— James Lee, CEO and President of Cimetrics
BOSTON, MA, UNITED STATES, October 13, 2022 /EINPresswire.com/ — As BACnet-compliant building control devices are increasingly connected to corporate networks, the need to secure them to IT standards becomes critical, all while ensuring the continuation of the interoperability that BACnet has delivered to the BAS industry for over 25 years.
“It was vital that the industry gathered together to create this Manufacturers’ Guide and other material,” said James Lee, CEO and President of Cimetrics. Lee continues, “As more BACnet devices are installed under the watchful eye of IT departments, the BAS industry needs to provide IT professionals with the tools and information they need while creating products to the requirements of the fast-growing BAS industry.”
Creating a secure and interoperable reality at an industry-wide scale was the challenge taken up in 2020 by a group of industry cybersecurity experts under the leadership of Cimetrics. The group’s motivation includes:-
* Identify and outline ways to mitigate cyber threat vectors related to BAS networks.
* Understanding the impact of and proposing ways to manage TLS certificates.
* Ensure secure BACnet devices can be installed & managed by BAS professionals.
* Detail the necessary methods to integrate BAS security with IT/CISO tools.
* Ensure that BACnet devices remain interoperable and secure.
* Outline architecture and tools to secure older BACnet MS/TP and IP devices.
* Drive BAS to zero trust, follow the NIST Cybersecurity Framework and IEC 62443.
A key output from the two years of work is the creation of the Secured by Cimetrics Manufacturers’ Guide to BAS Cybersecurity. The Guide, available for anyone to download and use, provides specific recommendations for BAS control and peripheral vendors to implement in their products. This guide is critical for vendors and other industry professionals to prepare and plan for a future of secure, manageable, and interoperable BAS networks using BACnet.
For BAS vendors: Developing interoperable BAS products to satisfy the demands of rapidly changing IT cybersecurity requirements is challenging for even the largest OEM vendors. The collaboration initiated by Cimetrics to create a guide for product managers to design and implement secure and interoperable offerings provides a clear and common roadmap to ensure broad industry adoption of the requirements to satisfy the needs of BAS engineers and IT departments alike.
For building owners: Ensuring the most secure and effective BAS networks in today’s ever-changing security landscape requires a solid understanding of the direction of the industry, not only to secure BAS systems but also to integrate their management with existing and future IT security tools and processes. This Guide, written for technical professionals, outlines the roadmap for achieving these goals.
For specifying engineers: Specifying engineers play a critical role in the design and architecture of BAS systems for commercial buildings. Over the years, these systems have become increasingly more complex, with digitization being a core driver and, with it, the threat of cyber attacks. The Guide provides engineers an insight into the future of secure and interoperable BAS networks that will be much easier to specify.
For installers: Installers of BAS systems, from HVAC contractors to system integrators, are at the frontline of the challenges of installing secure networks. Their task has been challenging, as past BACnet networks have not been easy to install to the demanding security requirements of many building owners. The Guide provides installers an insight into the future of secure and interoperable BACnet systems.
For IT and networking engineers: With the responsibility to secure enterprise systems, IT and CISO departments are concerned about the increasing attack vectors from BAS networks. Also of concern is the trend of installing shadow networks outside their control, with their unknown risks. The Guide lays out the BAS industry’s architecture to secure BAS networks and integrate cybersecurity-related information into existing SIEM and SOAR tools.
For over 25 years, Cimetrics has led the BAS industry with networking and analytics technologies. The release of this Guide, in collaboration with the vendor community, the BACnet Committee, ASHRAE, and BACnet International, is a watershed moment in the holistic convergence of BAS and IT networks.