Episode 255: ControlTalk NOW — Smart Buildings Videocast and PodCast for week ending Feb 18, 2018 features our interview and cyber security discussion with two of our industry’s most venerated experts from Intelligent Buildings, Darryl Benson and Fred Gordy. Darryl and Fred offer the ControlTrends Community some astute advice and pose an interesting question to system integrators: Do you want to maintain the cyber security risks [Read more…]
Homeland Security Advisory TA17-318B: HIDDEN COBRA – North Korean Trojan: Volgmer. Original release date: November 14, 2017. Systems Affected: Network systems
Overview: This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with a Trojan malware variant used by the North Korean government—commonly known as Volgmer. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.
FBI has high confidence that HIDDEN COBRA actors are using the IP addresses—listed in this report’s IOC files—to maintain a presence on victims’ networks and to further network exploitation. DHS and FBI are distributing these IP addresses to enable network defense and reduce exposure to North Korean government malicious cyber activity.
This alert includes IOCs related to HIDDEN COBRA, IP addresses linked to systems infected with Volgmer malware, malware descriptions, and associated signatures. This alert also includes suggested response actions to the IOCs provided, recommended mitigation techniques, and information on reporting incidents. If users or administrators detect activity associated with the Volgmer malware, they should immediately flag it, report it to the DHS National Cybersecurity and Communications Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and give it the highest priority for enhanced mitigation.
For a downloadable copy of IOCs, see:
NCCIC conducted analysis on five files associated with or identified as Volgmer malware and produced a Malware Analysis Report (MAR). MAR-10135536-D examines the tactics, techniques, and procedures observed. For a downloadable copy of the MAR, see:
MAR IOCs (.stix)
Volgmer is a backdoor Trojan designed to provide covert access to a compromised system. Since at least 2013, HIDDEN COBRA actors have been observed using Volgmer malware in the wild to target the government, financial, automotive, and media industries.
It is suspected that spear phishing is the primary delivery mechanism for Volgmer infections; however, HIDDEN COBRA actors use a suite of custom tools, some of which could also be used to initially compromise a system. Therefore, it is possible that additional HIDDEN COBRA malware may be present on network infrastructure compromised with Volgmer
The U.S. Government has analyzed Volgmer’s infrastructure and have identified it on systems using both dynamic and static IP addresses. At least 94 static IP addresses were identified, as well as dynamic IP addresses registered across various countries. The greatest concentrations of dynamic IPs addresses are identified below by approximate percentage:
India (772 IPs) 25.4 percent
Iran (373 IPs) 12.3 percent
Pakistan (343 IPs) 11.3 percent
Saudi Arabia (182 IPs) 6 percent
Taiwan (169 IPs) 5.6 percent
Thailand (140 IPs) 4.6 percent
Sri Lanka (121 IPs) 4 percent
China (82 IPs, including Hong Kong (12) 2.7 percent
Vietnam (80 IPs) 2.6 percent
Indonesia (68 IPs) 2.2 percent
Russia (68 IPs) 2.2 percent
As a backdoor Trojan, Volgmer has several capabilities including: gathering system information, updating service registry keys, downloading and uploading files, executing commands, terminating processes, and listing directories. In one of the samples received for analysis, the US-CERT Code Analysis Team observed botnet controller functionality.
Volgmer payloads have been observed in 32-bit form as either executables or dynamic-link library (.dll) files. The malware uses a custom binary protocol to beacon back to the command and control (C2) server, often via TCP port 8080 or 8088, with some payloads implementing Secure Socket Layer (SSL) encryption to obfuscate communications.
Malicious actors commonly maintain persistence on a victim’s system by installing the malware-as-a-service. Volgmer queries the system and randomly selects a service in which to install a copy of itself. The malware then overwrites the ServiceDLL entry in the selected service’s registry entry. In some cases, HIDDEN COBRA actors give the created service a pseudo-random name that may be composed of various hardcoded words.
Detection and Response
This alert’s IOC files provide HIDDEN COBRA indicators related to Volgmer. DHS and FBI recommend that network administrators review the information provided, identify whether any of the provided IP addresses fall within their organizations’ allocated IP address space, and—if found—take necessary measures to remove the malware.
When reviewing network perimeter logs for the IP addresses, organizations may find instances of these IP addresses attempting to connect to their systems. Upon reviewing the traffic from these IP addresses, system owners may find some traffic relates to malicious activity and some traffic relates to legitimate activity.
