Get an Edge with Niagara 4 Head Start Program!

Screen Shot 2015-06-27 at 3.06.11 PMAs the excitement builds for the release of the next generation of the Niagara Framework®, now is the time to take advantage of its features and benefits before the official launch.

This program introduces the Niagara 4 Head Start bundle for current Niagara AX TCP certified professionals. This offers an early glimpse of Niagara 4’s power and flexibility, along with the opportunity to generate new business and increase revenue from your existing customer base — all at a great price. You’ll also get access to web-based training that you can complete on your schedule at your convenience.

Sales and Product Information: Contact your local Honeywell sales representative

More Information:

Order Products
customer.honeywell.com
Purchase Order/Order Status Questions
WEBs_Orders@honeywell.com

Licensing Requests
WEBsLicense@honeywell.com

Order Literature
literature.honeywell.com

Technical Assistance Center (WEBs Squad)
Toll Free at 888-235-6048
Email at WEBsSquad@honeywell.com
8 a.m. – 5 p.m. Central Time, M-F

New Products
buildingcontrols.honeywell.com

SmartCore’s Will Winn on Making Your Building Cyber Secure

I had a chance to catch up with Will Winn from SmartCore at the 2015 Realcomm|IBcon conference.

Based in Charlotte, NC, SmartCore provides a five‐tiered framework that encompasses building management systems, physical security systems, digital media systems, network communications systems, and operational support solutions. Approaching solution sets from the enterprise class level, SmartCore designs, installs, and supports building network solutions (can you say “turn key”). The results are strategic, value-centric, flexible and future-proof solutions.

As a Principal at SmartCore, who better than Will Winn, to shed light on the key new building automation control and Smart Buildings trends presented at Realcomm|IBcon?

Inaugural Episode of BAS Control Pub Talk with Mad Mike Marston

We affectionately refer to EasyIO’s Mike Marston — as Mad Mike Marston, because of his effervescent scientific approach towards building solutions. In the first relaxing hours after an intensive 2-day conference show, ControlTrends adjourned with Mike, to a near-by microbrewery restaurant, where after the first pour, Mike asks, “Do you want to see a fabulous AHU application?” Instant presto, Mike reaches into his brief case, pulls out a battery, a router, a wall unit, and an FG-32+ and two minutes later, Mike is connected to an FG-32+ — and the demo begins, and BAS Control Pub Talk with Mike Marston is born. The next episode is about a microbrewery application from an integration firm out of Spokane, Washington. The FG-32+ is a growing part of the future — Watch the next episode of BAS Control Pub Talk with Mad Mike Marston, and see why!

Screen Shot 2015-06-25 at 9.11.59 PMP.S. Mike sent us this from Dubai. We believe he’s working on another BAS Control Pub Talk with Mike Marston, from Dubai?

What Kind of Consulting Engineer Shows up at Realcomm|IBcon?

What kind of consulting engineer shows up at shows like RealComm|IBcon? Well, the enlighten ones, like Donny Walker do. It is refreshing to see more and more consulting engineers coming to conferences like Realcomm|IBcon and getting the 411 on the latest building automation controls technologies and solutions. Guys like Donny realize that putting out cookie-cutter specifications is no longer going to be acceptable to savvy Real Estate professionals like the ones that attend Realcomm|IBcon. Donny is one of the great engineers from engineering powerhouse Newcombe and Boyd in Atlanta.

His skills include providing technology systems planning, programming and design services with an emphasis in technology systems application and integration. Specific systems planning experience includes campus technology, master planning, data center layout and configuration, IT systems network, and cabling design.

Find out what Donny has to say to our Rob Allen ( 7 Minutes in Control) about what he looks for in building automation controls technology, analytics, and the unique value they create for their customers. Right on Donny!

Alper Üzmezier, BASSG, LLC, Presents Cool New Thermostat from BAS.co

The ever inventive, Alper Üzmezier, BASSG, LLC, introduced us to a very cool thermostat at Haystack connect. This is more than your average commercial thermostat. With a port on the back of the thermostat, you can control your Dali Lighting ballast directly from this thermostat, you can add remote I/O and get data from the thermostat via modes on BACnet MS/TP.

