With today's ongoing integration of heterogeneous building automation systems, increased comfort, energy efficiency, improved building management, sustainability as well as advanced applications such as active assisted living scenarios become possible. These smart homes and buildings are implemented as decentralized systems, where embedded devices are connected via networks to exchange their data. Obviously, the demands - especially regarding security - increase: Secure communication becomes equally important as secure software being executed on the embedded devices. While the former has (recently) been addressed by standardization committees and manufacturers, until now no scientific research is available, that targets the problem of secure control applications in this domain. No attack model has been defined, no security measures have been recommended, existing measures from other domains are either too cost or time intensive to deploy, cannot be trivially applied to or do not cover specific demands and constraints of the building automation domain. Thus, deploying adequate control application security measures is left open to developers, who are overburdened with the manifold and often unknown security requirements. This yields to insecure control applications, which enable adversaries to attack building automation systems. This dissertation introduces an architecture for distributed control applications in smart homes and buildings, which tackles the problem on how to secure software running on different device classes. The following novelties are contributed, which - to the best knowledge of the author - have not been addressed in research, yet: a comprehensive identification of security requirements for control applications in smart homes and buildings, an application model capable of depicting control applications in a formal way, the concept of security attributes, being able to formally specify a security policy, and a framework, which allows the secure development and execution of control applications, and an enforcement of the defined security policies.