Reply to post: Re: Sadly unsurprising

Building automation systems are so bad IBM hacked one for free

I ain't Spartacus Gold badge

Re: Sadly unsurprising

And if it's running something more important than People Pods, like an industrial environment or the a/c to the server room, somebody could do some serious damage...

I'd not thought of that. You could have a new security term ADoS. A DDoS is a distributed attack, an ADoS is an Aircon Denial of Service.

It all depends on how integrated stuff gets. At the moment most kit has built-in protection. So servers will shut down on over-temperature, meaning your kit doesn't cook. Though I suppose that not all the kit will come back up again, so it's still bad. And you lose service.

Electric motors last a long time when they run, but suffer stress on start-up. So you can kill a pump by turning it off and on repeatedly. But to combat this, many industrial electric motors have run-on timers, for example most water pumps will run for a minimum of 2 minutes.

Heating systems contain electronic controls to stop the boiler if things go over temperature or pressure. But there's also a hardware backup, the emergency temperature and pressure relief valves. This limits what you can screw up even with control of a BMS.

Many tall buildings have an anti-vacuum system on the pump - to avoid water hammer damage on restart. Some also have automatic anti-vacuum valves, doing the same job in hardware.

If people come to rely on electronic sensors and controls, and then further come to rely on the BMS to operate these, then I forsee a problem.

Fortunately the building services industry is too fucked up for that. Design is done in silos. No one talks to each other. Purchasing too - often the people who buy the equipment now will save 10% on physical kit, even though it costs them more in labour than that saving - because they're bonused on saving purchases and don't even talk to the site engineers.

As manufacturers, we don't talk to the BMS people, who treat their whole field as a black box that only they understand (and charge large amounts to commission). So all they get is volt-free connections giving a fault/no-fault signal. Even with pumped systems on timers they don't often manually tell the pump to switch on, rather they open a valve, that causes water pressure to drop - activating the pump that way (on its normal controls).

Incoherence and incompetence will save us! Hooray!

...Sorry, I was trying to be hopeful. Think I blew it at the end there...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019