An Investigation of Cybersecurity Authentication Vulnerabilities in Connected Lighting Systems
Date & Time
Wednesday, February 12, 2020, 1:30 PM - 2:00 PM
Michael Poplawski
The increased connectivity found in emerging Connected Lighting Systems (CLS) introduces cybersecurity risks that are new to the lighting industry and that must be addressed for successful integration with other systems. While a number of existing frameworks, guidelines, and tests for evaluating cybersecurity vulnerability may apply to CLS in whole or in part, there is currently no mandatory requirement for cybersecurity testing or certification. The lighting industry is currently evaluating the suitability of existing frameworks and guidelines for CLS. This presentation reports on ongoing work that is intended to support these efforts by exploring authentication practices and their implementation in multiple CLS. A set of authentication vulnerability tests was defined and applied to explore the implementation of basic authentication best practices as well as known technology-specific best practices. Tests, test results, and failure conditions will be presented and discussed.