EMAIL INTERVIEW – The Future of BACnet Security

Andy McMillan contributing editor and Ken Sinclair

Andy McMillan is President and Managing Director of BACnet International, where he works with users and suppliers to expand and enhance the BACnet community. Previously he served as President of a building automation and energy management business unit of Philips Lighting. Andy has been an invited speaker on BACnet and open systems at conferences around the world. He has been awarded a dozen patents, has co-authored a book on data communications and his background includes BSEE and MBA degrees.

Sinclair - Hi Andy. We’ve heard about BACnet Secure Connect, but for those readers who aren’t sure what it is, can you please give us a quick overview?

McMillan -  BACnet Secure Connect, or BACnet/SC for short, is a secure, encrypted datalink layer in the BACnet specification. It was first introduced as Addendum 135-2016bj by the ASHRAE BACnet Committee but is now fully incorporated in the standard as Annex AB. It’s specifically designed to meet the requirements, policies and constraints of minimally managed to professionally managed IP infrastructures. It doesn’t replace existing BACnet options but complements them. It’s one piece of the larger industry effort to address the growing need for cybersecurity in building systems.

Sinclair - And is BACnet/SC available in the market?

McMillan - Building automation manufacturers are currently working on incorporating BACnet/SC into their products. Last year, BACnet International developed the BACnet/SC Interoperability Acceleration program to help manufacturers fast track their BACnet/SC development efforts. The program generated a reference implementation and configurable test bench for BACnet/SC which is available on open source on Source Forge for all BACnet product developers.

Sinclair - So is BACnet/SC the solution to BACnet security?

McMillan -  Well, cybersecurity is a large and complex problem, so this doesn’t solve the whole problem but BACnet/SC is an essential step. It’s an essential step because it provides inherent security in the messages among devices. And the BACnet Committee is making strides advancing security for BACnet systems. You’re going to start hearing about “Managed BACnet”, which is the next step in BACnet security.

Sinclair - Can you tell us more about Managed BACnet?

McMillan - Managed BACnet began as an ad-hoc technical consortium focused on accelerating interoperable cybersecurity in BACnet systems. It is being moved into BACnet International as a focused program to expand supplier involvement and extend its impact. There will be several components to the program.  It will generate proposals to the BACnet committee on topics such as message authorization and interoperable security management. It will also publish voluntary interim guidelines for manufacturers to align with the expected development of the standard. The Managed BACnet Program will also develop reference implementation prototypes and test tools for key additions to the BACnet specification, including addendum CC (interoperable certificate management in BACnet/SC systems).

Sinclair - How can our readers find out more about Managed BACnet?

McMillan - There will be more information about Managed BACnet shared at the AHR Expo in Las Vegas at the end of January. BACnet International is hosting free in-person education sessions on Monday, January 31^st that will cover BACnet security and include more information on Managed BACnet. These will be recorded and available on The BACnet Institute after the show. We will also have information in our booth (#C1850) describing the Managed BACnet Program and explaining how suppliers can join. Interested parties can also contact our office at info@bacnetinternational.org for more information.

[an error occurred while processing this directive]

[an error occurred while processing this directive]
[Click Banner To Learn More]

[Home Page]  [The Automator]  [About]  [Subscribe ]  [Contact Us]