Penn State needs no introduction as an academic institution. Founded in 1855 it has maintained a strong reputation in the US college system. From a facilities management perspective, however, some might not know that the institution is fast becoming a role model for what can be achieved with the internet of things (IoT) in a large, multi-campus environment.
Penn State is actually made up of 32 million square feet of buildings, divided between dozens of individual campuses and 22,000 acres of land across the state of Pennsylvania. The 640+ buildings that make up the college utilize thousands of building systems, including operational devices and sensors that track almost every detail of their diverse collection of indoor environments.
After years of developing their building automation technology, Penn State decided the next step would be microsegmentation technology from Tempered Networks in order to isolate and cloak traffic from its smart building systems. This new system relies on good communication between systems to share data related to heating, ventilating and air conditioning (HVAC), lighting, access control, fire detection and much more.
“We used to be just building automation. But over the years, we’ve started incorporating more components. We now manage the networks for all the different utilities – waste water, water treatment, steam plants, electrical distribution, even chill water distribution,” says Tom Walker, system design specialist in the facility automation services group at Penn State.
“It’s been an evolution of our group. We’re taking on more stuff within the building, everything that keeps the building running. And we’re bringing that data back through our network infrastructure and into the data center, and then either jumping it up to the cloud or passing it over to other analytic systems to analyze the data,” Walker added.
When Walker and his team began tracking elevator use, for example, the investigation brought up some surprising results that shed light on maintenance issues they had been experiencing. “We found one elevator that did 1,900 trips in one day. It was insight we never had before, and it explains why that elevator is constantly breaking down,” Walker explained.
Walker maintains that these new IoT developments are no revolution but simply a continuation of the the building automation trends that have been ongoing for decades. “This IoT business – it’s a buzzword,” Walker says. “We’ve been doing IoT forever. That’s what building automation is. It’s taking controls in the building and bringing them back through a network, so we can remotely manage that building.”
Facilitating Penn State’s modern era of building automation is BACnet - a communications protocol for building automation and control systems such as HVAC, lighting, access control and fire detection. Penn State committed to BACnet, over other protocols like LonWorks and Modbus, primarily due to its openness.
“Any device, any manufacturer – as long as they talk BACnet, we can integrate them,” says Walker. “It’s a really neat protocol, but you have to know the quirks that come with deploying it, especially at scale.”
One of these “quirks” Walker mentions relates to “broadcast storms”. This can happen when hundreds of BACnet systems are in operation across multiple buildings and campuses. Walker, and Penn State, were concerned that when these systems were allowed to openly traverse the network it would lead to performance declines in other parts of the network and potentially even to exposing serious security vulnerabilities.
“I took over this infrastructure about four years ago, and I came into a flat, Layer 2 network spread across the whole main campus,” Walker says. In order to improve security and manageability, Walker and his team chose to segment the BACnet traffic from the university’s shared infrastructure. This bold move is not just motivated by the desire to keep classrooms at an appropriate temperature for education but to protect the institution’s wide variety of sensitive materials safe.
“We have glacial ice – it is irreplaceable,” Walker highlighted. “So we have monitoring on the freezers to make sure those don’t defrost themselves.” Penn State actually operate an atomic clock in the basement of one building with such valuable and sensitive materials, the clock allows them to control the temperature to as little as one-tenth of a degree.
Large, multi-disciplinary and multi-campus institutions offer the perfect opportunity to test our most advanced building automation and IoT systems. With the careful way it has chosen to use BACnet, Penn State is showing that it is possible to garner the benefits of open protocols while also protecting against many of the associated security issues. Now Penn State offers a strong example of microsegmentation, one that will no doubt provide a model for other organizations around the world.
[contact-form-7 id="3204" title="memoori-newsletter"]