KNX - the secure solution for your smart building

Any communication technology is a target for hackers, and this includes home and building automation systems. Without proper protection, however, they can represent the most vulnerable point in an installation. KNX Association has taken strong measures to make its systems secure, including the introduction of KNX Secure that protects installations at an internal data level and external IP level.

Verify your KNX installation's protection with our new KNX Security Check

Have you ever wondered if your KNX setup is truly secure? Any communication technology is a target for hackers, and this includes home and building automation. Without proper protection, however, they can represent the most vulnerable point in an installation. That's why we are proud to introduce the KNX Security Check. This online tool allows you to check whether your KNX installation is protected against contacts over the Internet. With a click of the button, you can check your IP address for an insecure KNX installation. Try the KNX Security Check today and take control of your KNX system's security!

Learn how to make your KNX installation secure

Learn the strategies you can employ to ensure solid security of the systems you install with the 30-minute online course: How to Prevent Access to KNX Installations

An extensive offer of KNX Secure products

Following heavy investments from both the KNX members as well as the KNX Association, last year and this year tangible KNX Secure products saw the light. All of these products were submitted to the stringent KNX certification process, during which their conformity to implemented AES128 authentication and encryption mechanisms are put to the test. Together with the ETS, this allows the installer/integrator to now evaluate in which cases the use of KNX Secure products brings added value to the KNX installation.

KNX Secure is VDE certified

In 2022, KNX Secure received the “Information security tested Smart Home and Building” certification from the VDE (Association for Electrical, Electronic & Information Technologies). This VDE certification, along with the robust KNX certification of each individual KNX Secure product, underlines that KNX Secure protects KNX installations even better against possible cyber-attacks. Today, more than 400 KNX Secure devices are certified. All of these products have been subjected to the stringent KNX certification process, in which their conformity to the implemented AES128 authentication and encryption mechanisms was put to the test. The interplay of KNX Secure technology, KNX Secure products and the ETS configuration tool brings a new dimension of added value to KNX installations.

Secure your installation by following the KNX Secure checklist

To ensure maximum security in your KNX Installations, we designed a KNX Secure Checklist, where you can find a step-by-step overview on everything that needs to be considered to achieve a secure KNX installation.

This checklist has been designed to make sure that people are not trying to take advantage of possible security loopholes in installations.

In many installations, such loopholes are unfortunately very straightforward.

Download the KNX Secure Checklist here.

We also offer a more comprehensive KNX Secure guide, intended for both installers as well as KNX manufacturers to learn about the current measures that can be undertaken to increase security of KNX installations.

Some quick tips for securing your KNX Installation

  • If an installation is linked to Internet, the use of a VPN tunnel to access it via the internet is an absolute MUST. When using a KNX Secure Tunneling interface, be sure to use the strong passwords suggested by ETS and do not replace them with own weak ones.
  • Special attention should go to installations with public areas, i.e. where persons are able to wander around without any surveillance: even a wired KNX system can then be vulnerable to attack;
  • Installations using wireless communication are the number 1 attack target, as communication between devices is completely out in the open, compared to when devices communicate over a dedicated wire. Use of KNX Secure on this medium is therefore highly recommended;
  • If you have a KNX IP Backbone and other IP networks, use a VLAN separation and allow communication between the KNX IP network and other networks only via a suitable firewall.

As the KNX Secure Checklist says, many of the above can be overcome with very simple measures and of course by making use of KNX Secure. KNX offers so many opportunities to make buildings smart that it would be a shame to let this be spoiled by avoidable security attacks.

KNX provides all the required puzzle pieces: one just has to lay them in the right way.

KNX Secure offers maximum protection

Home and building automation with KNX is secure. Our technology follows all necessary security regulations. The KNX Secure technology is standardised according to EN 50090-3-4, which means that KNX successfully blocks hacker attacks on the digital infrastructure of networked buildings. Thus minimising the risk of digital break-ins.

Moreover, KNX Secure meets the highest encryption standards (according to ISO 18033-3, such as AES 128 CCM encryption) in order to effectively prevent attacks on the digital infrastructure of buildings and to achieve the highest level of data protection.

KNX Secure guarantees maximum protection by offering a double protection. KNX IP Secure extends the IP protocol in such a way that all transferred telegrams and data are completely encrypted. KNX Data Secure effectively protects user data against unauthorised access and manipulation by means of encryption and authentication.

data protection
data protection

A commitment for all of us

KNX is a secure technology and we are determined to keeping it so. Therefore, all parties (building designers, system integrators, installers…) need to commit themselves to correctly apply the security measurements that are required.