Proposals and Evaluations aimed to improve Performances of KNX Home and Building Communication Standard

The thesis deals with the problem of secure data exchange in home and building networks, where data exchanged may regard commands to actuators and/or private and secret information. Attacks can come from outside if a home/building network is connected to Internet, but if no connection is present, internal attacks may be performed by unauthorised malicious devices connected to the network; this kind of attack is easier to perform when particular transmission media are present, e.g. those based on wireless communication. Generally, most part of attacks may be countered by authentication and encryption mechanisms; for this reason, the thesis presents a solution for data encryption and authentication for home and building networks. The solution has been conceived to be realised inside the KNX communication system, which is an European and international standard for home and building automation. The proposal is due to the current lack, inside the standard, of any encryption and authentication mechanisms. Moreover, the thesis analyse the problem coming from the KNX networks and IP networks integration. The KNX and IP networks integration has recently become part of the KNX standard. KNX standard foreseen the presence of a particular device, called KNXnet/IP Router, that connects the KNX networks with the IP networks. Packet loss conditions can occur due to different transmission speed of the networks. The thesis analyses the congestion issues in KNX/IP networks.