Stay in Control: Specifying building automation systems for cost savings

Security measures
As large online security breaches have come to light in recent years, building professionals are increasingly asking about how to secure their Internet-facing building BAS. For the building design team, three cyber security best practices will improve the security of a building automation system against unauthorized access:

ensure network isolation by deploying behind a firewall or on a virtual private network (VPN);
use the security features built into the BAS; and
configure the system securely by disabling guest user accounts and using strong password protection protocols.

Since BAS are networked throughout buildings (and often to the Internet) to enable remote access by facility managers, it is crucial to isolate the automation system from other internal networks, such as financial management or credit card processing. To accomplish this, the building design team should involve the client’s information technology (IT) experts early in the BAS selection process, as this is a specialized aspect of specification writing and usually requires acquisition and installation of additional hardware dedicated to protecting the building networks from both external and internal attacks. This hardware (e.g. firewalls, VPN routers) is extremely important and needs to be state-of-the art to combat the evolving means of attacking networks.

For the BAS itself, a control module with multiple Ethernet ports is an important security feature that helps to isolate the network. Such control modules physically separate the building systems from connections to outside networks. It is also important to specify a BAS that can be configured to use signed certificates for web connections to prevent ‘man-in-the-middle’ attacks when users log into the server. Beyond network connections, another security feature built into some BAS is a system that does not automatically execute code from USB thumb drives. This helps prevent a BAS user from inadvertently introducing a virus or other malware into the BAS.

Building automation systems are installed throughout the world, including in this Turkey skyscraper.

Securely configuring the system once it is installed is important, so it is critical to ensure the BAS has a security manual that provides information on how to best accomplish this task, and then make sure the contractor follows those guidelines. Additionally, the BAS integrator should have documented the processes and procedures they followed for designing and implementing the system, which will be a crucial reference for the building owner.

Cyber-security threats change frequently, and need constant vigilance. Anyone who touches the system should be trained at a minimum in cyber-security awareness, and ideally should be certified to securely deploy vendor systems. It is also important they are aware of the building owner’s cyber security standards and practices. Building owners should also keep in mind the BAS will require maintenance, which might include patches to the operating system, and anti-virus software updates and management.

Strong cyber-security is a three-legged stool comprising:

manufacturers and software vendors, who continually evaluate and improve the security of products;
contractors and installers, who ensure their customers’ systems are properly and securely installed; and
end-users, who build and maintain a culture of security within their organizations through the use of cyber security best practices.

Wall sensors
As with BAS software, a key differentiator among wall sensors is how easy they are to use—important for both facility staff and building occupants. Vendors have become increasingly sophisticated with designing wall sensors. One unit introduced in 2014 was designed according to what users are accustomed to seeing with their smartphones. For example, the unit includes easy-to-interpret icons for temperature control, and clear navigation tools to see interior and exterior temperatures, relative humidity (RH), and carbon dioxide (CO₂) levels. To enable building occupants to see the HVAC operating condition from across the room, the unit has color light-emitting diode (LED) lights along its bottom to indicate either heating (red) or cooling (blue).

In terms of design styling, in commercial buildings, thermostats have often been visually ‘boxy.’ Now, manufacturers are focusing on aesthetics of these units in addition to performance. Some units are designed to be sharp and crisp with a low profile to complement modern architectural styling. Building owners and occupants have even gone so far as to say such units are ‘sexy.’ At any rate, a thermostat does not necessarily need to be a clunky box hidden around a corner, but can be a sleek addition to a room or hallway.

Conclusion
A properly equipped and configured automation system can save building owners tens of thousands of dollars or more on annual energy costs. Additionally, some facility professionals use the systems to save costs in other ways. For example, in Russellville, Arkansas, the school district officials use their BAS to monitor food and beverage freezers and coolers in schools throughout the area. The system sets off an alarm if temperatures begin to go out of range, which enables the facility staff to take prompt action and thereby avoid costly and wasteful spoilage.

To maximize the cost savings, when specifying an automation system it is important to think about each component—control module, software, and wall sensors—and consider how easy they are to use, and how flexible they are to changing technologies and building user needs.

Notes
¹ For more, see “Building Automation Systems” at fpl.bizenergyadvisor.com. (back to top)
² Visit “U.S. Building Automation Market Primed for Growth,” at technology.ihs.com. (back to top)
³ See note 1. (back to top)
⁴ See www.bu.edu/facilities/what-we-do/buildings/building-automation/ for more. (back to top)
⁵ Visit “EPA Building Commissioning Guidelines” at www.epa.gov. (back to top)
⁶ See “BACnet overview” at www.bacnet.org. (back to top)
⁷ See “Communication Systems for Building Automation and Control,” by Kastner, Neugschwandtner, Soucek, and Newman, Institute of Electrical and Electronics Engineers (IEEE), at www.researchgate.net. (back to top)

Kevin Callahan is a product marketing manager for Alerton, a Honeywell business. He has 38 years of experience in the building control technologies field, including control systems design and commissioning, facilities management, and user training. Callahan can be reached at kevin.callahan@honeywell.com.

Pages: 1 2 3

Got News? Click here to share your story!

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
JSESSIONID	session	The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat	1 minute	This cookie is installed by Google Universal Analytics to restrain request rate and thus limit the collection of data on high traffic sites.
_gat_UA-	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
ADV_u_id	3 months 8 days	Unique customer identifier used to track unique ad views and interactions with some ads.
loc	never	AddThis sets this geolocation cookie to help understand the location of users who share the information.
OAGEO	session	OpenX sets this cookie to avoid the repeated display of the same ad.
OAID	1 year	Cookie set to record whether the user has opted out of the collection of information by the AdsWizz Service Cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.

Comments Cancel reply