Integration of Cybersecurity in BIM-enabled Facilities Management Organisations

Ghadiminia, Nikdokht (2021) Integration of Cybersecurity in BIM-enabled Facilities Management Organisations. Doctoral thesis, Birmingham City University.

Final Submission Thesis_.pdf - Submitted Version

Download (2MB)


Building Information Modelling (BIM) enables the creation, exchange and storage of digital information which represents digital and physical assets within a facility. The data within the in-use phase of a BIM project life cycle incorporates the highest level of details, where the as-built data of the facilities are managed and maintained by the facilities management (FM) organisations. The connection of BIM with the FM systems facilitates access to as-built and as-maintained data of all components within a facility, which may enable control of the devices and systems within the facility. Hence, facilities and their occupants become ever more vulnerable to cyber-attacks with malicious intentions of harming the occupants or disrupting and destructing the facilities. Thus, effective cybersecurity management is required to protect data.

Findings from the review of literature were summarised in a cybersecurity risk matrix, to bridge the concepts of cybersecurity and BIM in FM by unveiling the impact of a cybersecurity attack, resulting in a compromise of the integrity, availability, and confidentiality of data in various task areas of a BIM-enabled FM (BIM-FM) organisation. Hence, emphasising the significance of effective and efficient management of cybersecurity in preserving the benefits associated with the implementation of BIM in FM. Review of the literature showed that both academia and industry are more focused on the technical aspects of using BIM in FM, which is often coupled with an overdependency on technical cybersecurity measures. Thus, investing in a mature implementation of BIM, that includes cybersecurity considerations from a people and process perspective, is often overlooked in FM organisations. This has resulted in an increased vulnerability to a cybersecurity attack that may compromise the potential BIM benefits in FM. Therefore, this study sought to shift focus to the people and process aspects of the issue of cybersecurity in BIM-enabled FM, by exploring the people and process related BIM and cybersecurity determinants that contribute to a more cybersecure BIM-FM.

An inductive approach to the research facilitated a multi-disciplinary exploration of the concepts of BIM and cybersecurity, which resulted in the demarcation of the research focus to the BIM enabled facilities management organisations. This was followed by a literature review and qualitative analysis of secondary data from BIM maturity models and cybersecurity best practice guidelines to investigate the requirements of a cybersecure implementation of BIM in FM. Findings were structured to form the primary research framework, that was further enhanced and improved using the empirical findings collected via 25 semi-structured interviews with facilities management professionals. Findings from the thematic analysis of the interviews were coalesced with the literature review findings to develop the BIMCS-FM framework upon the primary research framework. The BIMCS-FM framework presents the determinants of a cybersecure BIM in FM and their interconnections, to assist BIM-FM organisations in their approach to cybersecurity management. The framework was validated using expert opinion that was carried out using semi-structured questionnaire, that was qualitatively analysed to make final revisions on the framework.

The BIMCS-FM framework acts as a prompting mechanism for BIM-FM organisations to integrate cybersecurity within all aspects of BIM in FM. This framework expands the scope of BIM maturity, by incorporating cybersecurity considerations as part of the management of BIM in FM. Hence, creating a unified approach towards the management of both BIM and cybersecurity in FM. The application of this framework to BIM-FM can benefit from the future development of process models to enable the build-up of knowledge, skill sets, awareness and culture that is required for a cybersecure implementation of BIM. This study also provides a foundation for future research into the complexities of cybersecurity in protecting the digital information in various task areas of a BIM-FM organisation.

Item Type: Thesis (Doctoral)
28 September 2021Completed
Uncontrolled Keywords: Cyber security, BIM, Facilities Management
Subjects: CAH11 - computing > CAH11-01 - computing > CAH11-01-03 - information systems
CAH11 - computing > CAH11-01 - computing > CAH11-01-07 - business computing
Divisions: Doctoral Research College > Doctoral Theses Collection
Faculty of Computing, Engineering and the Built Environment > College of Computing
Faculty of Computing, Engineering and the Built Environment > College of Built Environment
Depositing User: Kip Darling
Date Deposited: 19 Nov 2021 11:18
Last Modified: 20 Jun 2024 11:45

Actions (login required)

View Item View Item


In this section...