For more information on this thermostat go to BAS.co. Get job Alper!

Cyber Security Terms and Definitions – Part 2

20111201 cyberThe list below is a continuation of the series Cyber Security Terms and Definitions. Some of the terms you may have heard or probably will hear sometime in the near future.

I am not sure how many of these I need to do past this point because it can get into some areas that you will probably not run into. If you have terms or topics you want to take a deeper dive into, let me know and either I will answer it or have some of the cyber security experts I know post response to it.

Blacklist – This is a list of known bad sites and/or IP addresses. For instance, once a point of origin has been identified as a source of SPAM email, this site/IP is put into a blacklist. There are subscription services that have a broad list of blacklisted sites/IPs that you can add into you security profile, but it can also be sites/IPs that you have identified and put into your firewalls.

I have also run into to situations where a site legitimate site/IP has ended up in a blacklist simply because the blacklist service could not confirm it was a good site/IP.

Whitelist – This can be tricky… Unlike the blacklist where you leave yourself open to allow anything that is not on the blacklist, the whitelist approach says I will not allow anything unless it is on the whitelist. If you setup your security scheme this way, it will increase your IT maintenance time because every time someone needs to go to a site/IP that is not on the list it must be added by hand, one at time. It is safer, but is more time consuming.

Phishing – Whether you realize it or not, you have probably already been a victim of a phishing attack. Most of us remember the Uganda (I think Uganda… could have been Ethiopia… I digress) email that said all you need to do was put $1,000 in a bank account and you would magically get, oh I don’t know, $100,000 for your time and trouble. This was a form of phishing.

Phishing today is much more sophisticated. You might receive an email saying “AT&T – (“Your Online Bill is Ready”). If you click it could take you to a site that even looks like AT&T. The link that you see may be “AT&T Bill”, the URL (web address) that you don’t see may be something like http://att.billing.biz. The site would ask you to enter your account name and password to review your bill. If you do this, they now have your AT&T credentials. Another thing that might happen by clicking the link is a malicious program could be installed on your machine to log your keystrokes. There other things that might occur, but suffice it to say if you get an email and you are not 100% sure of its point of origin, delete or forward to your IT staff for review.

You can also do some investigating yourself. In the example above the link was “AT&T Bill”. If you hover over the link (DO NOT CLICK) a pop up will show you the web address it is pointing to. If it has http://www.att.com or http://www.att.net, it is legit. If it is any other address… DELETE IT!

Spear Phishing – Spear phishing is aimed at specific people and/or group of people where plain ole phishing is mass emailing with no particular target to snare anyone who clicks the link.

This type of attack is well thought out and planned. The spear phisher will learn as much as they can about you and/or your company so that when they craft their email is has a high degree of legitimacy and familiarity to the recipient. The agenda for this type of attack may be to pierce a company’s firewall to gain access to specific information that you and/or company possess. Once in, this “hole” in your firewall will probably remain undetected for days, weeks, or months allowing the bad guys to come and go as they please.

Pharming – This is a website that is designed to appear legit in order to get you to enter sensitive information such as passwords, account numbers, Social Security numbers, etc. This more than likely the site that a phishing email will take you to if you click it.

Social Engineering – A psychological attack used by cyber attackers to deceive their victims into taking an action that will place the victim at risk. For example, cyber attackers may trick you into revealing your password or fool you into installing malicious software on your computer. They often do this by pretending to be someone you know or trust, such as a bank, company or even a friend.

Spoofing – I mentioned in Phishing above that you may see “AT&T Bill” when in reality the web address was something like http://att.billing.biz. This is a form of spoofing. In other words this is a message that appears to have a legitimate point of origin, but in reality does not.

Spoofing can also occur in text and phone calls. Text can appear to come from a legitimate source such as a friend of yours. The same applies to phone calls.

Cyberspace – Hmmm…? This could go in several directions.

If you look online you can get a lot of explanations which basically mean about the same thing. If you want a definition… Merriam Webster doesn’t give you a lot to go on. According MW, they say this is the Full Definition of CYBER SPACE…“the online world of computer networks and especially the Internet”.

I’m just going to say if something is connected and remotely available, it is in cyberspace. Therefore, cyberspace is a virtual environment that connected devices live in.

