How to align building technology integration, interoperability, and security
“This isn’t what I asked for” is a phrase that’s all too common when it comes to an end-state of operational technology (OT) deployments. In many situations, building owners and operators receive drastically different—and often underperforming—solutions than originally planned. Mistakes often occur during the design and deployment phases of a build-out, erasing vital quality improvement, efficiency, and cost savings advantages that the owner counted on. Even more important is that these systems contain data necessary for complying with government efficiency regulations across the country. Any gaps in accurate information during building efficiency audits can result in fines and costly fixes.
Owners, operators, and planners often face many challenges when attempting to adhere to various standards to place technology at the forefront of operational building efficiency. No matter how carefully planned these integration and interoperability layer initiatives are, they can quickly be derailed without warning during the deployment process. How can owners attain systems that prioritize building efficiency, scalability, and data security—and that actually work?
OT integration and interoperability matters
Two leading factors are contributing to the movement toward OT system integration and interoperability within smart buildings. The first is the aforementioned government regulations that are rolling out across multiple states and municipalities. Fulfilling these regulatory requirements will avoid fines and costly system rework. If properly implemented, the integration of OT systems using an interoperability layer should allow management IT teams to extract relevant usage, occupancy, and efficiency data where it can be quickly referenced through reporting tools.
The second factor typically is internal sustainability goals, set by many large private and public organizations. Again, metrics must be collected and analyzed from OT systems to ensure that those goals are being met.
Integration and interoperability challenges
Proper system integration, interoperability, and compliance with building standards and regulations go hand in hand. The only way to accurately and efficiently measure many key performance indicators (KPIs) is to introduce a digital interoperability platform that extracts this data directly from the myriad OT systems and analyzes usage and efficiency metrics on the building operator’s behalf. Not only does this provide the reports required for regulation initiatives, but it also provides information that can be used to detect any faults, such as over-consumption anomalies, in real-time. This information can then be used to remediate any OT systems that may be malfunctioning or out of calibration.
OT engineering firms continually conduct data and system models and simulations for building planners to ensure smart building systems and operational technologies meet an owner’s needs from a functionality and regulatory perspective. Engineers and planners are also paying close attention to energy and water consumption efficiency standards, such as Building Energy Performance Standards (BEPS), in place across multiple cities, including Boston, New York, Washington, Philadelphia, and Seattle, and states such as California and Colorado.
These regulations monitor energy efficiency and consumption of buildings within their jurisdictions and issue penalties if those standards are not met. For example, Boston's BEPS are seeking to reduce the city’s energy and water usage to net zero by 2050. Building owners failing to reach the increasingly stricter goals over time can receive fines ranging from $150 to $300 per day. Each building from 2023 onward will be required to report to their respective government officials detailed performance aspects, including building age, building occupancy over time, total energy and water consumption by usage category, Renewable Energy Certificates (RECs) purchased, the need for unique emissions factors, and whether upgrades, expansion, or modifications to OT electrical/lighting/water equipment have been conducted that will enhance conservation practices.
Achieving building goals
From a deployment standpoint, using system integrators with a solid foundation of how OT and associated IoT systems are physically deployed and digitally configured is of utmost importance. Yet, despite the amount of preparation and planning by OT engineering design firms, those plans are frequently ignored once deployment begins. This is particularly common in new construction. A primary root cause is the lack of a feedback loop between design engineering firms and the building mechanical or controls contractors that are responsible for performing the necessary commissioning, physical installations, and system control setups.
Most often, the design engineering firm writes basic text-based instructions on how the building contractor should install and apply configurations to the smart technology OT systems. This approach has two major problems that often result in suboptimal results.
Most often, the design engineering firm writes basic text-based instructions on how the building contractor should install and apply configurations to the smart technology OT systems. This approach has two major problems that often result in suboptimal results.
The first is a lack of a feedback loop between the design engineering team and the deployment contractors, which results in zero accountability, says Andrew Rodgers, co-founder of ACE IoT Solutions, a Chattanooga, Tenn.–based software development firm that provides an independent data layer product for smart buildings. “Technology is often wrapped up in the overarching building plan,” he says. “Once construction is started, changes during the construction phase can alter what can be done in terms of OT system deployments. The trouble is that the process for communicating those changes and integrating design team feedback is minimal or nonexistent. Instead, the contractor simply integrates the systems into the building as best they can.”
The second shortcoming is a lack of a contextual understanding of why certain aspects of an OT system should be deployed and configured by the building contractor. In many cases, the contractors simply receive a list of tasks outlined by the design firm with no perspective as to why they should be applied in a specific manner. Without the necessary context, contractors often resort to deploying OT systems in the way with which they are most comfortable as opposed to following the methods outlined in the specifications.
This disconnect can create tremendous difficulties as no two buildings are alike. The result can be diminished energy or water consumption efficiency or gaps in functionality. “Building owners pay a lot of money for design engineering firms to build energy models that translate into optimal equipment,” Rodgers continues. “When turned over to the construction phase, those models are commonly left behind. Much of the data required to build the systems never makes it to the operational phase. Instead, value engineering happens without the benefit of that data, with little understanding of the long-term consequences.”
This disconnect can create tremendous difficulties as no two buildings are alike.
