SFPE Tech Talk 2012 BACnet Integration Topics in Life Safety Systems Jason Falbo, P.Eng, M.B.A VP Engineering The Mircom Group of Companies jfalbo@mircom.com www.mircomgroup.com ROADMAP Past Methods of Integration Industry Drivers for Change Details of the BACnet Protocol A quick application example Helpful Links and Self-Study Tips for the Fire Protection Engineer From Hardwired Interfaces to Software Interoperability BRIEF HISTORY OF FIRE ALARM SYSTEMS INTEGRATION THE PAST: HARDWIRED INTERFACES A collection of dry contact inputs/outputs were used to fulfill a correlation matrix to meet a specific project integration objective Relay Logic was used to design complex interfaces Systems were poorly documented if at all and nearly impossible to maintain or extend INTEGRATION: COMPLEX METHOD Return Air Fire Alarm Damper Actuator Relay Damper Status Monitor Modules Supply Air Damper Actuator Relay Return Air Damper CLOSED End Switch Electrical Supervisory Device Supply Air Damper CLOSED End Switch Supervisory Device Return Air Smoke Damper Pneumatic Actuator Supply Air Damper OPEN Supervisory Device Supply Air Damper Pneumatic Actuator Supply Damper Actuator Electrical Supervisory Device Return Air Smoke Damper Actuator Electrical Supervisory Device Return Air Damper OPEN End Switch Electrical Supervisory Device Trends, History, and Purpose MODERN DRIVERS FOR CHANGE INDUSTRY TRENDS IN INTEROPERABILITY Financial Services http://www.xbrl.org/ Healthcare http://www.hl7.org Fire Protection http://www.bacnet.org/ INTEGRATION: COMPLEX METHOD Return Air Fire Alarm Damper Actuator Relay Damper Status Monitor Modules Supply Air Damper Actuator Relay Return Air Damper CLOSED End Switch Electrical Supervisory Device Supply Air Damper CLOSED End Switch Supervisory Device Return Air Smoke Damper Pneumatic Actuator Supply Air Damper OPEN Supervisory Device Supply Air Damper Pneumatic Actuator Supply Damper Actuator Electrical Supervisory Device Return Air Smoke Damper Actuator Electrical Supervisory Device Return Air Damper OPEN End Switch Electrical Supervisory Device INTEGRATION: SIMPLIFIED METHOD FACP with Native BACnet Interface Physical Ethernet port Connection on FACP Main Board MD-871A Main Board BACnet Ethernet Connection THE FUTURE: SOFTWARE INTERFACES BACnet: ANSI/ASHRAE Standard 135-1995: BACNet--A Data Communication Protocol for Building Automation and Control Networks. 1980’s saw a proliferation of computerized building systems and typically systems from a specific manufacturer could not operate with other manufacturer’s products (no “interoperability”) In1987 , Michael Newman of Cornell University formed a committee to investigate creation of interoperable building systems protocol The BACNet standard’s first draft was published in 1991, and it became a standard in 1995 BACNet was designed to allow interoperable communication of building automation and control systems for applications such as heating, ventilating, air-conditioning control, lighting control, access control, fire protection systems and their associated equipment. BACNET STANDARD HAS BEEN ADOPTED BY 612* MANUFACTURERS WORLDWIDE Country USA Germany Canada Japan Australia United Kingdom China Vendors 228 68 51 51 20 Country Netherlands Hong Kong Poland Sweden Austria Vendors 10 8 8 8 7 Country Vendors Finland 2 Ireland 2 Slovakia 2 New Zealand 2 Serbia 2 19 Taiwan 7 Spain 2 16 Malaysia Czech Republic India Israel Brazil South Africa 6 Argentina 1 5 Belgium 1 4 4 3 3 Croatia Estonia Hungary Latvia 1 1 1 1 Korea 15 Switzerland Denmark France Italy 15 11 11 11 http://www.bacnet.org/VendorID/index.html *as of September 12th 2012 BACnet Implementation BACNET IMPLEMENTATION CASE STUDY BACNET SETUP: STEP ONE (ACTIVATE) Use MGC’s Fire Alarm Panel Configurator to activate BACnet functionality: 1. Run TCP/IP Services 2. Activate BACNet Services BACNET SETUP STEP TWO (EXPORT) Use Configuration tools to export automatically the list of auto-assigned BACNET points for each object in the Fire Alarm Control Panel BACNET SETUP STEP THREE (DEPLOY) Provide the list of BACNet points to the BMS system integrator The Integrator will map the auxiliary system activities to FACP point state changes BINARY INPUTS LIFE SAFETY POINTS BINARY INPUTS LIFE SAFETY POINTS INTEGRATION : OPTIMIZED METHOD LIGHTING CONTROL CLIMATE MONITORING SECURITY-OCCUPANTMONITORING VIDEO-SMOKE-CONFIRMATION SAFE ELEVATOR EGRESS SMOKE MANAGEMENT & CONTROL How Does it Work? BACNET PROTOCOL DEEP DIVE PART I - BASICS FIRST START WITH CHOICE OF BACNET NETWORK ARCHITECTURE High Speed Backbone LAN (Fire Alarm)Network ID#2 BACnet Workstation OpenGN (Fire Alarm)Network ID#3 (Security & Access Control) Network ID#1 (HVAC/Fan Control) Network ID#4 NEXT: LEARN THREE RULES! 