Encryption – This one can get deep, but we won’t go there. Basically what this means when data (email, user credentials, etc.) leaves the source to travel over the web, it is in a “cocoon” of sorts and the receiver of the information has a “key” to unlock the cocoon to see what is in it.

Just for fun I asked www. Merriam-Webster.com what she said and this is what I got… “encrypt: to change (information) from one form to another especially to hide its meaning.

Exploit – In some respects it is what it is. What I mean is the application of the word is the same whether you are talking about people or things. The technical explanation in cyberland is code that is designed to take advantage of a vulnerability. An exploit is designed to give an attacker the ability to execute additional malicious programs on the compromised system or to provide unauthorized access to affected data or application.

Malware (Virus, Worm, Trojan, Spyware) – The explanation of this term best described by SANS/Securing the Human (http://www.securingthehuman.org/resources/security-terms).

Malware stands for ‘malicious software’. It is any type of code or program cyber attackers use to perform malicious actions. Traditionally there have been different types of malware based on their capabilities and means of propagation, as we have listed below. However these technical distinctions are no longer relevant as modern malware combines the characteristics from each of these in a single program.

  • Virus: A type of malware that spreads by infecting other files, rather than existing in a standalone manner. Viruses often, though not always, usually spread through human interaction, such as opening an infected file or application.)
  • Worm: A type of malware that can propagate automatically, typically without requiring any human interaction for it to spread. Worms often spread across networks, though can also infect systems through other means, such as USB keys. An example of a worm is Conficker, which infected millions of computer systems starting in 2008 and is still active today.
  • Conficker: The origin of the name Conficker is thought to be a combination of the English term “configure” and the German pejorative term Ficker.[12] Microsoft analyst Joshua Phillips gives an alternate interpretation of the name, describing it as a rearrangement of portions of the domain name trafficconverter.biz[13] (with the letter k, not found in the domain name, added as in “trafficker”, to avoid a “soft” c sound) which was used by early versions of Conficker to download updates. (ref – https://en.wikipedia.org/wiki/Conficker).
  • Trojan: A shortened form of “Trojan Horse”, this type of malware appears to have a legitimate or at least benign use, but masks a hidden sinister function. For example, you may download and install a free screensaver which actually works well as a screensaver. But that software could also be malicious, it will infect your computer once you install it.
  • Spyware: A type of malware that is designed to spy on the victim’s activities, capturing sensitive data such as the person’s passwords, online shopping, and screen contents. One popular type of spyware, a keylogger, is optimized for logging the victim’s keyboard activity and transmitting the captured information to the remote attacker.

If you have comments or questions feel free to post them here or contact me directly at fred.gordy@smartcore.com

2015 Conference Live: Dan Probst of Jones Lang Lasalle Explains IntelliCommand

I had a chance to catch up with Dan Probst at the 2015 Realcomm|IBcon conference. Dan is the Chairman – Energy and Sustainability Services for Jones Lang LaSalle. Dan helps real estate companies reduce energy and operational costs by using their data analytics platform InelliCommand.

IntelliCommand facility management software, powered by Pacific Controls, combines smart technology with JLL’s building operations expertise and execution to provide 24/7, real-time, remote facility monitoring and control.

IntelliCommand gives a voice to buildings of all types, including office buildings, data centers, manufacturing plants, retail sites, and distribution hubs. And when buildings talk, we listen—either resolving issues remotely, or deploying on- or offsite building engineers or facility managers.

Contemporary Controls BAScontrol20 Firmware Version 3.1 Released

Screen Shot 2015-06-18 at 2.13.25 PM

Contemporary Controls recently released firmware version 3.1 for the BAScontrol20 Sedona Open Unitary Controller. Built on the Sedona Framework, Contemporary Controls has developed more than 100 custom Sedona components which complement the standard Tridium-developed Sedona 1.2 components that reside within the device. Unique to the BAScontrol20 are 48 Web Components that allow wire sheet data to be read and written from a common web browser. With firmware 3.1, virtual points – which allow wire sheet data to be read and written from a BACnet client – have been expanded to 24.