Network Signatures and Host-Based Rules
This section contains network signatures and host-based rules that can be used to detect malicious activity associated with HIDDEN COBRA actors. Although created using a comprehensive vetting process, the possibility of false positives always remains. These signatures and rules should be used to supplement analysis and should not be used as a sole source of attributing this activity to HIDDEN COBRA actors.
alert tcp any any -> any any (msg:”Malformed_UA”; content:”User-Agent: Mozillar/”; depth:500; sid:99999999;)
description = “Malformed User Agent”
$s = “Mozillar/”
(uint16(0) == 0x5A4D and uint16(uint32(0x3c)) == 0x4550) and $s
A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include
temporary or permanent loss of sensitive or proprietary information,
disruption to regular operations,
financial losses incurred to restore systems and files, and
potential harm to an organization’s reputation.
DHS recommends that users and administrators use the following best practices as preventive measures to protect their computer networks:
Use application whitelisting to help prevent malicious software and unapproved programs from running. Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.
Keep operating systems and software up-to-date with the latest patches. Vulnerable applications and operating systems are the target of most attacks. Patching with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
Maintain up-to-date antivirus software, and scan all software downloaded from the Internet before executing.
Restrict users’ abilities (permissions) to install and run unwanted software applications, and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through the network.
Avoid enabling macros from email attachments. If a user opens the attachment and enables macros, embedded code will execute the malware on the machine. For enterprises or organizations, it may be best to block email messages with attachments from suspicious sources. For information on safely handling email attachments, see Recognizing and Avoiding Email Scams. Follow safe practices when browsing the web. See Good Security Habits and Safeguarding Your Data for additional details.
Do not follow unsolicited web links in emails. See Avoiding Social Engineering and Phishing Attacks for more information.
Response to Unauthorized Network Access
Contact DHS or your local FBI office immediately. To report an intrusion and request resources for incident response or technical assistance, contact DHS NCCIC (NCCICCustomerService@hq.dhs.gov or 888-282-0870), FBI through a local field office, or the FBI’s Cyber Division (CyWatch@fbi.gov or 855-292-3937).
The Active Cyber Defense Certainty Act (ACDC) amends the Computer Fraud and Abuse Act to make limited retaliatory strikes against cyber-miscreants legal in America for the first time. The bill would allow hacked organizations to venture outside their networks to identify an intruder and infiltrate their systems, destroy any data that had been stolen, and deploy “beaconing technology” to trace the physical location of the attacker.
A BILL To amend title 18, United States Code, to provide a defense to prosecution for fraud and related activity in connection with computers for persons defending against unauthorized intrusions into their computers, and for other purposes. Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE. This Act may be cited as the ‘‘Active Cyber Defense Certainty Act’’.
Congress holds that active cyber defense techniques should only be used by qualified defenders with a high degree of confidence in attribution, and that extreme caution should be taken to avoid impacting intermediary computers or resulting in an escalatory cycle of cyber activity.
This new webinar focused on organizational best practices to mitigate risk.
There’s only one day left to register for our new TridiumTalk webinar focused on cybersecurity. Join us September 19 at 11:00 a.m. Eastern U.S. to learn how to develop a strategy to defend against cyber threats.
Tridium chief architect Kevin T. Smith, author of our new white paper Cybersecurity and the IoT—Threats, Best Practices and Lessons Learned, will be leading the TridiumTalk. Recognized industry expert James Johnson will be moderating and taking questions.
With the game-changing IoT, cybersecurity should be a concern for everyone.
Adding network connectivity to any “thing” adds tremendous value, but also brings potential risks to an organization.
Click here to download our new white paper. Kevin and James will cover this material and provide additional insight during the TridiumTalk.
We look forward to you joining us on September 19.
Episode 238: ControlTalk NOW — Smart Buildings PodCast for week ending September 10, 2017 begins with our concern and best wishes for a speedy recovery for those of the ControlTrends Community affected by the hurricanes and natural disasters. We start off with a great interview and discussion with Computrols’ founders and owners Kevin and Roy Lynch and Computrols’ Marketing Manager, Scott Holstein. Additionally, we have Tridium’s Kevin Smith white paper on cyber security, Contractor Leadership Live, Ken Sinclair’s September edition of Automated Buildings, EasyIO’s FW-14 wireless controller, and a registration reminder for the 2017 Lynxspring Exchange.
