ITcon Vol. 30, pg. 524-543, http://www.itcon.org/2025/22

Building digital trust in CDE-based BIM workflows: Key strategies

DOI:10.36680/j.itcon.2025.022
submitted:January 2025
revised:March 2025
published:April 2025
editor(s):Amor R
authors:Anja Brelih, PhD candidate,
University of Ljubljana, Faculty of Civil and Geodetic Engineering, Chair of Construction Management
ORCID: https://orcid.org/0009-0005-5951-5628
anja.brelih@fgg.uni-lj.si

Robert Klinc, PhD,
University of Ljubljana, Faculty of Civil and Geodetic Engineering, Chair of Construction Management
ORCID: https://orcid.org/0000-0002-0027-420X
robert.klinc@fgg.uni-lj.si
summary:The adoption of Building Information Modeling (BIM) and Common Data Environments (CDE) in construction has increased the need for robust security and privacy frameworks, especially as these platforms increasingly leverage cloud-based technologies. This paper examines the mechanisms required to protect sensitive project data in BIM and CDE environments, including financial data, intellectual property and personal data. It emphasises the crucial role of trust — cognition-based, affect-based and system-based — in promoting safe and collaborative workflows and explores the concept of digital trust as a foundation for reliable partnerships in cloud-based construction environments. A critical analysis of ISO 19650-5 identifies significant gaps in addressing the complexity of cyber security and argues for explicit technical guidelines to protect against cyber threats. It also highlights inconsistencies in the transparency of security practises of widely used BIM and CDE providers and emphasises the need for improved disclosure to increase user trust. To provide a structured approach to threat mitigation, we introduce the Process for Attack Simulation and Threat Analysis (PASTA) framework and demonstrate its applicability in aligning business and technical risks within BIM and CDE workflows. In addition, this paper proposes to integrate security requirements into the BIM Execution Plan (BEP) to improve alignment across all project phases. Recommendations are provided for providers and users to establish a trust-based approach to information security that ensures compliance with standards and promotes the resilience of construction workflows. This paper highlights practical pathways to enhance the security of BIM and CDE implementations, focusing on robust technical safeguards and the role of trust in collaborative projects.
keywords:Building Information Modeling (BIM), Common Data Environment (CDE), digital trust, security, PASTA methodology, standardization
full text: (PDF file, 0.972 MB)
citation:Brelih A, Klinc R (2025). Building digital trust in CDE-based BIM workflows: Key strategies, ITcon Vol. 30, pg. 524-543, https://doi.org/10.36680/j.itcon.2025.022
statistics: