Building Automation
EU NIS2 Directive and Implications for BAS-BMS Cybersecurity
The EU NIS2 Directive (Network and Information Security 2 Directive), which replaces and expands on the original NIS Directive, aims to strengthen cybersecurity requirements across critical sectors, including energy, healthcare, transportation, and digital infrastructure. While not explicitly focused on building automation systems (BAS), its implications for such systems are significant, particularly for facilities considered critical…
Read MoreThe Importance of Cybersecurity Protection for Building Infrastructure
Podcast Outline Introduction Understanding Cybersecurity for Building Infrastructure Real-Time Security: A Necessity Smart Buildings: Balancing Innovation and Security Zero Trust Systems: The Future of Cybersecurity Challenges in Securing IoT Devices Implementing Secure Firmware Solutions Conclusion Podcast Transcript Introduction Welcome to another insightful episode of “Protecting Buildings and OT from Cyber Attacks,” where we delve into…
Read MoreCybersecurity Insurance for Buildings, BAS, BMS
Building owners should have cybersecurity insurance for their building automation systems (BAS) due to the increasing risk of cyberattacks on connected infrastructure. Key Reasons for BAS/BMS Cybersecurity Insurance Protection Against Financial Loss: A cyberattack on BAS can result in significant financial losses from system downtime, operational disruptions, or damaged equipment. Cybersecurity insurance can cover the…
Read MoreBuilding Automation Endpoint Protection Is Critical for Cybersecurity
Building automation systems (BAS), now highly-connected to the internet, have transformed how the infrastructure of residential, commercial, and industrial properties is managed and optimized. From heating, ventilation, and air conditioning (HVAC) systems to lighting, security, life safety, and power distribution, these systems are now smart, centralized, and increasingly automated. While this level of convenience and…
Read MoreBuilding Management System Cybersecurity Best Practices
A strong cybersecurity posture is essential for Building Management Systems to mitigate the risks associated with interconnected devices and systems. Building Management System Overview A Building Management System (BMS), also known as a Building Automation System (BAS) or Building Control System (BCS), is a computer-based control system that manages and monitors the mechanical, electrical, and…
Read MoreBACnet Security Issues and How to Mitigate Cyber Risks
BACnet is a commonly used protocol for building automation and operational technology (OT) systems, and is used to establish communication between various devices in a network. Because BACnet-based building systems were originally deployed in isolated (air-gapped) environments, BACnet was not designed with security. Therefore, millions of BACnet devices are lacking common security mechanisms such as…
Read MoreImproving BACnet Secure Connect (BACnet/SC) Deployment with Automated Certificate Management
Managing BACnet Secure Connect (BACnet/SC) certificates can be a challenging task, especially for large buildings. Just recently at the AHR Expo 2024, we learned of a project that had over 300 devices and the decision was made to use 10-year certificates due to the multiple days (3-4) of labor needed to deploy BACnet/SC certificates. The…
Read MoreBACnet MS/TP Security Risks and Vulnerabilities
What is BACnet MS/TP? BACnet MS/TP (Master-Slave/Token-Passing) is a widely used communication protocol in building automation and control systems. BACnet MS/TP is implemented with a shared bus and one or more building control devices daisy-chained along the wiring from a controller or a BACnet IP router/gateway. It is commonly used to connect field devices such…
Read MoreSmart Building Cybersecurity Best Practices
Key Points Smart buildings integrate interconnected systems like HVAC, lighting, access control, and more to optimize efficiency, sustainability, and occupant comfort through centralized, automated operations. Security challenges arise from inherently unsecure communication protocols, increased connectivity, and remote/cloud access, expanding the cyberattack surface and exposing systems to threats like unauthorized access and data breaches. Key security…
Read MoreAHR Expo 2024 Event Preview
Veridify Security will be exhibiting at the AHR Expo 2024 in booth S6174. Our demo is getting assembled and being prepared to be shipped to Chicago! Verdify will be exhibiting a live demo of DOME™, a building automation cybersecurity platform that protects both new and existing building automation devices. The newly revised demo platform will…
Read More