As mentioned earlier, a digital, software-defined interoperability layer that manages smart building and OT systems is becoming common practice. This delivers a real-time and historical view of the performance of these solutions under a unified dashboard. “The problem,” Rodgers states, “is that there are few examples of comprehensively applied standards or frameworks to use as a guide. This leads to interoperability systems that are applied with widely varying results and a lack of true cohesion.”
If properly built, interoperability platforms deliver building owners and operators the right tools and necessary visibility to ensure that in-building technologies and systems are working efficiently and have the capability to adjust systems based on real-time and historical data analysis. This requires deep insights into how OT systems have been deployed, their technical limitations, and how data can be extracted, curated, and analyzed to achieve peak results. It also demands that integrators be trained in the latest standards-based methodologies and can interact with design engineers using a common technology language and nomenclature.
Security issues
Data security plays a significant role in IT/OT system rollout and interoperability. In many cases, sensitive systems and data require internet access, and data is stored in off-site data centers and clouds. Building owners must address the hardening of the various accessible IT/OT systems and data—both at rest and in motion—to prevent unauthorized access, data theft, or data loss.
Because data is extracted from in-building IT and OT systems and often centrally analyzed off-site, building management systems must be configured to ensure that this sensitive information is secured and that all avenues of compromise are addressed. As more building systems communicate with each other in making automated decisions spread across multiple geographic areas—as in the case of distributed energy resource (DER) systems—the attack surface grows, along with the risk of cyberthreats.
As more building systems communicate with each other in making automated decisions spread across multiple geographic areas—as in the case of distributed energy resource (DER) systems—the attack surface grows, along with the risk of cyberthreats.
According to the October 2022 DOE report "Cybersecurity Considerations for Distributed Energy Resources on the U.S. Electric Grid," “the emerging DER industry will bear responsibility for securing the DER they manufacture, deploy, maintain, and operate. As many DER industry members have not been part of the historical partnerships and oversight that operated and maintained the power grid, electric power reliability, and security requirements, the responsibility needs to be established for this emerging industry.”
While these advanced power grid systems may have the necessary data security processes and best-practice guidelines, the deployment contractors must strictly adhere to those guidelines. Missing from this equation are data security professionals who are well-versed in existing and emerging risks of OT systems and data. The DOE lists several attack vectors that apply to DERs and must be addressed, including:
- Ransomware: A method to gain unauthorized access credentials.
- Supply chain compromise: Attacking a less-secured system in an attempt to gain backdoor access into OT hardware and software.
- Worms: Software that intelligently and automatically scans the network through a compromised system to identify additional targets to compromise for further malicious reconnaissance or to establish botnet endpoints.
Much of the challenge of securing operational technologies relates to the fact that network security professionals are often focused on the IT side of the business and have relatively little knowledge on what it takes to properly secure OT systems and data. While OT systems integrators are beginning to address this shortcoming, the skills gap remains to this day.
Closing the skills gap
Due to concerns of inefficient and insecure IT/OT systems and the threat of monetary penalties applied due to government regulations, a different approach to the design, deployment, and ongoing operations is needed. According to Rodgers, two significant changes to the process are required:
- Decouple building construction deployment and accountability from smart building IT/OT systems.
- Create a streamlined and open feedback loop between IT/OT design teams and deployment contractors.
Both recommendations require significant alterations in how contracts are defined during the OT planning phase. Instead of allowing design firms to write specifications and then essentially walk away from the project, in-house systems planners should create accountability checkpoints throughout the project implementation phase that force design teams to verify that building contractors are installing and setting up systems as intended. If construction changes force modifications to original design plans, a feedback loop between the contractor and design team must be established by the systems planners that forces the design teams to rework plans that work around build-out issues that continue to meet or exceed original goals.
Where the responsibility falls
Ultimately, a building owner must verify that all IT and OT systems have been built according to agreed-upon specifications with the inclusion of an interoperability layer system. The sign-off and approval of these systems should be conducted by a trusted party that is well-versed in each of the technologies, is certified in the design and deployment of IT systems, and has a deep understanding of the end-state goals.
The sign-off and approval of these systems should be conducted by a trusted party that is well-versed in each of the technologies, is certified in the design and deployment of IT systems, and has a deep understanding of the end-state goals.
Throughout the design and deployment process, these individuals must be working with both design and deployment contractors to continuously assess whether the design and integration of smart building systems meet the owner’s needs from a performance, usability, efficiency, and data security standpoint. These new processes must be outlined in the building design and construction request for proposal, ideally decoupling OT system design and integration from the overall building construction plan and creating a common language that all parties understand. This will better ensure that responsibilities and feedback loops are established, and that accountability is clearly defined in advance. It will also protect the building owner’s investment as they are better guaranteed that OT and interoperability systems will work as intended on day one.
Because interoperability standards continue to emerge and evolve today, the onus is placed on the building owner to establish their guidelines, feedback loop processes, and accountability. While this is a significant challenge to take on and will require an additional up-front cost to hire experienced third-party experts, the benefits will almost certainly outweigh the effort.
For more news, projects, and profiles in the smart buildings ecosystem, subscribe to the SBT newsletter and follow us on LinkedIn, X, and Facebook.