What is BACnet/SC ?
BACnet/SC is BACnet solution for cybersecurity.
In today’s digital and interconnected world, cybersecurity takes center stage. Until recently feared only by IT professionals, cyber threats now spare no player in building automation and control systems world. Hence the need to get things right when it comes to cybersecurity. Good news for owners, operators and designers of intelligent buildings, a standardized technological advancement has emerged, to offer a solution for complete protection of communications between systems and equipment: BACnet Secure Connect (BACnet/SC). Whether in standalone or connected installations, BACnet/SC is a cost-effective, IT-enabled solution that uses the same technology as online banking and other mission-critical applications to secure/encrypt communications between devices.
These concerns are well understood by the ASHRAE SSPC-135 Committee responsible for developing BACnet specifications and certifications, which has been working hard for five years on a new technology called BACnet Secure Connect (BACnet/SC) which is now part of the BACnet standard. The BACnet standard is identified as the ISO 16484-5 standard and the certification specifications used to obtain the BTL logo is ISO 16484-6. BACnet/SC provides the means to create secure communications connections between BACS devices both in the cloud and within facilities. BACnet/SC uses the latest security techniques and easily integrates with the IT infrastructure. At the same time, BACnet/SC preserves 100% capacity and is backward compatible with all existing BACnet deployments and devices.
To learn more, see: BACnet Secure Connect: ‘A Secure Infrastructure for Building Automation’ by Dave Fisher, Bernhard Isler, and Mike Osborne (White Paper)
What exactly does BACnet/SC do?
BACnet/SC allows two BACS devices to establish a highly secure and encrypted connection between them, over which conventional BACnet messages can be sent and received. These connections cannot be “hacked” and cannot be decrypted without appropriate certifications, and the certifications themselves cannot be falsified or tampered with. This ensures that only legitimate devices can be connected and that the content of their communications is completely private. The mechanisms that ensure this security are based on international standards established according to best practices and are fully aligned with IT standards.
This means that BACnet/SC uses the same mechanisms as banks, the military sector and other entities to secure their communications.
BACnet/SC allows two devices to establish such connections directly with each other. That said, it will likely be much more common to see essentially two types of BACnet/SC devices:
• A BACnet/SC “hub” that acts as a centralized conversation manager
• A BACnet/SC “node” that establishes a connection to the hub and sends all messages through the hub, which in turn redistributes the message(s) to recipient nodes
To learn more, see Nov 2020: BI Journal, Issue 18: BACnet/SC: The Big Picture by David Fisher