Network Security
Network Management
Open Interfaces
Open Configuration
Future Proof

• Sniffing
• Stack Smashing
• Port Redirection
• Password attacks
• Denial of Service
• Man-in-the-middle
• Viruses

Last but not least is the group known as Application layer attacks – attacks that in many instances use the knowledge obtained about open protocols to their advantage.

A simple search on the Internet today, will lead you to analysis of the security problems associated with some of the BAS industries most common protocols. Additionally, the topic of viruses targeted at building systems has been presented at industry conferences – supporting the notion that in general, awareness is growing about the array of Intelligent Devices in buildings and how easy it is to potentially take advantage of them.

Network security is an extremely difficult problem to solve – RZ’s approach is not’t to try and fix all of these issues on our own, but instead leverage the billions of dollars in R&D that the IT industry is spending annually. As a result, the Mediator\M2~Omega supports such well known and adopted security features as:

• Packet Filtering Firewall
• Secure Shell (SSH)
• SSL (Secure Socket Layer)
• IP Sec (Internet Protocol Security)
• Extensive Logging

For additional information, please consult: info@richards-zeta.com
Back to Top

Network Management

As an increasing number of devices continue to migrate towards IP, it becomes critical to understand exactly how these devices interact with the network. Here are a couple of examples worth considering.

BACnet/IP
BACnet/IP relies heavily on IP broadcasts. Since IP routers are often configured to drop these broadcasts, the BACnet specification defines a BACnet Broadcast Management Device (BBMD) to facilitate BACnet/IP communications across IP routers. A BBMD is required to sit on each segment of the IP network where BACnet devices reside. The BBMD keeps track of every other BBMD on the network, and when it hears a broadcast message on its local segment, it forwards it to every other BBMD that it knows about. If two BBMD devices happen to sit on the same segment though, problems will quickly arise as the two devices continually forward (broadcast storm) these messages to each other. Without in-depth knowledge of the network architecture, in particular how VLAN’s (VLAN’s make it possible for two segments that are physically isolated, to appear as one) are setup, it’s possible to degrade the performance of your clients network.

HTTP
Whether it’s browsing web-pages or gathering information via XML-RPC, the Mediator\M2~Omega uses HTTP to convey and transport information. From the perspective of an IT manager, there’s no difference between a Mediator\M2~Omega and normal Web traffic. An RZ solution does not require dedicated workstations or any additional network infrastructure beyond what already exists at your facility. In fact, the only tool that is required, is a web-browser.
Back to Top

For more than a decade, the BAS industry has promised to deliver open systems. Though great strides have certainly been made, Richards-Zeta chooses to define open in slightly different terms. We benchmark success by evaluating the available pool of expertise that is willing and able to take advantage of the protocols ‘openness’. Among the myriad of BAS protocols, something as fundamental as how the temperature value: “72.50” should be represented, will likely vary by protocol. The beauty of the MPX (Multi-Protocol Exchange) platform is that through a normalization process, all of these important, yet slightly tedious details, are handled for you. So while the expertise necessary to work with traditional BAS protocols is found few and far between, accessing Mediator\M2~Omega data is as simple as:

#!/usr/bin/python
import xmlrpclib
server = xmlrpclib.Server('http://my_Mediator\M2~Omega/xmlrpc')
session = server.rna_xmlrpc.create_session(‘user’,’password’)
ret = server.rna_xmlrpc.invoke(session, ’/interfaces/relay1’, 'get')

This means, when you have a great idea about what to do with the data in your facility, you have the power to do so.
Back to Top

Though many BAS vendors rely on standard database technology to represent their systems, this information is often too onerous to comprehend. On the other hand, the Mediator\M2~Omega’s entire configuration is succinctly represented in standard XML. So if you find there are portions of your commissioning, or any other process, you’d like to automate – the infrastructure is available to support you.
Back to Top

The BAS world and IT have been on a technology collision course for some time – and the only thing consistent in the world of IT is change. It’s important to place safe technology bets and the Mediator\M2~Omega, which is built on Linux, and uses Python extensively leverages two of the most widely accepted solutions on the market today. This affords us the opportunity to stand on the shoulders of the thousands of open source developers and corporate contributors (i.e. IBM) that are working daily to improve these technologies. So instead of rolling and testing our own IP stack, or having to track the technology du jour, we get to focus our attention on developing better applications for your building.

Linux in particular has proven its merits by powering everything from distributed clusters for organizations such as Google and Fermilab to next generation handsets. RZ provides an installation of Linux, running on embedded hardware with no moving parts, which has been optimized for the specific purpose of running an Application Framework for BAS. So you have a rock solid system that’s still nimble enough to evolve with the ever changing world of technology.