Tridium’s Kevin T. Smith, Chief Architect, Cybersecurity and the IoT— Threats, Best Practices and Lessons Learned. New Tridium white paper from Tridium chief architect Kevin T. Smith now available. Much has been written about the game-changing IoT. Network-connected devices and their capabilities have become a disruptive force in the business world.
Contractor Leadership Live 2017, September 12-14, 2017 Huntington Convention Center Cleveland, Ohio. Contractor Leadership Live brings together the latest products, trends and business solutions for mechanical contractors involved in HVACR. This national event features conference sessions that educate and inspire business transformation while delivering insight on the latest industry trends that are impacting business owners and service professionals.
Ken Sinclair’s Automated Buildings September, 2017 Theme: “Getting There from Here,” The Shift of Thought and Action We Need to Make. In his omniscient September edition of AutomatedBuildings.com, Ken Sinclair, summons us to accept and respond to the inevitable changes facing our industry, and to think young and differently, as in: People-powered, self-driving buildings, from the intelligent self-learning, self-acting edge!
EasyIO is Now Wireless — The EasyIO FW-14 is a Perfect Fit for School and Retail Markets. The EasyIO-FW-14 is a new breed, high performance, freely programmable, wireless Wi-Fi Sedona controller. It has never been easier to extend your BMS because of its wireless possibilities. You will save on labor and wiring. The EasyIO-FW-14 is a perfect fit for vertical markets such as schools and retail, to have extended IO for the F-series controllers, without any downtime during installation as the network can be wireless. It’s ideal for all kind of applications such as fan coils, AHU’s, room and stand-alone applications, featuring SOX, TCOM, FGP2P and BACnet communication protocols.
2017 Lynxspring Exchange Early-Bird Deadline is September 8th 11:59PM PDT — Don’t Miss Out! he 2017 Lynxspring Exchange and Technology Showcase will map out technology, techniques and practices specific to managing and operating today’s facilities smarter, safer, securely, efficiently and at peak performance levels. Discover leading trends, new approaches and experience real-world conversations and discussions.
Episode 216: ControlTalk NOW — Smart Buildings VideoCast|PodCast for week ending Feb 26, 2017 features our Hollywood Moments video highlights from the 2016 ControlTrends Awards; CTN Interview with BuildingContext.me’s editor Therese Sullivan; Honeywell’s Larry Weber and Roger Rebennack at AHR Expo 2017; Siemens’ 2016 ControlTrends Awards celebration — BT300 wins VFD of the Year; Cyber Security: PC WORLD’s The 7 Security Threats to Technology; and Contemporary Controls wins the 2016 Small Manufacturer of the Year Award.PC WORLD’s The 7 Security Threats to Technology That Scare Experts the Most. Ransomware’s Just the Beginning. This was twittered to us via cyber security guru, Fred Gordy, and was too interesting and too important not to pass on to the ControlTrends Community, especially those with smart thermostats. What happens if a bad actor turns off your heat in the middle of winter, then demands $1,000 to turn it back on? Or even holds a small city’s power for ransom? Those kinds of attacks to personal, corporate, and infrastructure technology were among the top concerns for security experts from the SANS Institute, who spoke Wednesday during the RSA conference in San Francisco. Read more! Hollywood Moment on the Red Carpet at the 2016 ControlTrends Awards. As we begin our 2016 ControlTrends Awards Highlight Videos, we thought the best place to start was with the superstars of the Building Automation, HVAC, and Smart Building Controls Industry — walking the Red Carpet. One of the main reasons Ken and I created the ControlTrends Awards was to shine a spotlight on the great people in our industry and give them their well-deserved “Hollywood Moment.” And, what would a Hollywood Moment be without a Red Carpet interview? Catching Up with Honeywell at 2017 AHR Expo. As we begin posting our ControlTrends coverage of the 2017 AHR show, we begin with Ken stopping by the Honeywell booth. Ken gets updates from Larry Weber on Honeywell’s new Light Commercial Buildings Controls Connect, Honeywell’s new Cloud-Based Light Commercial Control offering — giving contractors the opportunity to improve their service to their customers and grow their businesses with remote HVAC system monitoring and diagnostics. Roger Rebennack follows, bringing the ControlTrends Community up-to-speed on Honeywell’s WEB Security, with a deep-dive look at true integration in its most seamless form.
ControlTalk NOW interview with Therese Sullivan, technologist, marketing professional, and editor of BuildingContext.me who provides the most relevant and up-to-date news and analysis to commercial building system integrators, facilities managers, and real estate professionals — about innovations in building automation with emphasis on data analytics, mobile apps, cloud services, and wireless networking. Therese provides her take on the 2016 ControlTrends Awards; insights and comments on Women on the rise in the HVAC and Building Automation industry; and IoT updates from Silicon Valley.
Siemens’ BT300, The 2016 ControlTrends Awards Variable Frequency Drive of The Year. You are here: Home / ControlTrends Awards / 2016 ControlTrends Awards / Siemens’ BT300, The 2016 ControlTrends Awards Variable Frequency Drive of The Year. 2016 ControlTrends VFD of The Year from Eric Stromquist on Vimeo. Congratulations to Siemens for having their Variable Frequency Drive being selected by the global ControlTrends Community as the 2016 ControlTrends VFD of the Year. The BT300 was also the winner at the 2015 ControlTrends Awards as well! Click here to learn more about the Siemens BT300. Want to try a Siemens BT300 variable frequency drive? Reach out to your local CGNA Controls distributor.
Contemporary Controls is proud to announce our win as the ControlTrends Awards “Vendor of the Year – Small Manufacturer” Downers Grove, Illinois (January, 2017) – Contemporary Controls is proud to announce our win as the ControlTrends Awards “Vendor of the Year – Small Manufacturer” in addition to winning “Peripheral Product of the Year” and the “Best Technical Support Company – Small Manufacturer”. Thank you to all that participated in the ControlTrends Awards and voted for us. “The CTA Award for Vendor of the Year is a valued recognition of the quality of our products by the people who really matter – the system integrators who are depending on our products to get the job done,” said George Thomas, President of Contemporary Controls. “It is also a recognition of the efforts of our employees who design, produce and support these products.”
What is New? Catching Up with Distech at the 2017 AHR Expo. ControlTrends had a chance to catch up with Distech at the 2017 AHR Expo. In this video Ken checks out the cool building automation controls made by Distech and gets and update on how the Acuity Brands purchase of Distech and DG Logik will affect the Smart Buildings controls world. Distech Controls‘ EC-Net building management system (BMS) is a comprehensive Web-based platform powered by the Niagara Framework®. The open structure of EC-Net building management system (BMS) creates a common development and management environment for the integration of BACnet®, LONWORKS®, Modbus™, and other standards. More than a building management system, EC-Net system provides all the tools you need to gain intelligence into your buildings’ performance and arm you with the ability to rapidly react to any situation that may adversely affect energy costs, business performance, and ultimately, your bottom line.
PC WORLD FROM IDG. Credit: Mark Hachman
This was twittered to us via cyber security guru, Fred Gordy, and was too interesting and too important not to pass on to the ControlTrends Community, especially those with smart thermostats.
What happens if a bad actor turns off your heat in the middle of winter, then demands $1,000 to turn it back on? Or even holds a small city’s power for ransom? Those kinds of attacks to personal, corporate, and infrastructure technology were among the top concerns for security experts from the SANS Institute, who spoke Wednesday during the RSA conference in San Francisco.
Some of these threats target consumers directly, but even the ones that target corporations could eventually “filter down” to consumers, though the effects might not be felt for some time.
Here are the seven most dangerous attack vectors, according to SANS, and what, if anything, you can do about them:
1. Ransomware: Ransomware surfaced more than 20 years ago, but it has since evolved into a seriously scary form of malware: crypto-ransomware, which encrypts your files and demands payment to unlock them. It’s an ideal way for bad guys to attack: Ransomware spreads like a virus, locks up your data independently, and forces you to contact the criminals for payment and recovery, according to Ed Skoudis, an instructor at the SANS Institute.
What you can do: Practice “network hygiene:” patching your system, using antimalware, and setting permissions and network-access controls to limit exposure—once a PC is infected, you don’t want the infection spreading to other PCs on the network. Remember that ransomware is being monitored by actual people, with whom you can negotiate: “Your best bet is to appear small and poor,” Skoudis said, to try to reduce the amount you’ll pay.
2. The Internet of Things. The next stage of the evolution in consumer products is connectedness: Everything from baby cameras to toothbrushes are using wireless protocols to connect to each other and the internet. That, in turn, has left them vulnerable to hacks. Worse still, IoT devices are now attack platforms, as the Mirai worm demonstrated.
What you can do: Change the default passwords. If your smart-home gadget doesn’t allow it, either return it or wait (or petition the manufacturer) for firmware that allows a custom password. You can also take further steps to insulate connected devices by disabling remote access, using a separate dedicated home LAN for IoT devices, as well as a dedicated cloud account for controlling them, Skoudis said.
3. The intersection of ransomware and IoT. Last year, an Austrian hotel was hacked, disrupting its keycard system. Such attacks could eventually migrate to your home, holding your smart thermostat hostage (and set at 40 degrees, say) until you pay up.
What you can do: Right now, this sort of attack is more theoretical than anything else. But it’s something to think about as you start building out your home: How much automation is too much? “You have to ask yourself, what is the right balance between man and machine?” said Michael Assante, director of industrials and infrastructure for SANS.
4. Attacks against the industrial Internet of Things. In 2015 and again in 2016, unknown hackers took down power stations in the Ukraine, leveraging the growing trend of automated, distributed systems against the power company. Fortunately, first responders were quickly able to manually flip the breakers and restore power. But there’s no guarantee that will always be the case—and what happens if Pacific Gas & Electric or Con Edison’s infrastructure is hacked?
What you can do: As consumers, not much. Infrastructure organizations are going to have to decide whether to operate with intelligent systems, or shut them down. Scaling up with increased automation can help lower your power costs—but the penalty may be increased vulnerability to outside attacks, Assante warned.
5. Weak random number generators. Truly random numbers are the basis of good encryption, securing Wi-Fi and a broad range of security algorithms, according to Johannes Ulrich, the director of the SANS Internet Storm Center. But “random” number generators aren’t truly random, which makes the encryption they’re based upon easier to crack. This gives an edge to criminals, who may exploit this and unlock “secure” encrypted connections.
What you can do: This is a problem for device manufacturers to solve. Just keep in mind that your “secure” network may in fact be weaker than you think.
6. An over-reliance on web services. More and more, apps and software are talking to and incorporating third-party services, such as Docker or Azure. But there’s no real certainty that those apps are connecting to the expected entity, or whether an attacker is stepping in, stealing data, and returning false information.
What you can do: Again, this is a problem for developers. But Ulrich warned that mobile apps are becoming increasingly vulnerable—so even if an app isn’t trying to steal your data, the “service” that it thinks it’s connecting to may be.
7. SoQL Attacks against NoSQL databases. This is another developer problem, but it could affect data collected about you. For years, SQL injections, where executable code was forced inside of a SQL database entry field, were one of the scourges of the internet. Now, as developers move away from SQL to NoSQL databases like MongoDB, they’re finding that those databases aren’t as secure as they should be.
Published on Mar 17, 2015, Sophos researcher James Lyne demonstrates how to hack an Internet-connected CCTV camera and an Android-powered phone using staggeringly simple methods. James Lyne is global head of security research at the security firm Sophos. James, a self-professed ‘massive geek’ has technical expertise spanning a variety of the security domains from forensics to offensive security. He has worked with many organizations on security strategy, handled a number of severe incidents and is a frequent industry advisor. He is a certified instructor at the SANS institute and often a headline presenter at industry conferences. You can find James on Twitter @jameslyne and on LinkedIn.
James is a big believer that one of the biggest problems of security is making it accessible and interesting to those outside the security industry. As a result, he takes every opportunity to educate on security threats and best practice always featuring live demonstrations and showing how the cyber criminals do it.
James has given multiple TED talks, including at the main TED event. He’s also appeared on a long list of national TV programs to educate the public including CNN, NBC, BBC News and Bill Maher.
As a spokesperson for the industry, James is passionate about talent development, regularly participating in initiatives to identify and develop new talent for the industry.
Lynxspring’s Cyber Security expert, Marc Petock reminds us that October is National Cyber Security Awareness Month, which is an annual campaign to raise awareness about cyber security.
From Marc Petock: We live in a world that is more connected than ever before. The Internet touches all aspects of our business and personal life. From a business perspective, the negative consequences that cyber incidents can cause are disruptive and potentially catastrophic. The value of taking additional measures and procedures to increase the cyber security posture of your systems, far outweigh the risk of not making them secure.
