Safety of Systems Integrating Fire Protection Equipment – Risks, Gaps, Recommendations
Aim: The purpose of this study is to identify cyber threats associated with systems integrating fire protection devices (SIUP). The analysis includes conducting a comprehensive assessment of potential attack sites (vulnerabilities) and recommendations for building designers and managers to minimise...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Scientific and Research Centre for Fire Protection - National Research Institute
2024-12-01
|
| Series: | Safety & Fire Technology |
| Subjects: | |
| Online Access: | https://sft.cnbop.pl/pdf/SFT-Vol.-64-Issue-2-2024-pp.-84-100.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832581894932267008 |
|---|---|
| author | Wojciech Wróblewski Dorota Seliga |
| author_facet | Wojciech Wróblewski Dorota Seliga |
| author_sort | Wojciech Wróblewski |
| collection | DOAJ |
| description | Aim: The purpose of this study is to identify cyber threats associated with systems integrating fire protection devices (SIUP). The analysis includes
conducting a comprehensive assessment of potential attack sites (vulnerabilities) and recommendations for building designers and managers to minimise
adverse actions.
Project and methods: A detailed review of the literature and cybersecurity standards applicable to fire protection systems, such as NFPA 72, was conducted,
from which key points that are vulnerable elements and represent attack surfaces were identified. The Cybersecurity for Fire Protection Systems
report from a workshop held by the Research Foundation in 2021 was analysed.
Results: Analysis of the collected research material showed that the key points of vulnerability are human factors, software, hardware, wired and wireless
connections and system security. In addition, internal threats, i.e. lack of training, malicious action by employees, invasion by unknown software and
too much access by security personnel to system components, are also important issues. It has been found that cybercriminals can use various techniques:
denial-of- service (DoS) attacks, man-in-the-middle attacks, remote code execution and social engineering, to disrupt systems. To prevent this
and minimise the risk of attacks, it is recommended that security configuration guides should be issued, that specialists should be employed and that
strategies should be created to increase the resilience of systems integrating fire appliances to cyber attacks. Currently, Polish regulations are mainly
based on the technical aspects of SIUP operation, i.e. the installation and operation of alarm systems. There is a lack of relevant legal regulations that
directly address the issue of the network and cyber security of these systems.
Conclusions: It is necessary to urgently develop and implement comprehensive legal regulations that would take into account the specificity of the cyber
security of fire protection systems in Poland. Future research should also focus on the human factor aspects of SIUP systems security.
Keywords: safety, cyber security, fire protection, system integrating fire protection devices, SIUP, fire protection device |
| format | Article |
| id | doaj-art-5983736e300242da8fdd238347910383 |
| institution | Kabale University |
| issn | 2657-8808 2658-0810 |
| language | English |
| publishDate | 2024-12-01 |
| publisher | Scientific and Research Centre for Fire Protection - National Research Institute |
| record_format | Article |
| series | Safety & Fire Technology |
| spelling | doaj-art-5983736e300242da8fdd2383479103832025-01-30T09:20:45ZengScientific and Research Centre for Fire Protection - National Research InstituteSafety & Fire Technology2657-88082658-08102024-12-016428410010.12845/sft.64.2.2024.6Safety of Systems Integrating Fire Protection Equipment – Risks, Gaps, RecommendationsWojciech Wróblewski0https://orcid.org/0000-0003-3415-9485Dorota Seliga1https://orcid.org/0009-0005-1792-4474Fire UniversityFire UniversityAim: The purpose of this study is to identify cyber threats associated with systems integrating fire protection devices (SIUP). The analysis includes conducting a comprehensive assessment of potential attack sites (vulnerabilities) and recommendations for building designers and managers to minimise adverse actions. Project and methods: A detailed review of the literature and cybersecurity standards applicable to fire protection systems, such as NFPA 72, was conducted, from which key points that are vulnerable elements and represent attack surfaces were identified. The Cybersecurity for Fire Protection Systems report from a workshop held by the Research Foundation in 2021 was analysed. Results: Analysis of the collected research material showed that the key points of vulnerability are human factors, software, hardware, wired and wireless connections and system security. In addition, internal threats, i.e. lack of training, malicious action by employees, invasion by unknown software and too much access by security personnel to system components, are also important issues. It has been found that cybercriminals can use various techniques: denial-of- service (DoS) attacks, man-in-the-middle attacks, remote code execution and social engineering, to disrupt systems. To prevent this and minimise the risk of attacks, it is recommended that security configuration guides should be issued, that specialists should be employed and that strategies should be created to increase the resilience of systems integrating fire appliances to cyber attacks. Currently, Polish regulations are mainly based on the technical aspects of SIUP operation, i.e. the installation and operation of alarm systems. There is a lack of relevant legal regulations that directly address the issue of the network and cyber security of these systems. Conclusions: It is necessary to urgently develop and implement comprehensive legal regulations that would take into account the specificity of the cyber security of fire protection systems in Poland. Future research should also focus on the human factor aspects of SIUP systems security. Keywords: safety, cyber security, fire protection, system integrating fire protection devices, SIUP, fire protection devicehttps://sft.cnbop.pl/pdf/SFT-Vol.-64-Issue-2-2024-pp.-84-100.pdfsafetycyber securityfire protectionsystem integrating fire protection devicessiupfire protection device |
| spellingShingle | Wojciech Wróblewski Dorota Seliga Safety of Systems Integrating Fire Protection Equipment – Risks, Gaps, Recommendations Safety & Fire Technology safety cyber security fire protection system integrating fire protection devices siup fire protection device |
| title | Safety of Systems Integrating Fire Protection Equipment – Risks, Gaps, Recommendations |
| title_full | Safety of Systems Integrating Fire Protection Equipment – Risks, Gaps, Recommendations |
| title_fullStr | Safety of Systems Integrating Fire Protection Equipment – Risks, Gaps, Recommendations |
| title_full_unstemmed | Safety of Systems Integrating Fire Protection Equipment – Risks, Gaps, Recommendations |
| title_short | Safety of Systems Integrating Fire Protection Equipment – Risks, Gaps, Recommendations |
| title_sort | safety of systems integrating fire protection equipment risks gaps recommendations |
| topic | safety cyber security fire protection system integrating fire protection devices siup fire protection device |
| url | https://sft.cnbop.pl/pdf/SFT-Vol.-64-Issue-2-2024-pp.-84-100.pdf |
| work_keys_str_mv | AT wojciechwroblewski safetyofsystemsintegratingfireprotectionequipmentrisksgapsrecommendations AT dorotaseliga safetyofsystemsintegratingfireprotectionequipmentrisksgapsrecommendations |