with embedded controllers which are widely used in BAS and other CPS to achieve a highly secure and trustworthy control system.