R&D Division

Cyber-Physical Security for Fire Infrastructure

Network security architecture, protocol hardening, penetration testing, and zero-trust frameworks for protecting IP-connected fire systems against cyber threats targeting critical infrastructure.

Research Overview

The Cyber-Physical Security division addresses the growing convergence of IT and OT (Operational Technology) security risks in modern fire infrastructure. As fire panels become IP-connected, integrated with BMS platforms, and monitored via cloud services, the attack surface for critical life-safety systems expands dramatically.

Our research covers network security architecture for IP-connected fire panels, protocol hardening through BACnet Secure Connect (BACnet/SC), and specialised penetration testing methodologies designed for fire system networks. We develop zero-trust architecture frameworks that ensure every command to fire system infrastructure is authenticated, authorised, and encrypted.

Legacy fire panel communication protocols present particular challenges — many deployed systems use unencrypted serial protocols designed decades before cybersecurity was a concern. Our vulnerability research identifies exploitable weaknesses in these protocols and develops practical mitigation strategies, including encrypted telemetry overlays for cloud-connected fire monitoring.

Technical Methodology

Our security assessment pipeline from network mapping through continuous monitoring.

01

Network Architecture Assessment

Comprehensive mapping of fire system network topology, identifying IP-connected panels, BACnet gateways, cloud monitoring endpoints, and all network boundaries between fire infrastructure and IT/OT networks.

02

Threat Modelling & Vulnerability Research

Systematic threat modelling using STRIDE methodology applied to fire system attack surfaces, combined with vulnerability research on legacy fire panel communication protocols (e.g., unencrypted SLC, Modbus).

03

Penetration Testing & Red Team Exercises

Controlled penetration testing of fire system networks including protocol fuzzing, credential attacks, and man-in-the-middle scenarios — validating the security posture of both modern and legacy infrastructure.

04

Zero-Trust Architecture Design

Implementation of zero-trust security architecture for fire system command channels, including mutual TLS authentication, microsegmentation, and least-privilege access policies for all system interactions.

05

Hardening & Continuous Monitoring

Protocol hardening (BACnet Secure Connect), encrypted telemetry deployment, and continuous security monitoring with anomaly detection tuned for fire system operational patterns.

Key Research Outcomes

Core capabilities from our cyber-physical security research programme.

BACnet/SC Hardening

BACnet Secure Connect protocol implementation providing TLS-encrypted, certificate-authenticated communication for IP-connected fire and building management systems.

Penetration Testing

Specialised penetration testing methodologies designed for fire system networks, accounting for the unique safety constraints of testing life-safety critical infrastructure.

Zero-Trust Architecture

Zero-trust security frameworks ensuring every fire system command is authenticated, authorised, and encrypted — eliminating implicit trust based on network location.

Legacy Protocol Research

Vulnerability research on legacy fire panel communication protocols, developing mitigation strategies for systems that cannot be upgraded to modern secure alternatives.

Standards & Publications Referenced

Cybersecurity frameworks and standards governing our fire infrastructure security research.

  • NIST Cybersecurity Framework (CSF) v2.0
  • IEC 62443 — Industrial Communication Networks: Network and System Security
  • ASHRAE/BACnet Addendum BJ — BACnet Secure Connect (BACnet/SC)
  • NIST SP 800-82 — Guide to Operational Technology (OT) Security
  • ISO 27001 — Information Security Management Systems
  • CISA — Cross-Sector Cybersecurity Performance Goals (CPGs)
  • AS ISO/IEC 27002 — Code of practice for information security controls

Request a Security Assessment

Concerned about the cybersecurity posture of your fire infrastructure? Our security research team can assess, test, and harden your systems.

Request a Security Assessment