By Ed Nugent
From the April 2018 Issue
Smart buildings automate occupant comfort and safety and—when connected to a microgrid—energy management. A building management system (BMS) integrating traditional methods with energy optimization minimizes costs by evaluating real-time consumption in relation to buying, selling, or storing energy. Through a growing interconnection of energy, facility, information technology and security systems, smart buildings gain efficiency, flexibility and sustainability. In today’s hyper-connected world, cybersecurity is critical. The exposure to blended cyber-physical attacks also increases.
Operations and security managers have different objectives. The security focus is cyber-physical anti-intrusion. Operations’ focus is efficiency, sustainability, and overall cost of building operation. There is substantial effort required to optimize, consolidate, and rationalize building management strategies with security requirements.
A multinational, applied research and development project has defined a comprehensive Smart Building System Architecture that supports both.(1) The objective is prediction of net energy consumption and a unified view of building and security systems. It is a concept innovation integrating energy, facility, IT, security management, and control systems in a comprehensive, modular system of systems.
Reaction to a Cyber-physical Attack. The ability to react translates into detecting anomalies that require a response to mitigate or block. An innovation of the architecture is to consider energy and security information in combination. This enables high-level indicators (e.g. the number of people in a room) that are useful for both security monitoring and energy/facility management optimization.
BMS is an Operations Technology (OT) function, which is vulnerable to cyber-attacks. Persistent design vulnerabilities are inherent in OT systems. Most BMS components in the field today such as BACnet Controllers, PLCs, and Intelligent Electronic Devices (IED) found in a microgrid, do not support third-party IT security software.
The International Society of Automation, describes it this way,(2) “OT systems are not designed to ensure resilience against concerted attacks that intend to place components in dangerous operating states. This is expected to be a growing area of cyber-attack and engineering research.”
As a consequence, a reasonable approach to protect smart buildings is to create a cross-functional team to implement both active and passive cybersecurity. Security is responsible for a design that conforms to the architecture, but operations has a key role in identification of building systems where active cybersecurity is feasible, meaning where IT cyber security measures will not disturb the system. More importantly, operations must also identify critical systems for passive monitoring in areas that would risk disrupting building operations by generating false positive events.(3)
Synthesized KPIs. Key performance indicators (KPIs) were developed to correlate operations and security events and measures. The KPIs are synthesized from: (1) energy supply and efficiency, (2) building automation, (3) information and communications technology, and (4) security and safety. They provide unified access to optimize the energy supply for the building, monitor the physical and cyber security of the building and monitor the IT infrastructures in order to obtain these two goals simultaneously.
Unified Access. A BMS supervises building automation subsystems such as ventilation, lighting, power, fire detection, and when present, a microgrid. A unified security interface adds supervision of physical and cyber security.
Contextual HMI. Smart buildings are incorporating Internet of Things (IoT) sensors connected via cloud technology. Different sensors have separate portals to access information. This can be difficult to manage without context. At risk is the loss of situational awareness, impacting both efficiency and safety.
Maximum situational awareness is obtained with Contextual Human Machine Interface (HMI). Contextual HMI enables personnel managing and maintaining building equipment to have KPIs and relevant equipment information and controls at their fingertips.(4) It presents KPIs and real-time building status in the context of the user’s job and current physical location.
Adaptive Demand and Response. Secure and effective forecasting and management of resources is the “smartness” which the architecture relies on to perform holistic building monitoring and optimization. The focus is real-time energy management and day-to-day building management. The aim is to ensure that the building is controlled in a way that optimizes a target measure. This may mean decreasing energy consumption or reaching a given level of occupant comfort or a combination.
Smart buildings gain efficiency, flexibility and sustainability through interconnection of security, energy, facility, and information and communications technology. Exposure to blended cyber-physical attacks increases as a result.
The Smart Building System Architecture enables energy prediction with unified access for operations and security. It is a platform for deploying a system that is efficient and secure by design. Successful implementation requires a cross functional team of security and operations managers.
Synthesized KPIs correlate building operations and building security events and measures in a unified view delivered with contextual HMI to the right person, at the right place, and at the right time.
- “Facility Using Smart Secured Energy & Information Technology”, Trusted Monitoring and Intelligent Consumption Data Management for Smart Buildings Panel, Proceedings of the 2017 IEEE Power & Energy Society General Meeting.
- “What Executives Need to Know About Industrial Control Systems Cybersecurity”, Weiss J 2016, International Society of Automation.
- “Cybersecurity and industrial control systems: a new approach”, 2014 Sentryo S.A., CC BY-SA FR 3.0 Conception, layout, translation: BloomBox Studio.
- “Systems and Methods for Location-Based Control of Equipment and Facility Resources”, US Patent Office Publication, November 14, 2017.
Nugent is chief operating officer for PcVue Inc., a global independent SCADA/HMI provider in Woburn, MA. With 24 years of experience with SCADA development and implementation, his career has spanned education, engineering, and management leveraging a passion for capturing and communicating the business value of measurement and control technology. He has a Bachelor of Science in Engineering Mechanics from the University of Wisconsin and a Master’s in Business Administration from the University of Puget Sound. Nugent is an author and editor for the University of Hawaii’s Pacific Center for Advanced Technology Training SMART Grid Curriculum Development project; an American Recovery and Reinvestment Act program of the U.S. Department of Energy.
Do you have a comment? Share your thoughts in the Comments section below or send an e-mail to the Editor at firstname.lastname@example.org.