Tel: +1-617-350-7550

Proposed Data Link Would Improve the Network Security of BACnet-based Building Automation Systems

Proposed Data Link Would Improve the Network Security of BACnet-based Building Automation Systems

June 05, 2018

The BACnet standard (ANSI/ASHRAE Standard 135) has included optional network security functionality since it was originally published in 1995, and there was a major change to that functionality published in 2010. However, BACnet’s network security functionality has never been widely implemented in commercial building automation products. Building owners have often deployed VLANs, VPNs, and physically separate networks to make it more difficult for the operation of building automation systems to be disrupted (intentionally or unintentionally) by other network-connected devices.

An ongoing project within the BACnet committee has resulted in a proposal for a new BACnet data link that is built on the WebSocket and TLS protocols, which are widely used Internet technologies. (TLS is commonly used to secure the communication between web browsers and web servers.) As specified in the proposal, TLS would enable industry-standard encryption and certificate-based device authentication in BACnet-based systems that employ the new data link. BACnet routers would be used to enable interoperability with devices that communicate using one of the other BACnet data links.

The document that contains the specification for the proposed new data link is in public review through July 16, 2018, and it can be downloaded here.



Leave a comment

Comments will be approved before showing up.


Also in Cimetrics News

May 2022 Newsletter
May 2022 Newsletter

June 02, 2022

SbC Local Network/Security Manager, Cimetrics CEO presents Smarter Buildings presentation at Realcomm and IT Industry Technologies and Best Practices at ASHRAE annual conference, July Analytika User forum and more...

Read More

Cybersecurity News May 2002
Cybersecurity News May 2002

May 31, 2022

Cybersecurity mesh, agribusiness cybersecurity, EU Network and Information systems directive and more...

Read More

April 2022 Newsletter
April 2022 Newsletter

May 03, 2022

What is new this month with cybersecurityNational Institute of Standards and Technology (NIST) revised cybersecurity supply-chain guidance, Tenet Health cybersecurity incident, Poisoned AI, U.S. Department of Energy (DOE) cybersecurity research projects and more...

Read More