A Q&A Webinar with Anto Budiardjo, Jim Lee from Cimetrics & Steve Fey from Totem Building Cybersecurity discussing BACnet Secure Connect (BACnet/SC) and what lies ahead in 2020 for Building Automation Cybersecurity.
5. BACnet/SC in a Nutshell
BACnet BACnet/SC
● Secure TLS over TCP/IP
● Each device needs a Digital Certificate
● Does not secure the whole BAS network
● Does not provide what IT Deps needs
BACnet
BACnet
BACnet/IP
BACnet/IP
BACnet
Routers
UDP/IP
MS/TP
Unsecured
BACnet/SC
Failover Hub
Supervisor
Primary Hub
BACnet/SCBACnet/SC
BACnet/SC
BACnet/SC
6. Simplified Network Architecture
IT Device
For simplicity...
Additional VLANS,
network segmentations,
firewalls are not shown.
SbC Cloud
Failover SbC
Appliance
SbC
Appliance
Insecure
IP &
RS485
BACnet Router
BACnet/IP BACnet/IP
BACnet Router
MS/TP MS/TP
BACnet/SC
BACnet/SC
BACnet/SC
BACnet/SC
IT Switch IT Switch
Enterprise
Cloud Other Cloud
SaaS
Data Center
IT Device
IT Device
IT Device
On-premise
Infrastructure
Internet
7. The path forward: NOT business as usual
● BACnet International
○ Support rapid implementation of BACnet/SC by OEMs
■ Reference code and test devices
○ Accelerate BTL testing of BACnet/SC compliant products
● Secured by Cimetrics - Holistic Cybersecurity
○ One-Step Device Onboarding
○ Device & Cert Management
○ Interoperable Configuration
○ Secure Backup/Restore
○ Secure Firmware Updates
○ Enable IT monitoring