Over the last two years we’ve seen an increase in the number of attacks against automated buildings. Many of these attacks, including the ones that have made the headlines, have occurred because of the lack of security added to the BMS when installed.
Knowing what security measures to take and, more importantly, how to implement them is a challenge. This is where we can help. Our sister organisation, Abtec Network Systems, has specialist knowledge to help secure BMS and head ends. It has helped many BMS and energy specialists harden their network connections and add appropriate security to projects.
It’s worth talking to the client about security from the early stages of the project as this will help identify what kind of security is appropriate. Most of the BMS security measures we discuss in the article are low cost and fairly simple to implement. Some of your larger projects will warrant additional security measures, for example if the project includes building access control, and again we can help here too. We can work on your behalf, identifying the best security measures to take, with your client.
Call us on 01858 438 550 to discuss how we’ve helped other specialists like you secure their clients’ projects.
Don’t forget we’ve also created a free training session that looks at securing building automation projects. You can book onto this here:CPD Training
Also, our white paper looking at the best way to provide remote connections to BMS can be found here, it’s well worth a read.White paper
In our latest article for KNX Today, the leading online KNX journal, we explore some of the steps to take to protect KNX projects from cyber attack. You can read the article here.
Attacking industrial control protocols and building management systems (BMS) is nothing new. Over the last 18 months however, the number of reported attacks on such systems appears to be growing. The common thread between some of the more notable cases is Internet Protocol (IP) networks. The trend in deploying building control projects over IP networks has the potential to make those systems less secure – if you don’t exercise appropriate IP security.
The article highlights some of the simple steps to take to secure KNX projects delivered over IP networks. It’s part of a series of articles that addresses the changing deployment methods of BMS systems. Historically these systems have been deployed on their own self-contained network. It’s now popular to deliver KNX and BMS projects over IP networks. The articles focus on protecting these projects from cyber attack.
For more information about how to deploy KNX and BMS projects over IP sign up for our free trainingCPD Training
or download our white paper “Providing Remote Access Connections for Building Services Projects”White Paper
The challenge is that many of us are using standard internet access to make those remote connections. This, together with the fact that many popular BMS and building control systems don’t have the strongest built in security, can create vulnerabilities for your clients.
This white paper explores what other options are available for consultants and engineers. It highlights the variety of connectivity technologies and suggests what would be best to use when. The paper recommends using private, secure networks rather than the internet to access client sites remotely, and gives clear recommendations to help identify the right network provider for your projects. The great this is that the cost of private, secure connections that avoid the internet is about the same as standard internet connectivity.
Download the white paper here.Download
And don’t forget if you need help with IP networks we’ve developed a free, accredited training session that can be delivered at your premises. Find out more here.CPD Training
It will be interesting to compare this event to the Light and Build 2014 exhibition we visited earlier this year. One of the biggest take away points here was the idea of connected devices. Most of the new products we saw were connected, at some point, to a network. The interesting point was just how little the manufactures of those connected devises had thought about network security. Many were flummoxed by simple questions around security.
This is exactly what our CPD offers, a guide to how to protect your projects from cyber security threats when delivering projects over IP networks.
You can book onto the CIBSE accredited course when you arrive at the exhibition.
The IP networks CPD training, which has been approved by the Charted Institute of Building Services Engineers (CIBSE), is free and can be run on your site. It can be run over a lunch-hour with plenty of time for questions and answers.
As more building building controls and building management systems are deployed over IP networks the training delivers the following:
Download our brochure about the course.
This iconic, East London building was opened to the public on 29th September. “It’s fantastic to see Abtec’s cost and energy reduction expertise in use in this landmark building” says Dave Watkins, MD of Abtec Building Technologies. Read all about it in this new case study.
The uniquely shaped, glass-clad structure is London’s newest landmark and encompasses an area of more than 6,300 square metres. Inside is the world’s largest exhibition on the future of cities covering 2,000 square metres. The high-tech exhibition is fully interactive with two immersive film theatres and more than 50 screens with a host of games and experiences that help visitors explore the cities of the future.
Abtec’s role in this historic building included:
“Our technology has helped Siemens take complete control of the building. It will be integral as the building aims to be one of the greenest in the world” adds Dave.
Lack of networking security is an issue that we see will grow and grow. In recent months we’ve seen a number of high profile building hacks that have hit the headlines. One of Google’s Australian offices was hacked into in 2013, the hackers were able to download floor plans and access the building’s controls. In December 2013 malicious hackers ‘compromised’ an estimated 40 million customer credit card details of US discount store Target.
It’s alleged that the Target hack was executed through a remote access connection set up by a HVAC company that provides remote monitoring into large refrigeration units. Whilst the details of the Target hack are still sketchy, an investigation is still ongoing, we are certain that the Google hack was delivered by an unsecured ‘back door’ into the company’s BMS.
Absolutely not, what it highlights is that our industry’s attitudes to security matters needs to change. We’ve raised this issue in this month’s edition of the CIBSE Journal, the trade journal for building services engineers.
We’ve helped many BMS and M&E contractors ensure that their projects are deployed safely and securely. Our Network Design Validation Service helps reduce the risks of problems occurring to your projects, and can ease the deployment of the project too. Contact us on 01858 438 550 for more information about our Network Design Validation Service.
“With Lighting for Professionals you can order high quality LED light fittings. The items on the site have been selected because of their durability, high quality LED components and ease of fitting.” pronounces Chris Topham, Head of Marketing at Abtec.
The site holds much of the stock of the Spanish LED lighting company BPM Lighting. “We’ve been working with BPM Lighting for some time now and we are really pleased to be the first UK online retailer supplying BPM’s products” adds Topham.
The site offers a trade account function that offers customers additional discounts and extended payment terms. Find out more by visiting www.lfp.uk.com