Building Management Systems (BMS), or alternatively, Building Automation Systems (BAS), may refer to computer-based systems that monitor, manage and control various electrical and electromechanical functions within a specific facility. Typically, BMS are implemented in large-scale structures, operated by a wide array of critical functions, including:
– Heating, Ventilation & Air-Conditioning (HVAC)
– Power Distribution & Consumption
– Fire Safety/Extinguishing
– Elevator Control
– Security, Observation & Surveillance
– Illumination Control
– Building Access Control
– Renewable Energy
However, as these centralized systems can potentially bring greater efficiency, they are also susceptible to hacking and cyber-attacks due to the interface of the operational technology (OT) landscape with IT/wireless networks and the internet. Since any connected device is vulnerable and controls critical functions within the building, hackers who manage to penetrate the BMS can inflict serious damage to key operations.
Hackers are becoming much more interested in operational technology, the physical connected devices that support industrial processes. They can gain access to email communications and confidential financial information, and worse, they could have the ability to eliminate an organization’s electricity. The nature of the problem depends on the way the BMS is modelled, installed and operated. Until recently, BMS professionals/companies put greater weight on operational efficiency, yet with relatively low consideration of impending security threats. Consequently, many BMS do not employ adequate cyber-security controls and risk mitigation measures.
According to a study by Navigant Research, total global revenue from commercial building automation will increase from approximately $70 billion and reach $101 billion in 2021. The largest market for BMS spending is North America, which is forecast to remain so for approximately two years. The second largest market is Europe, where interest in BMS is gradually rising. However, these markets will lose ground to the APAC market in the coming five years, due to the swift growth of Asian markets, and the construction sector in particular. A study by Pike Research predicts that these three regions will experience double-digit compound annual growth rates in the BMS industry until 2021.
The BMS/Smart Building industry has been progressing in the last decade. Technological advances have increased efficiency and lowered costs for building owners and operators, leading to greater demand and a high adoption rate of smart technologies. Through market analysis, we have identified the following prominent trends in the above-mentioned industry:
– BMS/Smart Buildings Advance to the Cloud: Building automation is generating large quantities of information while more and more players are tapping into the data inflow.
– US Energy Companies Turn to the Government Sector: American energy service companies have further expanded their activities beyond the commercial and industrial sectors, and began working with the Federal Government.
– Convergence of Building Communication Protocols: BMS and IT systems are converging to feed data into centralized systems and software applications.
– Rising Awareness of BMS at the Design Stage: Basic considerations relating to energy efficiency, automation and the integration of various building systems are being weighted early in the decision-making process.
– Increasing Demand for BMS/Smart Building Technology in APAC (China, India): The building industry in the APAC region is on the rise.
– Key Industry Leaders Are Acquiring Nascent Technology Companies: In recent years, the industry has been witnessing progressively targeted acquisitions emerging technology companies by powerhouses in the realm of BMS/Smart buildings.
In essence, BMS are a subgroup of control systems for industrial purposes, frequently used in critical infrastructure and industries. Due to the sensitivity and criticality of these functions, such control systems are usually highly secure, unless designed a significant time ago. Nevertheless, certain “blind spots” have been exploited in recent years and these type of systems have been compromised in several notable attacks:
– In 2010, a malicious computer worm known as Stuxnet supposedly disabled 30% of Iran’s uranium-enrichment centrifuges (part of a broader nuclear program), albeit full isolation from the internet or other networks.
– In 2012, hackers penetrated the building energy management system of a New Jersey production company. Intruders successfully exploited a weak credential storage vulnerability to access the organization’s BMS, controlled by Tridium’s Niagara software.
– In 2013, Jesus Molina, a U.S cyber security consultant, took control of the lighting, shading and HVAC systems in the luxurious St. Regis hotel in Shenzhen, China, via the iPad in his room.
– In 2013, two cyber-security specialists managed to hack into Google’s Wharf 7 office in Sydney, Australia through a BMS controlled by Tridium, a company owned by Honeywell. Because Google was running an outdated version of Tridium Niagara AX, the hackers were able to access usernames and passwords. By using a decoding tool, the specialists entered Google’s BMS and were able to see the floor and roofing plan, piping systems, alarms, and equipment schedules.
Aside from the few powerhouses that are dominating the BMS/Smart building industry, an additional 20-25 companies specialize in related automation systems: HVAC controls, illumination controls & fire/access/security controls and represent the second tier. However, ostensibly, it seems that the cyber protection solutions for BMS solutions are less mature, providing positive prospects for deeper market penetration and expansion. Based on these findings, I have formulated the following recommendations for organizations:
– Create direct communication channels with all major BMS developers in the industry (tier-1 companies) to negotiate new business contracts and strategic alliances. Partnership models vary, and may range from a project-based agreement to full integration into existing systems. Making initial contact may seem like a formidable and time-consuming task. However, through additional research the right contacts can be identified, increasing the odds of success.
– Launch targeted reach-out campaigns directed at property management firms (U.S market), in order to formalize new pilot projects and strategic partnerships.
– Strengthen reach-out efforts at BMS/Smart Building-focused exhibitions in order to identify new growth opportunities and partnerships in the U.S and Europe.
– Conduct a thorough examination of the BMS-specific communication protocols outlined in this study (e.g, BACnet). If found applicable, then include in the solution development roadmap for 2016.
– Consider sending one of a technical staff member to professional training for the GICSP Certification.
Idan Udi Edry is the CEO at Nation-E, a global leader in providing proactive cybersecurity solutions for critical infrastructure and the smart grid environments. A distinguished veteran in the fields of Information Technology and Data Security, Edry is also an experienced leader driving innovation and execution at scale.
Subscribe to Data Informed for the latest information and news on big data and analytics for the enterprise.