Contemporary Controls defines an open controller as follows:

* Utilizes an open protocol for network communications
* Supports an open programming language for implementing control strategies
* Provides a programming tool that is available to systems integrators without restriction
* Fosters a community of developers and integrators that share technology for the public good

Screen Shot 2015-06-18 at 2.13.48 PM

“The BAScontrol20 Firmware Release 3.1 is our commitment to open control technology that is both practical and easy to apply. Based upon open standards such as the Internet protocol for communications, BACnet for data definitions, and Sedona for control, the BAScontrol20 represents a truly open controller. In fact, many of the new features came from those in the Sedona community,” states Bennet Levine, R & D manager.

The BAScontrol20, 20-point BACnet/IP Sedona Open Unitary Controller supports both BACnet/IP and Sedona Framework (SOX) protocols via an Ethernet connection. It complies with the BACnet B-ASC device profile having eight universal inputs, four binary inputs, four analog outputs and four binary outputs (relay or triac). The device is a freely-programmable controller executing Sedona’s drag-and-drop methodology of assembling components onto a wire sheet to create applications. It can be programmed using Niagara Workbench or a third-party Sedona programming tool; or configured for BACnet/IP remote I/O applications using a common web browser. A free Sedona Project Backup and Restore utility called BASbackup is available for saving all project data including program, configuration and web page data.

There are no hardware changes on the BAScontrol20 and it is possible to re-flash existing controllers in the field by first contacting Contemporary Controls’ technical support. The following is a list of new features found in firmware version 3.1.

* Virtual points increased from 8 to 24 points – Sedona and BACnet readable and writable
* Universal Input options expanded – 20kΩ thermistor, and a 1-100kΩ resistance range
* CControls Function Kit added – 16 new components including Psychrometric (SI/English)
* Additional Change-of-Value (COV) subscriptions – 14 binary and 2 analog in total
* Increased performance and larger application memory space – supports larger app.sab
* More informative web pages – all points identified by BACnet name and color-coded by function Network
* Time Server can be found by domain name – easy access to pooled NTP servers
* Improved Universal Counter (UC) component – mimics Sedona counter but with persistent memory
* The BASbackup Sedona Project utility easier to use – not dependent upon the Workbench tool

All new BAScontrol20 orders include the added features found in release 3.1 and will be shipped with no increase in product pricing ($295.00). There is no licensing required or restrictions to purchase or use theBAScontrol20. For more information on the BAScontrol20 controller with firmware version 3.1, visit the BAScontrol20 product page.

Conference Live: John Petze at 2015 Realcomm|IBcon

I had a chance to catch up with Sky Foundry’s John Petze at the 2015 Realcomm|IBcon conference in San Antonio. Key interview take-aways are that the state of building analytics has improved significantly since 2011. As John says, “It’s impossible to monitor data and system operations manually.” Successful deployment of analytics results in increased comfort, reduced costs, and energy savings — and it’s all about the last 18″ — the distance from the computer monitor and the systems operator, and converting data into actionable information.

KMC Commander™ Awarded Best Intelligent Building Technology Innovation at Realcomm IBCon

San Antonio, Texas – June 11, 2015

KMC Controls, a leader in building automation systems, was awarded the Best Intelligent Building Technology Innovation Award at the 2015 Realcomm IBCon conference in San Antonio, Texas for KMC Commander™. KMC Commander is a complete IoT platform for building automation that forms an end-to-end solution, from sensors and controllers (edge devices) to cloud-based remote management applications. Remote visualization and control are enabled via a cloud-hosted, mobile application based architecture with secure data access. The solution features embedded processing and security technology from Intel®, engineering and design collaboration with Dell OEM, and tagging and visualization software framework from J2 Innovations.

IBcon has grown to become the world’s most comprehensive and leading edge discussion on the next generation of smart, connected, high-performance, green, sustainable, intelligent buildings. The event is not about the traditional one building, one system, one vendor smart building of yesterday, but rather the open architected, interoperable, integrated, IP, IT centric smart buildings of tomorrow.

Richard Newberry, Strategic Advisor to KMC’s Board of Directors, commented, “IoT connectivity is the future of building automation and KMC is at the leading edge in developing innovative and intuitive solutions for connecting building automation systems to the Internet of Things. We have leveraged our history of successful partnerships to [Read more…]