The KNX system: efficiency and cybersecurity in the smart home era

The KNX system is an open standard for smart homes and buildings that ensures efficiency, interoperability and security. Moreover, KNX Secure can protect the system from cyberattacks, offering reliable solutions for smart home and building automation systems that are ready to meet current and future security requirements.

Among building control communication protocols, KNX is the first open standard for building automation, approved both in Europe (EN 50090 - EN 13321-1) and worldwide (ISO/IEC 14543). 

Each product with a KNX certificate, recognised by the KNX logo, is compliant with these standards and guarantees interoperability with devices made by other producers. The system is accessible and fully controllable via app and PC, either on-site or remotely.

KNX allows the offer of complete solutions for the control of all systems installed in any building, including lighting control, HVAC management, entertainment and access, alarm monitoring, electric power management, integration with video door entry systems, video surveillance and intrusion detection. This makes it ideal for advanced solutions both in residential or non-residential contexts.

For smart home and building protocols, as with any other communication technology, cybersecurity is a critical element to prevent attacks from hackers, who could connect to the system to deactivate alarms, open doors and cause damage.

In 2022, KNX Secure was certified as “Tested IT secure for Smart Homes and Buildings” by the VDE, Europe’s largest technical-scientific association for electrical, electronic and information technologies.

KNX Secure is a version of the KNX open protocol that protects the transmission of external data via IP connections. This technology complies with all current regulations, including EN 50090-3-4, which certifies the ability to effectively block attacks to the building’s digital infrastructure, and ISO 18033-3, which defines the highest standards of encryption between two devices with the KNX Secure protocol.

This doubles the protection barrier against vulnerabilities: KNX IP Secure extends the IP protocol and encrypts all transmitted data; KNX Data Secure protects user data with authentication and encryption.

This level of security is extremely useful for protection from external attacks in large structures with systems subdivided into areas and managed individually by control devices. With KNX Secure area control devices you can raise a barrier against attacks, protecting the IP backbone and ensuring the greatest protection for the system even with underlying field devices that are not covered by KNX Secure.

In particular, the KNX Line Coupler, IP/KNX Interface and IP/KNX Router secure devices allow you to secure backbone to protect it from external hacker attacks.

Even the thermoregulation, lighting and energy measuring systems can comply with smart home data protection standards thanks to KNX Data Secure devices, while ensuring the benefits of greater energy efficiency through intelligent consumption management, which activates HVAC and lighting only when really necessary.

The KNX systems for home automation, as mentioned, must comply with the cybersecurity standard EN 50090-3-4 as well as the GDPR. EN 50090-3-4 is the document that defines HBES (Home and Building Electronic Systems) security requirements and it is based on the international standard ISO/IEC 24676-2 "Home network security/SCPM (Secure Communication Protocol Middleware)".

With regard to privacy of smart devices and, more generally, of smart home and building systems, European countries have implemented the GDPR, which lays down some regulations to ensure the compliant processing of data in order to protect users. The Regulation requires installers to provide customers with the ETS project file, as it may contain personal data relating to the smart home system. Moreover, both the installer and the customer must sign a data protection declaration.

The GDPR also requires that the data generated by any system be exclusively used for remote control by the user, as well as, with user authorisation, for diagnostic purposes and for the future development of the product by the manufacturer, as long as such data is used anonymously and not traceable to any specific person. This data may be used to generate targeted advertising for the user only when the user gives prior consent.