Towards a Cybersecurity Partnership in Connected Buildings
Over the past few months, there has been some well-needed government and media attention paid to the cybersecurity posture of control systems used in smart buildings and Operational Technology (OT) networks. Cyber-threat watchers note that there continues to be a significant number of these control systems that are configured in an insecure manner and exposed on the Internet. This is something that must change.
Decades ago, organizations had to quickly become savvy about protecting their Information Technology (IT) networks from remote attackers. As IT networks grew, so did the cybersecurity threats – viruses, malware, and phishing attacks proliferated, and they continue to do so. Organizations that experienced early, highly publicized cyberattacks and data breaches learned painful and costly lessons. In too many of those cases, proper focus on cybersecurity awareness and best practices only happened after such an attack. Luckily, we can learn from those mistakes and lessons from the past and apply them to OT networks today. It is our goal that smart building owners and operators avoid the harsh realities of cyberattacks now by taking a proactive approach towards cybersecurity.
As many of you know, Tridium’s Niagara Framework is used in OT networks around the world. A universal multi-protocol integration engine that enables applications to connect to, control, and monitor any device, regardless of manufacturer, Niagara enables integrators to build and deploy control solutions and seamlessly aggregate data from a wide variety of systems and equipment. OT experts seeking open-protocol interoperability have converged around the Niagara solutions offered by Tridium’s OEMs and integration service partners in the building automation business. Niagara is now deployed at the controller level, the supervisory level, and at the edge, and Niagara solutions are used in a wide variety of domains.
As businesses use Niagara to connect more equipment, devices and people into workflows that enable data-driven buildings and industrial spaces, they can reap the benefits of comfort, energy savings and better business outcomes. At the same time, any network connectivity also brings challenges related to cybersecurity, and all stakeholders need to be aware of the fact that the target landscape for cyberattacks continues to grow and evolve.
Cybersecurity is a journey that we are on with our Niagara Community. Specifically, we are on this journey with systems integrators who configure our products and facility managers and owners who oversee our products. As an integration platform, it is important that our products are securely configured. Niagara products should always be set up in an organization’s network using security best practices and a defense-in-depth approach. Once deployed, Niagara-based systems need to be kept up-to-date with the most recent security updates and patches. Systems also require continuous monitoring to detect unplanned changes in hardware or software configurations or anomalous activity that could be a sign of cyberattack.
As we look at the lessons learned over the last few decades in protecting our computers and networks, practicing cybersecurity hygiene means more than deploying new technologies. Any serious effort involves the combination of people, processes and technology. Organizations need to adopt best practices and cybersecurity processes, they must deploy defensive technologies and use technology properly to defend against the threats. This type of change requires a focus on people. Behaviors related to the use of technology must change, and people in the organization need to be made aware of the threats and be trained in new cybersecurity processes.
In order to help our community defend against cyber threats, Tridium is offering the following guidance:
- (1) Follow the cybersecurity best practices that we provide. Tridium has released a Cybersecurity White Paper focused on best practices for cybersecurity for any organization, including specific guidance for Niagara systems. This paper provides an overview of the threats and resources for defending against those threats, as well as organizational and technical best practices.
(2) Do not expose your systems on the Internet. When any system is exposed on the Internet, it is discoverable by potential attackers and can be open to a wide range of potential attacks. We urge our customers to make certain that their systems are on networks that are configured with network security best practices, using a defense-in-depth approach. Customers should also perform periodic assessments on their systems, verifying and ensuring that those systems are not exposed on the Internet or other untrusted networks.
(3) Continue to update your systems with the most recent security updates. At Tridium, we continually release patches and security updates so that our customers’ systems can be updated with the most recent versions. To be protected, it is critical that those updates be applied as soon as is practical. Conduct periodic assessments of your systems to ensure they are up-to-date with the latest patches and cybersecurity updates.
(4) Use our Niagara Hardening Guides to securely configure Niagara systems. Tridium has released security hardening guides for our AX products and our Niagara 4 family of products that include step-by-step instructions on best practices aimed at securing our products (available on our website HEREand HERE.
