3/13/2019

Essential Steps to Securing IoT-based Building Automation

Network security in building automation is currently an area of growing concern. The migration to all-IP communication backbones and the usage of the Internet of Things (IoT) in building functions opens new possibilities for integration and functionality. Since more and more services and business cases rely on IP-based networking in building automation systems, the potential damage incurred by hackers is growing rapidly as well. This applies even more to upcoming IoT solutions, which not only use the Internet as added-value but build on it as an integral part of the system architecture.

As smart functions and connectivity are implemented in building automation, communication systems including LonWorks, BACnet, or KNX have been on the market since the late 1990s and offer connectivity in the field (so-called fieldbus systems). At the time, IT professionals didn't know much about building automation systems (BAS) because these systems were not on their corporate IT Ethernet.

However, with the migration from long-proven two-wire serial communication to Ethernet, IP-based communication was the focus of the first decade in the new millennium, supporting vertical integration. IT professionals were concerned about what was on their Ethernet network and needed to do a risk management assessment to find out the risks associated with connecting the BAS to their networks.

Each IoT device has a Web server. Recall this fact and combine it with the knowledge of how many Web servers on the Internet are hacked and you will realize security should be a number one priority when integrating IoT in a building or anywhere else.

To combat the inherent security threats that come with IoT devices, the following essential steps can help an enterprise harden overall BA security:

1. Good communication with IT professionals
The major challenge for BA solution providers is lack of knowledge of the cybersecurity domain. Typically, an enterprise's IT department has been responsible for IT infrastructure while the facility management department handles BAS. The two parties seldom communicate with each other, which may cause a cybersecurity protection loophole for enterprises.

With increasing cloud-based applications, building owners, managers, and IT professionals need to create BA infrastructures that provide very high levels of security. At the same time, on the IT side there is a mature set of best practices for implementing and managing secure communications infrastructure.

2. Educate the market with the importance of cybersecurity
The other issue is that users may not be aware of the importance of BA security. Most property owners or managers have recognized the necessity of maintenance investment in IT infrastructure security. On average, nearly 10% of IT budgets are dedicated to cybersecurity. However, there is no such corresponding budget allocated to maintain the security of building automation systems. It's necessary to embrace the IT security standard and provide countermeasures to achieve a safer building automation environment.

BA solution providers also need general awareness of security at all levels of the BA systems design, engineering, deployment/install, commissioning and maintenance/service.

3. Compliant with security standards and countermeasures
Recently, there are more cybersecurity initiatives for BAS to adopt such as UL2900 and ISO27001. In addition, to secure BACnet/IP networks a “BACnet Secure Connect (BACnet/SC)” provides the means to create secure communications connections between BA devices both across the cloud and within facilities. With the latest techniques for security and easy integration with IT infrastructure, BACnet/SC preserves the capabilities of backward compatibility with all existing BACnet deployments and devices.

The growing awareness of cybersecurity over BA systems will be the key driver for the evolution of BA controllers. Delta's subsidiaries, LOYTEC and Delta Controls, offer secure services that are typically used in building automation. Please see the following articles for more details.

Read more:
IoT Security Technologies Protect Smart Building Control
Delta Building Automation Offers the Latest Cybersecurity Solutions

News Source:Delta Building Automation