Smart buildings are becoming increasingly advanced. Emerging technologies, while sometimes disruptive, work to effectively bridge gaps between building services and their owners, operators, and occupants. Innovative features enhance comfort and convenience as well as advance process optimization and building management. Smart building applications often require facilities to integrate Operational Technology (OT) system data into the enterprise Information Technology (IT) side of the organization while maintaining cybersecurity.
Building automation applications that enable cloud connectivity, edge computing, analytics, unified interfaces, tenant apps, frictionless entry, and shared workspace management among others are setting us on our way to “smarter buildings,” but they also pose challenges for the necessary systems integrations. As building stakeholders become increasingly interested in new, smart building technologies, they are also concerned with cybersecurity, which drives the need to better understand the IT/OT convergence.
Smart buildings require secure IT/OT integration
The convergence of technologies is not a new concept, but it is evolving and making its way through the technology stack. Advances in technology enable the digital information environment to monitor, analyze, and influence the physical operational environment.
IT/OT convergence is the integration of information technology (IT) systems with operational technology (OT) systems. The idea is to securely bring physical equipment and devices into the digital (IT) realm to enable smart building applications which require data to flow throughout the organization.
Historically, IT and OT have occupied entirely separate domains and shared little or no meaningful data or control. Even though they both use IP connected equipment, IT and OT devices do not behave exactly the same on the network. They also rely on oversight from staff with distinctly different skill sets. More than ever before, successful business outcomes and environmental objectives depend on the convergence of IT and OT, and the demand for “smarter buildings” is bringing the two domains together.
To discover how BACnet/SC can help IT/OT convergence in smart buildings, read more here.
Convergence should be planned and framed in reference to specific use cases and the flow of data required to use the system as the owner or operator wants, while prioritizing cybersecurity. Physical network convergence is certainly required for any data to be exchanged. Logical convergence must be defined and implemented very carefully with minimal traffic flow between networks. Only the data points required to achieve the desired outcome should be exchanged between systems while maintaining network security using methods such as segmentation, least privilege, firewalls, DMZs, or authorization. You can think of these as individual integrations, with any single implementation being fairly straightforward. While these may not look like network convergence, when you combine all the use cases needed to realize smart building goals, you start to see hundreds of potential points of data exchange between networks. Taken together, this is what real-world convergence between IT and OT looks like.
IT/OT convergence goes beyond technology
If planning to implement a new IT/OT convergence project to meet smart building goals, the discussion isn't just about the blending of technologies, but also teams and processes. There are different drivers, benefits, and some disadvantages of converging IT/OT depending on the perspective of different roles in an organization. Facility stakeholders are interested in functionality for certain use cases which can only be accomplished by convergence. Business leadership demands efficiency. This can only be accomplished by planning convergence upfront and including IT, cybersecurity, architects, consultants, engineers, and the construction tier in the same room early in the project. IT’s focus is on reducing complexity and letting existing IT staff take on some OT administration using the same skills and the same or similar equipment as they already have. Cybersecurity professionals are concerned about the risk of convergence increasing visibility to OT assets and how to extend the cybersecurity teams’ tools into the OT environment to help protect the organization from threats that may originate in the OT environment. These conversations can be difficult but, nonetheless, very important for successful, secure, and efficient convergence.
In short, convergence is the control of data exchange between previously siloed building services and the enterprise side of an organization, while maintaining cybersecurity, blending teams, and processes in an efficient manner to achieve smart building goals. Every organization requires a different playbook depending on factors such as staff, funding, use cases, and existing state of building services systems and IT infrastructure.
Learn more about integrating BACnet/SC into a comprehensive security plan. Download the white paper, “BACnet Secure Connect: The next generation of OT security for building operations.”