BACnet Integration Solutions
Chipkin has BACnet solutions for almost every situation. We have over 20+ years experience in BACnet
integration, check out our BACnet Products:
BACNet is not impervious to threats. In fact, there are many instances in which BACNet is vulnerable. Here is the top 18:
1. Energy-demand shock
Turning on a large number of energy-consuming devices (e.g.
Heating/cooling/lights) at the same time by direct command or by altering
schedules, can dramatically increase the load on an electrical grid causing
disconnects or even grid failure in extreme cases. Could your institution
shut down your entire city or state?
2. Building made uninhabitable on a temporary basis preventing
use
A building’s HVAC system can be driven to a state where there is no heating
or cooling. Pipes may burst and other damage can occur. This presents
commercial and reputational risk. Your hotel brand is damaged and you have
no room revenue for a few days because the HVAC won’t work.
3. Building made uninhabitable on a temporary basis requiring
evacuation
A building’s HVAC system can be driven to a state where there is no heating
or cooling. Pipes may burst and other damage can occur. In hospitals,
for example, safety protocols may require evacuation of patients.
4. Building driven to extreme temperatures – no heat , max heat, condensing
humidity to cause equipment malfunction and possible permanent
damage
If external temperatures are very low (Boston in Winter) or high (Arizona in
summer) and HVAC system is driven off or to max heating the ambient
temperature may be outside the operating range of equipment in the building
or even to the point where equipment is damaged. In humid environments,
a system can be driven to be heavily condensing – water damage and short
circuits could occur.
5. HVAC failure causing computer / super computer / server farms
shutdown
Computer equipment is extremely temperature sensitive. Mildly elevated
temperatures can cause decreases in performance. Temperature extremes can
cause failures and shutdowns. Many data centers are located in extremely
cold places (Facebook – Sweden) to save on cooling energy costs. HVAC
failures will drive interior ambient temperatures to low points.
6. HVAC failure causing computer / super computer / server farms
damage
Temperature extremes can cause damage to CPU’s. Burst pipes can cause water
damage.
7. Changing protection settings and limits
Many electrical devices have settings and operation limits used to protect
the device from being operated in a way which will damage the device. For
example, a motor controller may have operations which set the maximum speed.
Changing the settings can cause devices to shut down or failing to protect
themselves resulting in damage.
8. Driving pumps and motors and other devices to failure states
Many electrical devices have settings and limits which prevent the device
from being operated in a way in which damage can occur. For example, a device
may shut down or limit operation to ensure that it doesn’t run too hot.
Changing these types of settings can allow devices to be damaged by normal
operation. Motors can be driven to speeds which cause damage to equipment.
Alarm set points can be changed so that alarms are not generated.
9. Synchronized failure
By changing schedules, equipment can be turned on / off en masse.
10. Data theft
Critical data from sensors and other equipment can be monitored.
11. Data corruption
Sensors may provide important or even critical data to control systems or
management systems. False data can be served. False alarms can be generated.
Alarms can be acknowledged before humans become aware of them.
12. Out of service
Sensors and Control devices can be put out of service. That is – to stop
sensors reporting the measured values or to stop a control device responding
to commands such as set point changes.
13. Command contention
BACnet has a priority system to resolve command contention. It is possible to
drive devices to states at a higher priority than the normal operation is
configured for, thus preventing the control system from operating equipment
until the problem is identified and resolved. A fair degree of expertise is
required to identify this problem. Whoever commands last, wins.
14. Gateway failure
Communication protocol gateways connect subsystems and allow them to
inter-operate. Driving these devices to a failed state can result in overall
control / monitoring system failure.
15. Firmware update / corruption
Some devices allow firmware to be delivered using the file transfer services
supported by BACnet. It is conceivable that on such devices the firmware can
be corrupted making the device inoperable and difficult to recover to an
operable state. If such a device is no longer manufactured or supported there
may be no path to recovery other than implementing a new system.It is also
possible that devices can be turned into zombie devices – i.e play some
new, destructive role.
16. Configuration update / corruption
Some devices allow configuration to be delivered using the file transfer
services supported by BACnet. It is conceivable that on such devices the
behavior of the device can be changed or that the device is made inoperable
until the configuration is restored. It is rare to have backups that are
current in HVAC systems.
17. False alarms
False alarms can cause automated systems to shut down processes. False alarms
can divert operator attention and mask real alarms.
18. Network attacks – Denial Of Service
Generating false alarms. Oversubscribing for change of value, alarm and event
notifications and misconfiguration. BACnet BBMD devices can cause message
deluges which consume all the bandwidth and which can cross sub-nets.
19. Critical infrastructure attacks
Lights Off, Fuel Pumping Systems, Standby Generator Shutdowns, Transfer
Switch Operation etc.
It may be possible to operate transfer switches disconnecting buildings from
the grid and at the same time change settings to prevent standby generators
from starting.It may be possible to operate breakers and shut systems down.
