June 05, 2018
The BACnet standard (ANSI/ASHRAE Standard 135) has included optional network security functionality since it was originally published in 1995, and there was a major change to that functionality published in 2010. However, BACnet’s network security functionality has never been widely implemented in commercial building automation products. Building owners have often deployed VLANs, VPNs, and physically separate networks to make it more difficult for the operation of building automation systems to be disrupted (intentionally or unintentionally) by other network-connected devices.
An ongoing project within the BACnet committee has resulted in a proposal for a new BACnet data link that is built on the WebSocket and TLS protocols, which are widely used Internet technologies. (TLS is commonly used to secure the communication between web browsers and web servers.) As specified in the proposal, TLS would enable industry-standard encryption and certificate-based device authentication in BACnet-based systems that employ the new data link. BACnet routers would be used to enable interoperability with devices that communicate using one of the other BACnet data links.
The document that contains the specification for the proposed new data link is in public review through July 16, 2018, and it can be downloaded here.
Comments will be approved before showing up.
July 01, 2025
New BACstac/DN Release + Smart Sensors for Building Efficiency & Training Opportunities
June 30, 2025
NIST flags rising cybersecurity challenges as IT and OT systems increasingly converge through IoT integration, FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector, Cybersecurity experts share practical advice for small businesses and more...
May 29, 2025
Midyear Roundup: Nation-State Cyber Threats in 2025, The Current Cybersecurity Landscape, Explained - J.P. Morgan, Why AI Is The New Cybersecurity Battleground and more...