The Workplace Event 2024 - Register for your free ticket today

The Floorbrite Group - a clean place is a safe place

iwGroup - intelligent technologies for future workspaces

InstallerSHOW is back, 25-27 June 2024. Entry is FREE. REGISTER NOW.

Facilities Management UK (FMUK) is an industry-leading print magazine and digital news resource for those involved within facilities management.

The Cybersecurity Risks of an Elevator Ride

By Nigel Stanley, CTO – TUV Rheinland

The elevator industry can rightly be proud of its significant safety record over the past decades. With over 6.14 million elevators in Europe alone, growing annually by 140,000, this is a tribute to those that design and install these extremely safe transport systems.

The industry is facing new pressures to adopt technologies arising from the Internet of Things (IoT) which sees the potential for most devices from fridges to heart monitors to cars to be connected and accessible through the internet. The industry really is becoming smarter.

The benefits of having ‘smart’, or connected, elevators are endless. For instance, because they are able to gather data, smart elevators can efficiently propose a preventive maintenance schedule. In other words, allowing lift engineers to proactively, rather than reactively, address any issues. Increasingly they will be able to troubleshoot problems remotely saving travel costs and reducing out of service periods for elevators.

Internet connectivity also assists with load balancing and streaming voice and/or video to a control room during emergency situations. When we add cloud-based solutions, such as those offered by Microsoft and IBM, which facilitates the accretion of elevator data on a global scale, elevator manufacturers will continue to learn and optimise elevator performance.

Regrettably, as with any device that has smart technologies or connects online, the risk of a cyberattack is introduced. A cyber-attack is an attempt to disable, damage or disrupt an asset or access data that it may be processing. Hackers and bad actors are increasingly looking at building systems as a new area to explore. Whilst many of these may be hacktivist hobbyists it is not unusual for criminal gangs and nations states to target such systems in more sensitive buildings.

This is particularly true where there is a complex network of interconnections; be it to CCTV, HVAC solutions, security systems, lighting etc. Elevator systems are not isolated either. They work within the ecosystem of a building. As such, not only do the elevator systems require cybersecurity protections, but so does every aspect of a ‘smart’ building because of their integrated nature. Each component of a ‘smart’ building essentially becomes a potential entryway for a cybercriminal to eventually manipulate their way through to other components.

The problem comes down to the fact that smart elevators use programmable electronic equipment, potentially with proprietary protocols or compilers, rather than electromechanical control systems. When the software requires an update, it is often done remotely. This, however, leaves the system vulnerable to malware; thus, requiring frequent verification of the origins of the update as well as its integrity. While cryptographic tools and methods are a useful means of overseeing this, they demand good design, implementation and significant computer horsepower, which an elevator may not necessarily have, to be operational. While not an attack on elevators specifically, the well-known Stuxnet malware attack discovered in 2010 is the perfect example of how an infiltration of programmable logic controllers can have severe consequences. A malicious computer worm, Stuxnet, caused substantial damage to Iranian nuclear facilities whilst reporting to the control room that everything was running smoothly. If this can happen to a protected nuclear facility, who is to say your commercial elevator won’t also be a victim to foul play?

Fortunately, the risks have not gone unnoticed by industry experts. In fact, in April 2019, the National Elevator Industry Inc (NEII) published a paper with recommendations to overcome such threats. In collaboration with the European Lift Association (ELA), Pacific Asia Lift and Escalator Association (PALEA) as well as the China Elevator Association (CEA), the paper represents a global initiative. By extension of the ISO 14798:2009 which establishes the principles and procedures for assessing the risks of lifts, escalators and moving walks, the NEII’s Best Practices paper encourages the implementation of cyber threat mitigation strategies from the design phase. This includes utilising a modular design methodology, creating a set of layered measures rather than a single measure as a defence, and enforcing restrictions on the user, interfacing system or task to solely the data required for the respective functionality. Other guides such as the IEC 62443 and the National Institute of Standards and Technology (NIST) Cybersecurity Framework also help to supplement the NEII paper by providing greater clarity on how to assess and manage cybersecurity risks beyond the elevator industry.

Granted, a cyber-attack is unlikely to compromise elevator safety and is more likely to affect the availability of elevators. Nevertheless, the service disruption could injure the reputation of the original equipment manufacturer and cost them future contract wins and renewals. As such, manufacturers should be actively seeking to comply with the necessary policies, procedures and cultures essential for a secure and reliable elevator service.