1. Every Device has a set of Objects 2. Every Object has a set of Properties 3. Messages & Services describe the above BACNET OBJECT MODEL BACNET OBJECT PROPERTIES CHANGE BASED ON PHYSICAL EVENTS Smoke Alarm modeled as binary input (alarm point) Addressable relay modeled as binary output (supervised output circuit) MOST USEFUL MESSAGES & SERVICES Who-Is and I-Am Who-Is and I-Am may be used to dynamically bind Device IDs (Device Object Identifiers) to addresses ReadProperty ReadProperty-Request and ReadProperty-Response are used to “receive” a single property of an object from a BACnet device WriteProperty WriteProperty-Request and WriteProperty-Response are used to “transmit” a single property of an object between two BACnet devices MAPPING FIRE ALARM DATA INTO BACNET DATA (ALARM SCENARIO) FIRE ALARM SIDE MANUAL STATION (Device) ADDRESS = N2L4A006 ACTIVITY = TRANSITION FROM NORMAL TO ALARM EPICS (VENDOR DATA KEY) PRESENT_VALUE = ‘0’ IF NORMAL OR ‘1’ IN ALARM STATUS FLAGS = ‘[0,0,0,0]‘ IF NORMAL OR ‘[1,0,0,0]’ IN ALARM BACNET/BMS SIDE BINARY INPUT (Object) OBJECTID = 2004006 PRESENT_VALUE = 1 STATUS FLAGS = [1,0,0,0] DRIVING ADOPTION THROUGH SPECIFICATION & REGULATION LEARN MORE ABOUT BACNET SELF STUDY & TIPS Tutorial, Overview http://www.bacnet.org Purchase the Standard http://www.ashrae.org/resources--publications/bookstore/standard-135 Download your own BACNet stack and develop your own interface http://sourceforge.net/projects/bacnet/ Test a product’s BACNet Interoperability level using VTS http://sourceforge.net/projects/vts/ Specify BACNet into your projects! http://fire.nist.gov/bfrlpubs/build99/PDF/b99051.pdf Guide To Specifying BACNet THE END For any questions/comments contact the author via email: Jason Falbo, P.Eng, M.B.A Vice President, Engineering The Mircom Group of Companies (MGC™) jfalbo@mircomgroup.com Extra details for those interested APPENDIX A OBJECT MODELLING, SERVICES, SECURITY BACNET PROTOCOL DEEP DIVE PART II – ADVANCED TOPICS BACNET MESSAGE ROUTING BACNet works on Open System Interconnection (OSI) model of networking. BACNet works primarily on the Application, Network and Physical layer of OSI. Other layers were omitted/consolidated to make protocol efficient The diagram on the following slide shows how a packet is routed from a bacnet compatible application layer through the network layer to the physical layer. APPLICATION Event Activation GUI Update Application Engine APPLICATION INTERFACE/ APPLICATION LAYER Service Calls (Who Is, Read Property, Write Property etc.) Request Generated to Application Encode Queue To Application Decoded Queue BACNet Encoder BACNet Decoder Receive From Application Queue Send To Application Queue TSM MANAGER Sending Queue Receive Queue Sending Thread Receiving Thread BACnet Packet Network Packet Network (LAN, WAN, Internet, etc.) NETWORK LAYER BACNET SECURITY BACnet Security model is optional to use. The intent of designing this module is to provide peer entity, data origin and operator authentication, as well as data confidentiality and integrity. BACnet Security architecture provides Device Authentications, Data Hiding, User Authentication. BACnet Security model relies on the use of shared secrets called keys. Device Authentications and User Authentication are achieved through the use of message signatures and shared signature keys. Data hiding is achieved through encryption of the secure payload and shared encryption keys. Details on BACnet Security module can be found on : http://www.bacnet.org/Addenda/Add-2004-135g-PR1.pdf BACNET SECURITY - SHARED KEYS BACNet Security Key Pairs General – Network Access Key User Authenticated Application Specific Installation Distribution Device-Master BACNET SECURITY – SECURING MESSAGES Encrypted Security Payload – Secured NPDU APDU Control Bit in NPCI is changed to indicate Message contains Network Layer message rather than APDU The above diagram shows encrypted APDU placed in a security payload. Similarly we can do for NPDU. We can send Secured BVLL message for encrypted NPDU. We can encrypt the message using HMAC, MD5 or SHA-256. BACNET WEB SERVICES BACnet uses standard way to integrate Web- based application, i.e. using XML, SOAP, WSDL, and UDDI open standards over Internet Protocol. KEY DEFINITIONS & TERMINOLOGY BBMD: BACnet Broadcast Management Device Used to manage transmissions between networks NPDU: Network Layer Protocol Data Unit Specially formatted message that a BACNet device transmits over its physical link to route the information correctly APDU: Application Layer Protocol Data Unit EPICS: Electronic Protocol Implementation Conformance Statement Link to downloadable template: http://www.bacnet.org/DL-Docs/135-2008-ANNEX- A-rev-2010-11-02.doc BIBB: BACNet Interoperability Building Blocks