Confidence building

TRADITIONALY THIS has been a preserve of commercial and business operators, but increasingly it is becoming a reality for private homes too, as the Internet of Things (IoT) becomes an everyday reality. The beneficial opportunities are seemingly limitless, but there also needs to be an understanding that security must be even more vigilant. As well as benefits, combining different functions on one network also gives potential opportunities to criminals.

The localised automation of buildings’ systems has been popular for decades. Basic, wired networks have linked many different systems to a central point for operator visibility. Think about a traditional office building, which have intruder alarms, fire control, security and access control systems that can all be controlled and monitored from one location. 

BACnet, KNX and LONworks are examples of standard technologies which have been popular for buildings management for some time. Sensors such as thermostats, proximity sensors and smoke detectors can provide data inputs, and devices such as boilers, lights and fire alarms can use the data to switch on and off automatically.

There are limitations to these protocols though, as they are somewhat conservative with regards to the systems they can network with. This is where IoT is rapidly gaining ground as a highly flexible, adaptable and user-friendly alternative. With open architecture and universal compatibility, using IoT means any number of different systems could be networked and effectively ‘talk’ to each other.

The security industry has already seen a big shift towards fully-integrated systems in recent years. The IoT is literally a game-changer which makes truly Smart Buildings a practical and affordable reality.

Benefits of Smart Buildings

Smart Buildings offer a tantalising ability to oversee a whole facility and its systems from one or more secure online portals. Everything from security systems and environmental controls, right down to food preparation and storage equipment can be linked to the same network. This is useful for everyday operations, but becomes especially useful for the early detection of potential issues or even a major emergency.

Take a fire for example, the building’s CCTV and fire detection system will rapidly alert the security and operations teams of a potential hazard. As well as triggering the fire alarms and evacuation procedures, the Smart Buildings situational management system can escalate the alert to the emergency services (if required) and inform all key stakeholders, wherever they may be. None of this relies on a human to get it right, the procedures are automatically triggered and seamlessly deal with the situation.  

Working closely with the security and access control systems, dangerous areas can be barred from access and checked for occupancy using CCTV and access control records to confirm where people may be trapped or if they have already safely left the danger area.

With online connectively, all these information feeds from various sensors and systems around the building can be correlated and the details shared with rescue, recovery and investigations teams. It is also possible to accurately reconstruct any situation using the data to assess how the issue may have occurred and how steps can be taken to combat similar challenges in the future.

Many of the benefits of Smart Buildings are more subtle. For example, access control systems can be used to measure occupancy of a sector or floor and adjust the heating/ventilation and lighting settings accordingly (for comfort and economy). Equally these systems could be used for safety, such as stopping people entering an overly crowded area. 

Everyday equipment used by employees can also be included in the Smart Building mix (such as a staff kitchen for example) so it can be monitored for problems (such as a broken appliance or lighting issues) and a repair team automatically notified. 

On a more modest scale, having this technology fitted in a smart home can bring similar benefits with regards to an emergency, such as a fire or intruder alarm, or appliance faults. At the same time, many people leave their home empty through the day so innovations such as Hive systems allow the owner to remotely activate their heating, lights or perhaps even an oven, to suit their return in the evening.

Office lifts

In a large building there can easily be a delay for staff waiting for lifts at break times, lunch times and other busy times of the day; potentially resulting in hundreds of hours being wasted each week. By integrating a lift system into a Smart Building network, people movement can be optimised. It can be used to reduce staff queuing time and improve the efficiency of moving people around the building. 

When staff or visitors enter the building, they swipe their card, as with any other access control system. Traditionally people call the lift and choose the floor they need. With a smart and integrated system, once the employee’s card is swiped, a message is sent to the system and an LCD screen then displays the lift the employee needs to enter. 

The lift will already be set to their destination. The system will also send anyone else entering the building who needs to go to the same floor, to the same lift, thus saving time by not having to stop at each floor. As well as the considerable convenience and time management benefits, these integrated lift systems are more environmentally friendly and economical to run.

Security considerations

Unfortunately, having an increased number of online connections in a Smart Building could become a double-edged sword. For every new device that has full access to the network, you have an end-point which needs protection. Potentially any vulnerable point could leave any other part of your network open to attack or intrusion. 

Take IP CCTV security cameras in an integrated security network for example. Any gap in this defence could allow access to your core network and therefore any crucial items using it – including your own security cameras. This could give access to any amount of data, including what times people are there (and therefore when it is empty) or when your security team is on patrol. It could be used to spy on specific images/scenes held in plain view of a high-res camera (including printed documents or even display screens).

This makes it very important to think about the layers of security in any device associated with a Smart Building that uses an IoT network. In an ideal world, all online-enabled devices would contain the highest levels of protection. Realistically though, SSL standards can’t be employed in everything – if nothing else the price point would prohibit this. 

Generally, most organisations or individuals are protected from online intrusion by Firewalls. But a connected IoT device may not uphold this level of end-point security. A relatively simple IoT device could be used to perform a straightforward task but there is no guarantee it will include SSL encryption. 

This could leave a relatively humble device as a worryingly weak point in the security of a Smart Building network. It may be sensible to consider some systems as a potential end-point security risk and to consider ways to limit their access to central systems. 

In theory it is possible to pick and choose what systems have full or restricted access to the Smart Building network. From a security point of view it is very tempting to exclude end-point devices that do not offer the highest levels of security but that goes against the ethos and considerable benefits on offer from IoT-enabled Smart Buildings.

Secure Smart Buildings

Undoubtedly, Smart Buildings also have the potential to enhance security systems by adding to the number of ‘sensors’ available to situational security systems. These complex software systems can make even more accurate assessments of any situation by receiving data from a multitude of IoT devices.

While the physical security industry has been very quick to get up to speed with IP-based systems, the IT sector equally needs to be fully aware of the security needs from IoT technology. There is also the question of responsibility - who is responsible for the IoT components used in Smart Buildings?

Realistically, it is impossible to implement a true Smart Building regime without different parts of the organisation working closely together to maintain and operate it. The IT, security and operations teams all have an important part to play in specifying what systems are installed and how they are operated. Smart Buildings require a more united approach than ever before.

There is no doubt that Smart Buildings are the future of facilities management. The considerable benefits make it essential to overcome any potential pitfalls. Relevant levels of security need to be in place so that vulnerable areas are recognised and mitigating steps introduced. Smart Buildings have a huge amount to offer, but it should not be at any cost. 

John Davies is managing director and owner of TDSI. For more information, visit www.tdsi.co.uk