With the growing spectrum of capabilities and their connection with the Internet, building automation systems were repeatedly reported to be vulnerable, allowing hackers and cybercriminals to attack their components.   Buildings can be exploited by hackers to measure or change their environment:  sensors allow surveillance (. monitoring movements of employees or habits of inhabitants) while actuators allow to perform actions in buildings (. opening doors or windows for intruders). Several vendors and committees started to improve the security features in their products and standards, including KNX, ZigBee and BACnet (see recent standards or standard drafts). However, researchers report several open problems in building automation security.