With the rapid advancement in the industrial control technologies and the increased deployment of the industrial Internet of Things (IoT) in the buildings sector, this work presents an analysis of the security of the Heating, Ventilation, and Air Conditioning (HVAC) system which is a major component of the Building Management System (BMS), has become critical. This paper presents a Transient System Simulation Tool (TRNSYS) model of a 12-zone HVAC system that allows assessing the cybersecurity aspect of HVAC systems. The thermal comfort model and the estimated total power usage are used to assess the magnitude of the malicious actions launched against the HVAC system. Simulation data are collected and used to develop and validate a semi-supervised, data-driven attack detection strategy using Isolation Forest (IF) for the system under study. Three schemes of the proposed approach are investigated, which are: using raw data, using Principal Component Analysis (PCA) for feature extraction, and using 1D Convolutional Neural Network (CNN)-based encoder for temporal feature extraction. The proposed approach is compared with standard machine-learning approaches, and it demonstrates a promising capability in attack detection for a range of attack scenarios with high reliability and low computational cost.

随着工业控制技术的飞速发展以及建筑领域工业物联网（IoT）的不断部署，这项工作对供暖，通风和空调（HVAC）系统的安全性进行了分析。建筑物管理系统（BMS）的主要组成部分已经变得至关重要。本文介绍了一个12区HVAC系统的瞬态系统仿真工具（TRNSYS）模型，该模型可以评估HVAC系统的网络安全性。热舒适模型和估计的总用电量用于评估针对HVAC系统发起的恶意行为的程度。收集仿真数据，并使用Isolation Forest（IF）为研究中的系统开发和验证半监督的，数据驱动的攻击检测策略。研究了该方法的三种方案：使用原始数据，使用主成分分析（PCA）进行特征提取，以及使用基于1D卷积神经网络（CNN）的编码器进行时域特征提取。将该方法与标准的机器学习方法进行了比较，证明了在具有高可靠性和低计算成本的多种攻击情况下，攻击检测的潜力。