Monday, June 26, 2017: 8:00 AM-9:30 AM
Controls
Chair:
Michael Pouchak, P.E., Honeywell International
Technical Committee: 1.4 Control Theory and Application
Sponsor: 7.5 Smart Building Systems
CoSponsor: 1.5 Computer Applications
Building Automation Systems have grown in complexity and now routinely integrate with HVAC DDC, energy monitoring, automated demand response, lighting control and interfaces to fire and smoke managements. A large percentage of the Building automation systems have been enabled for the ability to control and monitor from the Internet. The failures of computer security in corporations and high profile attacks on computer networks and resources have created significant news stories and has led to increased scrutiny on the source and protection of these valuable resources. This seminar discusses problems and solutions to Building Automation cybersecurity.
1 Specifying Cyber Security Requirements for Building Automation Systems: An Introduction to Industry Challenges, Opportunities and Best Practices
 |
Ron Bernstein, RBCG, LLC |
This seminar discusses current issues of control networking security standards for Building Automation solutions and the need for cybersecurity best practices. As more devices are connected to the building network requiring access to the BAS and then to the Internet, the greater the opportunity for exploitation of both internal and external network access. IoT technologies provide direct access from a cloud service to a device, in many cases, bypassing the constraints set up by IT. This session discusses risks and opportunities associated with cybersecurity and efforts to develop smart building specifications to minimize the potential risks while balancing the desire for new solutions.
2 The 20 Minute Risk Assessment
 |
Bruce Billedeaux, P.E., Maverick Technologies |
In every cyber security standard there is a common step, the “Risk assessment”. But what is a risk assessment and how do I do one? This presentation explains how to perform a risk assessment. This information helps the building owner, design engineer and automation professional determine the value of cyber security.
3 Using a Systems Approach to Secure Networks
 |
Mike Pouchak, P.E., Honeywell |
This seminar discusses important system engineering and fundamental topics related to HVAC system security. Key issues of cybersecurity risk analysis, threat model and system security design principles are discussed.
4 Cybersecurity Compliance Testing
 |
Dan DesRuisseaux, Schneider Electric |
This seminar discusses issues related to building automation security testing and information existing industrial cybersecurity standard IEC 62443 and related certification.