Incorporating Cyber Threat Intelligence into Complex Cyber-Physical Systems: A STIX Model for Active Buildings


Active buildings can be briefly described as smart buildings with distributed and renewable energy resources able to energise other premises in their neighbourhood. As their energy capacity is significant, they can provide ancillary services to the traditional power grid. As such, they can be a worthy target of cyber-attacks potentially more devastating than if targeting traditional smart buildings. Furthermore, to handshake energy transfers, they need additional communications that add up to their attack surface. In such a context, security analysis would benefit from collection of cyber threat intelligence (CTI). To facilitate the analysis, we provide a base active building model in STIX in the tool cyberaCTIve that handles complex models. Active buildings are expected to implement standard network security measures, such as intrusion-detection systems. However, to timely respond to incidents, real-time detection should promptly update CTI, as it would significantly speed up the understanding of the nature of incidents and, as such, allow for a more effective response. To fill this gap, we propose an extension to the tool cyberaCTIve with a web service able to accept (incursion) feeds in real-time and apply the necessary modifications to a STIX model of interest.

Publication DOI:
Additional Information: © 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// 4.0/). Funding: This research was funded by the Industrial Strategy Challenge Fund and EPSRC, EP/V012053/1, Active Building Centre Research Programme (ABC RP)
Uncontrolled Keywords: active buildings,cyber threat intelligence,cyber-physical systems,cyber-security,situational awareness,smart grid,structured cyber-attack representations,Materials Science(all),Instrumentation,Engineering(all),Process Chemistry and Technology,Computer Science Applications,Fluid Flow and Transfer Processes
Publication ISSN: 2076-3417
Last Modified: 19 Jun 2024 16:44
Date Deposited: 16 May 2022 12:17
Full Text Link:
Related URLs: https://www.mdp ... 3417/12/10/5005 (Publisher URL)
http://www.scop ... tnerID=8YFLogxK (Scopus URL)
PURE Output Type: Article
Published Date: 2022-05-16
Accepted Date: 2022-05-13
Authors: M. Czekster, Ricardo (ORCID Profile 0000-0002-6636-4398)
Metere, Roberto
Morisset, Charles



Version: Published Version

License: Creative Commons Attribution

| Preview

Export / Share Citation


Additional statistics for this record