For buildings to be truly smart, physical and data security must converge, says Colin Tankard, pictured, Managing Director of data security services company Digital Pathways.
The word ‘smart’ is often applied to devices that are enhanced through Internet connectivity, with the best known example currently being Smartphones that have transformed the way that we communicate. Such technology is also helping to make buildings smarter. According to IDC, after a relatively slow start, spending on smart building technology is forecast to grow from US$6.3 billion in 2014 to reach US$17.4 billion in 2019, which is a cumulative annual growth rate of 22.6%. Among the reasons for this growth is the increasing number of regulations regarding energy efficiency in buildings.
Researchers Memoori estimate that there will be 50 billion things and devices connected by 2020, of which 19.5% will be in smart buildings. Smart buildings incorporate the use of building automation systems that provide automated, networked control over factors that include heating, ventilation, air conditioning and lighting. With all these systems interconnected, building performance can be optimised, creating much greater operational efficiency. According to the Institute for Building Efficiency, some of the ways that smart buildings can increase efficiency and save money include:
•Optimised cooling and ventilation
•The ability to match occupancy patterns to energy use, such as reducing heating levels when fewer people are inside the building
•Proactive maintenance of equipment by being able to detect performance problems before they cause an outage
•Dynamic power consumption by altering power consumption according to price signals.
Interconnectivity
The ability to integrate and manage multiple systems centrally has advantages that go beyond achieving greater efficiency in operations. It also has far-reaching implications for security. With greater inter-connectivity among systems, security becomes an increasing concern as electronic networks can be hacked or sabotaged. In terms of buildings, these can include video surveillance systems, access control systems, fire control systems, and sensitive internal files and other IT systems.
According to Gartner, 20pc of smart buildings will have suffered from digital vandalism by the end of 2018. Although it believes that the main consequences will generally just be seen as a nuisance, there are also likely to be both economic consequences and issues impacting health and safety. However, a recent survey by Facilities Net found that just 22pc of respondents are knowledgeable about cyber security issues related to building automation systems, even though 58pc admit that they realise that such attacks could result in significant or very significant harm. It also found that just 42pc have conducted a threat assessment of network and physical security measures against cyber attacks in the facilities that they manage.
Yet the use of networked technology also provides advantages in terms of security. By centrally collecting and analysing all data feeds from systems in a building, anomalies can be more quickly detected, allowing for more effective remediation of any threats encountered, whether from hackers or equipment malfunctions, or from any of the other threats that buildings face, whether manmade or caused by natural disasters such as floods and extreme weather.
Greater integration
To ensure that security issues do not derail the opportunities made available by smart building technology, all systems—both physical and logical—must be efficiently integrated so that they can be effectively monitored, managed and centrally controlled through one platform using common processes and workflows. This will enable building management personnel to see one overall view of how all systems are working. It is essential that the system provides alerts when abnormalities are flagged so that remedial action can quickly be taken, prioritised according to perceived levels of risk.
Physical security is especially important for buildings and facilities, with multiple doors and often extensive perimeters that must be secured. It is therefore essential that feeds from physical security systems, as well as information from security guards patrolling the premises, are fed into one central system. Services such as nLiten offered by Digital Pathways have been specifically developed with those needs in mind. Information concerning incidents encountered need to be logged in a secure manner so that trends can be spotted, such as those that might be indicative of fraud. The central system is also used to store all standard operating procedures (SOP) to ensure that individuals charged with dealing with an incident can access the SOPs as and when needed so that the nLiten system can ensure that the correct rules have been followed.
Another essential capability offered by the service is its mobile application integration so that guards can be tracked as they are on patrol, with feeds sent back to control room personnel. Through its geolocation aware capabilities, even large scale facilities such as chemical plants and remote, large-scale areas such as forests can be monitored.
In order to gain the actionable insight that is available from large data sets, all systems must be connected to one centralised management system where data feeds are collected and analysed using advanced, integrated software applications. Such applications must be capable of analysing millions of data points daily to provide insight into the way that building systems are managed so that improvements can be implemented. This scale is necessary because of the enormous amount of data that is being generated by physical and logical systems in smart buildings—so-called big data. Memoori estimates that the big data-related market for software and services for smart buildings amounted to almost US$8 billion in 2015 and will grow to more than US$37 billion by 2020. Through big data analysis capabilities, enormous amounts of data can be mined and analysed for the actionable insight that can be gleaned from the data sets.
Many organisations rely on security information and event management (SIEM) systems for collecting and analysing data feeds from throughout the network and systems connected to it. However, regular SIEMs do not take into consideration feeds from systems in buildings such as heating and ventilation systems. It may therefore be necessary to create bespoke integrations for such systems so that they can be centrally monitored and managed alongside all the other systems on the network that can feed into traditional controls such as SIEMs.
Through integration of all systems, physical and logical, organisations will be better able to manage their entire building system continuity and security needs. Combining all data feeds into one central management portal aggregates all information into one location for efficient incident reporting and escalation. It will enable building management to take a centralised view of all building control and network systems, integrating physical controls with data security controls. Hence, they can move from looking at islands of information in isolation with alerts related to just specific incidents to being able to see trends as they occur across the entire system, which is essential for countering advanced, persistent attacks that are the norm today.
With one central system, multiple events can be linked together so that patterns can be seen, including trails of all decisions and actions taken as the result of an incident occurring. This will provide the evidence that is required not just for proving regulatory compliance, but also for demonstrating good governance.
Not only will greater integration increase operational efficiencies it will avoid the need to replace existing controls, since software applications that provide bespoke integrations add an additional layer of control to those systems so that they can be part of the overall integrated management system. The use of integrated, advanced analytics solutions to bring together all data feeds, the promise of smart buildings is one step closer to being realised.
