KNX Secure is there to use!
Following heavy investments from both the KNX members as well as the KNX Association, last year and this year tangible KNX Secure products saw the light. All of these products were submitted to the stringent KNX certification process, during which their conformity to implemented AES128 authentication and encryption mechanisms are put to the test. Together with the ETS, this allows the installer/integrator to now evaluate in which cases the use of KNX Secure products brings added value to the KNX installation.
Secure your installation by following the KNX Secure checklist
To ensure maximum security in your KNX Installations, we designed a KNX Secure Checklist, where you can find a step-by-step overview on everything that needs to be considered to achieve a secure KNX installation.
This checklist has been designed to make sure that people are not trying to take advantage of possible security loopholes in installations.
In
many installations, such loopholes are unfortunately very straightforward.
Download the KNX Secure Checklist here.
We also offer a more comprehensive KNX Secure guide, intended for both installers as well as KNX manufacturers to learn about the current measures that can be undertaken to increase security of KNX installations.
Some quick tips for securing your KNX Installation
- If an installation is linked to Internet, the use of a VPN tunnel to access it via the internet is an absolute MUST. When using a KNX Secure Tunneling interface, be sure to use the strong passwords suggested by ETS and do not replace them with own weak ones.
- Special attention should go to installations with public areas, i.e. where persons are able to wander around without any surveillance: even a wired KNX system can then be vulnerable to attack;
- Installations using wireless communication are the number 1 attack target, as communication between devices is completely out in the open, compared to when devices communicate over a dedicated wire. Use of KNX Secure on this medium is therefore highly recommended;
- If you have a KNX IP Backbone and other IP networks, use a VLAN separation and allow communication between the KNX IP network and other networks only via a suitable firewall.
As the KNX Secure Checklist says, many of the above can be overcome with very simple measures and of course by making use of KNX Secure. KNX offers so many opportunities to make buildings smart that it would be a shame to let this be spoiled by avoidable security attacks.
KNX provides all the required puzzle pieces: one just has to lay them in the right way.
KNX Secure offers maximum protection
Home and building automation with KNX is secure. Our technology follows all necessary security regulations. The KNX Secure technology is standardised according to EN 50090-3-4, which means that KNX successfully blocks hacker attacks on the digital infrastructure of networked buildings. Thus minimising the risk of digital break-ins.
Moreover, KNX Secure meets the highest encryption standards (according to ISO 18033-3, such as AES 128 CCM encryption) in order to effectively prevent attacks on the digital infrastructure of buildings and to achieve the highest level of data protection.
KNX Secure guarantees maximum protection by offering a double protection. KNX IP Secure extends the IP protocol in such a way that all transferred telegrams and data are completely encrypted. KNX Data Secure effectively protects user data against unauthorised access and manipulation by means of encryption and authentication.
A commitment for all of us
KNX is a secure technology and we are determined to keeping it so. Therefore, all parties (building designers, system integrators, installers…) need to commit themselves to correctly apply the security measurements that are required.