What Role does Security Principles Ply in Building Automation?
Construction Business Review | Monday, September 14, 2020
With the rise in the desire to integrate security-critical services, security can no longer be neglected; therefore, the development of a comprehensive security concept is significant.
Fremont, CA: Building automation is moving from a propriety network to IP networks making a considerable impact on network management because there will be an influx of Building IoT devices on the network. The tools will have to be added securely to the network and then provisioned in the BMS. In order to reuse an existing managed IT network, the devices have to be evaluated by the IT managers prior to onboarding to the network. Utilizing the same IT network for IoT devices will avoid duplicating a second network in the building, along with the benefit of reusing the then operational infrastructure to manage the devices. Considering these reasons, similar security requirements must be applied for Building IoT devices.
The IoT devices have to be configured to make it a part of the operational environment. For security reasons, it has to be ensured that the most reliable available security mechanisms must be used to join the secure domain. Only Datagram Transport Layer Security (DTLS) methods are allowed to achieve strong security.
The clients and the servers having a similar safe domain can interoperate securely, enabling them to set up secure communications channels while communicating with each other.
Open Connectivity Foundation (OFC) devices use Public Key Infrastructure (PKI) certificates for onboarding, providing the same level of security that is used for internet banking and other highly sensitive environments. PKI is a set of roles, hardware, policies, software, and procedures that are needed to create, distribute, manage, use, store, and revoke digital certificates, and manage public-key encryption.
IoT devices will be a part of an operational environment, and the manufacturer must work in concert with the OT manager to manage upgrades in most of the cases because the manufacturer may not know about the critical activities and periods needed uninterrupted service. Additionally, the OT manager will often have to evaluate updates in a lab environment before applying it. For addressing these issues, the manufacturer has to supply a software upgrade package and the IT and OT managers will both be responsible for implementing the software update.
See also: Top IoT Companies
