Page 23 - 251119_BJ_ME-Journal_14_digital
P. 23
BACnet Insight
BACnet/SC – a solution to enhance cybersecurity in critical infrastructure.
is unique to the device and used for authentication BACnet/SC Application in Critical Infrastructure Future Ready with Simple Firmware Updates
processes as well as for encryption and decryption of
traffic. The second, so-called Root Certificate, is project- An excellent example of the capabilities of BACnet/SC in In addition to new constructions such as Oberwart
based and identical across all project devices, regardless critical infrastructure is the Oberwart Hospital in Austria. Hospital, organizations can implement BACnet/SC in
of respective manufacturers. In addition, BACnet/SC Healthcare facilities naturally require exceptionally high existing facilities without the need for a disruptive “rip
requires a single Certificate Authority (CA) in order to sign standards. Patient safety and operational continuity and replace” approach. Instead, building control system’
and validate certificates across all devices. All of these depend on secure and reliable control of environmental upgrades can be achieved through firmware updates,
features significantly increase security while maintaining conditions, such as air flow or room temperature, as well making it a sustainable, efficient, and long-term solution.
compatibility with existing BACnet systems. as building access systems. This reduces both costs and operational disruption.
Compliant and Certified Solution for Cyberthreats Oberwart Hospital, which opened in May 2024, partnered The implementation of BACnet/SC represents a significant
with Siemens Smart Infrastructure to implement step forward in securing building automation networks. As
Another important asset, BACnet/SC, aligns with the new comprehensive building automation with sophisticated the industry continues to evolve, BACnet/SC’s foundation
Network and Information Security 2 (NIS-2) EU standard cybersecurity measures. Their system manages building in established and innovative Information Technology
that came into effect in October 2024, aimed at critical controls via 41 new-generation controllers, 360 individual (IT) security principles ensures its ability to adapt to
sectors such as healthcare, energy, transportation, room controllers, and eleven fire damper control systems new challenges. At the same time, it maintains the
banking, and digital infrastructure. The directive requires monitoring 1,400 devices, while communicating securely interoperability that has made it the industry standard.
organizations to implement encrypted communications, through BACnet/SC. This implementation ensures
device authentication, cybersecurity policies, and other precise control of critical environments such as operating Oberwart Hospital provides a blueprint for facilities of
cybersecurity measures. BACnet/SC allows organizations rooms and sterile areas, where maintaining specific any kind and size seeking to improve the security of their
to set up a building automation system that meets the environmental conditions is critical to staff and patients’ building automation. As cyberthreats won’t stop, such
NIS-2 requirements. health and safety. forward-thinking implementations will be key to protecting
critical infrastructure in the years to come.
To proof that the necessary cybersecurity measures
are in place, Siemens products have received IEC
62443 certification through verification by TÜV Süd. The
independent label not only covers the products but also
the entire development process.
Dr. Alina Matyukhina
Siemens Smart Infrastructure Buildings
CSO und Global Head Cybersecurity
alina.matyukhina@siemens.com | www.siemens.com
23
BACnet Middle East Journal 14 11/25 23