(5) Use our other available online resources. In addition to the Cybersecurity White Paper, there is a TridiumTalk webinar focused on cybersecurity available on our website and a keynote presentation available on Tridium’s YouTube channel.
Cybersecurity is a partnership: we all have a role to play. At Tridium, we see cybersecurity as a top priority, and we are dedicated to continuously improving the security posture of our products and providing guidance to Niagara systems integrators, business partners, and facility managers. We want to work together with you in this cybersecurity partnership, and we will continue to update you as we release new security features, enhancements and updates.
This Week’s Sponsor
Tridium is a world leader in business application frameworks, advancing open data environments and easy interoperability. Our Niagara Framework® universal multi-protocol integration engine has fundamentally changed the way people connect and control devices and systems. Tridium delivers Niagara software and the JACE® controller and server platform through an open distribution business model with open protocol support. With almost one million instances worldwide, Niagara is helping a significant number of businesses, manufacturing enterprises and government entities improve performance and reduce energy, operating and other costs, and be more strategic and competitive. The Niagara Community is a large and active community of innovative developers, integrators, consultants, manufacturers, resellers and end users who use Niagara daily. Tridium is an independent business entity of Honeywell International.
Be a part of one of the most interactive and exciting sessions of the conference, the Smart Building Best Practice Showcase, which will be held on June 14 from 8:30am to 10:30am. The Showcase presents the world’s most successful implementations of smart buildings, campuses, and portfolios. These projects represent the future of real estate with their state-of-the art design, connectivity, systems integration and enhanced occupant experience. For the past six years, this event has featured over 200 smart projects by Google, Microsoft, LinkedIn, Ford Land Energy, Stanford University, Aruba and many more!
If you are involved with a smart building, campus, portfolio or city project you feel would add significant value to the Showcase, please contact Tina Danielsen.
UPCOMING REALCOMM WEBINARS
The Cloud, IoT, Sensors and More – The NEXT EVOLUTION of Smart Connected Buildings - 4/4/2019
The concept of smart buildings has been around for decades. What’s different now are the multiple generations of technology we have seen throughout the years. At first ‘building automation’ was proprietary and single-source, next came ’connected’ buildings which introduced us to the internet. Today, next-level thinking includes an expanded use of the cloud, the inclusion of non-traditional smart edge devices found within the Internet of Things (IoT), sensors, as well as integration into ERP’s other single purpose solutions and multiple telecommunication platforms. While the benefits of a smart connected building are great, the path to success is elusive. This webinar will feature the industries’ most accomplished smart building experts.
Tom Shircliff is a co-founder and principal of Intelligent Buildings, a nationally recognized smart real estate professional services company that was started in 2004. Intelligent Buildings provides planning and implementation of next generation strategy for new buildings, existing portfolios and urban communities. Tom is a speaker and collaborator with numerous universities and national laboratories, a gubernatorial appointee for energy strategy and policy and founding Chairman of Envision Charlotte, a Clinton Global Initiative.
Paul Maximuk is Energy Manager for Ford Land Energy where he is currently is providing project and program technical guidance to implement global metering of electric, natural gas, steam, water and compressed air systems. He is an Energy Engineer with over 30 years of experience in the HVAC/BMS field. He is an SME specializing in building management and energy reduction. Paul has focused his efforts in large industrial facilities but also has equal expertise in Class A buildings. Additionally he is a problem solver finding the root cause of why mechanical systems do not operate at their peak efficiency.
Gordon Echlin is Vice President Marketing and Business Development for Triacta Power Solutions LP, where he has been a management team member since 2009. Prior to Triacta, Gordon was a partner for a boutique venture capital firm, Venture Coaches from 2006 to 2009, and started a telematics company, Netistix Technologies, in 2002.
Rick has more than ten years of experience in technology and intelligent building engineering. Prior to cohesionIB, Rick served as the Senior Practice Leader at Environmental Systems Design in the Intelligent Building group. He led the technical design of global intelligent building and smart city projects in cities around the globe. He is passionate about designing digital solutions for the built environment that improve the experiences people have and foster the culture around them.