BACnet Secure Connect: The Future of Secure Building Automation

Posted by Connect with ODIN on Mar 29, 2023 3:13:16 PM


BACnet has been the international standard for building automation systems ever since its introduction in 1995. More than 1,000 vendors and 25 million devices across the globe now use the BACnet communication protocol, and this widespread use has generated plenty of data about the strengths and weaknesses of the technology.

Enter BACnet Secure Connect (BACnet/SC). Today’s increasingly complex BA systems are often cloud-based and require integration with additional IT infrastructures, raising concerns about information security. BACnet/SC, to put it in simple terms, adds a new option for secure communication possible between BA devices, the cloud, and integrated facility systems.

How Does BACnet Secure Connect Work?

The new BACnet/SC does not replace the existing BACnet specification but rather acts as an addendum. Think of it as a complement to current BACnet options that address the urgent need for cybersecurity improvements in building automation.

BAC/net SC is fully backward compatible with your current BACnet devices and retains all of the capabilities of those systems. If anything, BACnet Secure Connect is a way to “future-proof” those devices even as new cybersecurity technologies and options become available. 

Essentially, BACnet/SC uses the Transport Layered Security (TLS) protocol to authenticate the BACnet devices in your automation system and encrypt their communication for better data security. This is the same protocol widely used by email, voice over IP (VoIP), instant messaging, and secure HTTPS websites. 

What are the Benefits of BACnet/SC?

The three main benefits are:

  • Device Authentication: Before gaining access to your BACnet/SC network, every device must first have its identity verified. No verification? No access.
  • Encrypted Communication: The information that travels through your BACnet/SC network is fully encrypted, preventing hackers or bad actors from intercepting the data or interfering with your system.
  • Data Integrity: Any data sent through the BACnet/SC connection is also verified. This means you can always be sure it’s unaltered, authentic information from the original source.

In addition, a BACnet/SC network notably eliminates the need for static IP addresses. This eases the burden on your IT department, simplifying configuration and making it more tolerant of changes in how the network is structured. Other common IT problems with BA networks, such as dependency on network broadcast messaging or compatibility with firewall devices, are no longer an issue with BACnet Secure Connect.

Scenarios for Implementing BACnet/SC

According to ASHRAE, there are “many ways BACnet/SC could be deployed.” Here’s a summary of a few scenarios the organization outlined in a recent whitepaper:

  • Scenario #1: A Facilities Manager might need remote access to a building’s existing BACnet system. This would be most convenient on the public internet, but it can’t allow connections through the building network’s firewall. BACnet/SC makes this possible with a cloud-based hub and a router that routes to the legacy BACnet system.
  • Scenario #2: Perhaps you have a new building and IT policies won’t allow unsecured BACnet traffic. With support from BACnet/SC, your IP-based BACnet devices can be secured, making traffic on the shared IP network safe.
  • Scenario #3: What if your building has a mix of BACnet/SC and legacy (insecure) devices? You can use a BACnet/SC to BACnet/IP router to connect both the newer and legacy networks in a secure fashion.
  • Scenario #4: Multi-site connectivity is also possible. In a case where you’ve got multiple buildings in your portfolio, a BACnet/SC hub on the cloud can connect regional management to the local building networks securely via the public internet or a wireless area network.

Connect With ODIN For Secure Remote Access

BACnet Secure Connect is an important innovation and the future of the BACnet specification. However, there is more than one way to achieve a secure remote connection to your non-BACnet/SC devices and legacy building management system. ODIN is designed to enhance your existing BMS and provide secure access via the cloud to all BACnet devices. Explore our quick and easy cloud connection features to see if ODIN is the right solution for your building’s needs.

Watch Demo

Topics: BACnet

Subscribe Here!

Recent Posts