Here are a few questions to ask yourself this month:
Who has a specific plan in place in case of a cyber instance?
Are discussions around cyber security regular within your organization?
Are you secure?
How do you know you were not compromised today?
How would you know?
What would you do about it if you were?
What is your organization’s sensitive data, and where is it?
Are you prepared to face a threat(s)?
Do you have a cyber security statement for your organization?
How about the companies in your supply chain, are they secure?
When was the last time you did an audit of your building systems to find our “what’s in your closet? Do you know how and what your smart building devices are connected to?
For your future BAS projects—new, upgrades, change outs, and is cyber security addressed? Is it part of the discussion and project?
Is the technology you purchase patchable?
Do you have a patch management process and procedure?
Who and what is involved?
When a vulnerability is discovered, have you made it clear to your providers what you expect?
When it comes to a discovered vulnerability, what is the manufacture’s responsibility? What do you expect of them?
Is cyber security a board room discussion at your organization?
Cyber security can no longer be thought of as a “nice to have”. The operational, financial and reputational impact to a business is tremendous. Security must be considered a fundamental requirement. Take this month to get engaged or get re-engaged with good cyber security practices.
Vice President, Marketing
1210 NE Windsor Drive
Lee’s Summit, MO 64086
ControlTalk NOW — Smart Buildings VideoCast|Podcast will resume full video and podcast operations next week. Scheduling only allowed for a quick review of week ending October 2, 2016, which was another amazing week in our industry — featuring Echelon Corp’s Converged Controller; Tim Chamblee’s How to Measure Energy Webinar; Lynxspring’s JENEsys® Edge™ 100 New Universal Input Option; Fred Gordy’s Cyber Security review of exposed BBMDs; ControlTrends People Episode 5, with Ed Merwin; and Ken Sinclair’s October edition of Automated Buildings.
Echelon Corp. Delivers First-Of-Its-Kind Converged Controller For Buildings, Lighting And Other IoT Applications Press Release. SANTA CLARA, Calif.–(BUSINESS WIRE)–Echelon Corp., a leading independent control networking company for the Industrial Internet of Things (IIoT), today announced the availability of a first-of-its-kind converged controller for building automation, lighting controls and Internet of Things applications combined with power line communication meshing capability.
Live Rewind: How to Measure Energy in Smart Buildings. Stromquist & Company’s Tim Chamblee, who is also one of the best trainers in the HVAC industry, breaks down the different ways to measure energy in smart buildings in this replay of a live stream training. Video does not actually start until about 10 minutes in, so be sure to skip forward.
New Universal Input Option for the JENEsys® Edge™ 100 Now Available. The JENEsys® Edge™ 100 is our new generation of controllers combining Lynxspring’s Onyxx® platform with the Niagara Framework® and its programming tools and the Fox Protocol to facilitate communication between Niagara stations and software for control and analytics managed at the edge.
Fred Gordy’s Cyber Security Review of Publicly Exposed Control System BBMD – No Login Required! There are free tools readily available to anyone that can not only scan BACnet networks, it gives the user the ability make changes to individual control points, set schedules, review logs, view alarms and acknowledge, and turn your BACnet devices into “bricks.” The first thing I found was the ease of use of this program. In order to scan the network all I needed was one BBMD.
CTP 005 ControlTrends People Explores the Life and Times of Ed Merwin. On episode 5 of ControlTrends People we take a deep dive into the life and times of one of the greats in our industry, Ed Merwin, the Director, Vykon Automation Energy Security at Tridium. Ed is credited by many, including us, as being one of the reasons Tridium and open platforms exist today. Ed, one of the great communicators in our industry, shares his early history including how he got into the business. Like all great people, Ed has had many mentors through his life.
Ken Sinclair’s Automated Buildings October Theme — When Evolution Turns to Revolution. In this October issue of Automated Buildings, Ken Sinclair, owner and editor, delves deeper into the impacts of IoT and self-machine learning, as well as the rapidity of change that is circling the building automation industry. Is our industry preparing itself — at last for this explosive and disruptive evolution or will it get hit broadside? If you still need convincing that major changes are afoot, be sure to review the attention-getters and direct links to Ken’s references and articles.