Smart Building Are Vulnerable – But Not If Measures are Taken

I was reading an interesting article about how a Tridium network gateway device at the Google Wharf 7 building in Sydney, Australia was hacked recently.  The Tridium device is used for visibility and control of various Building Management Systems (BMS) and by gaining access, the hacker would have visibility and control over all the building systems connected through the Tridium.  While this exposure could be very detrimental, the “hacker” was a security company who is working on a project to identify vulnerable Internet facing Industrial Control Systems (ICS).  Their intentions were not malicious.

My interest in the article was not in the ability to hack into a building system control device but rather the concern I sometimes hear about the vulnerability of Smart Buildings which utilize a converged network for all their Building Management Systems (BMS).

While the concern of unauthorized access into a building’s operations is real, a properly implemented converged network in a Smart Building is by far less vulnerable.

Traditional built buildings utilize multiple disparate, often unsecure networks for their BMS solutions.  Network quality and security are very low on the priority list as BMS companies specialize in delivering their solution, not in keeping up with best practices for secure networks and preventing unauthorized access.  In fact, the Tridium device which was hacked at the Wharf 7 Building had an older software release and did not utilize some of the security measures designed to prevent unauthorized access.  Measures such as the use of Strong Passwords, a Lockout Feature or VPN and Firewall software were not implemented.  More than likely, there was little thought given to locking down access.

Smart Buildings have a greater reliance on a converged building network shared by BMS solutions such as Heating, Ventilation and Air Conditioning (HVAC), lighting, security and access systems.  For this reason, the network is designed to be Enterprise Grade which includes not only reliability but also security.  These Smart Building converged networks should have all the characteristics, including security, of a network utilized to operate a company’s business.  The company which hacked Wharf 7 was looking for vulnerable Internet facing devices and exposing them.  A properly implemented and maintained Smart Building network would not even appear on their radar.

The point of this message is:  Don’t condemn Smart Buildings and their converged network because someone does not implement proper security practices.  After all, even the best security measures in the world will not prevent unauthorized access if they are not properly implemented.

About Ron Gordon

Ron Gordon is Cisco Canada’s Senior Advisor for Smart+Connected Real Estate (S+CRE), responsible for advancing the utilization of IT infrastructure in building systems and Cisco’s S+CRE philosophy in Canada. Gordon has over 30 years’ experience in the information technology industry with roles in solution sales, sales management, product management and business development. He joined Cisco in 2007 and has worked on several S+CRE projects including the TORONTO 2015 Pan Am/Parapan Am Games, PwC Tower in Toronto and George Brown College Waterfront Campus. Prior to Cisco, he served as a Product Manager at Avaya and held positions at Bell Canada and TTS Meridian Systems. Gordon holds a bachelor’s degree in Geography from the University of Toronto. Ron Gordon , conseiller en chef de l’immobilier intelligent et connecté (S+CRE, Smart+Connected Real Estate) de Cisco Canada, est chargé de faire évoluer l’utilisation de l’infrastructure informatique dans les systèmes de construction et est responsable de la philosophie S+CRE de Cisco au Canada. M. Gordon est fort de plus de 30 années d’expérience dans le secteur de la technologie de l’information; il a joué plusieurs rôles dans les ventes de solutions, la gestion des ventes, la gestion des produits et le développement commercial. Il est entré chez Cisco en 2007 et a travaillé sur plusieurs projets S+CRE, dont les Jeux panaméricains/parapanaméricains de 2015 à TORONTO, la Tour PwC à Toronto et le campus Waterfront du George Brown College. Avant d'entrer au service de Cisco, il a occupé le poste de chef de produits au sein d’Avaya. Il a également occupé quelques postes chez Bell Canada et TTS Meridian Systems. M. Gordon est titulaire d’un baccalauréat en géographie de l’University of Toronto.
This entry was posted in All Posts, Smart + Connected Communities and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s