Securely establishing building automation as an OT domain
Modern building automation (BA) in critical infrastructure environments places high demands on availability, security, and integration capability. Whether in energy supply, healthcare, or public infrastructure, the underlying IT network infrastructure plays a decisive role in the resilience and reliable operation of all building technology systems.
LANCOM Systems provides a secure foundation for this: highly available, fail-safe networking solutions developed according to the strictest security guidelines – engineered in Germany. Our IT network architectures for building control and automation not only ensure the stable operation of IT networks but also protect against cyber threats and unauthorized access in accordance with current standards.
For building automation planners, this means high future-proofing, easy integration into existing concepts, and the confidence that regulatory requirements in critical infrastructure environments can be reliably fulfilled.
Building control and automation becomes operationally relevant OT wherever technical building systems directly contribute to availability, protection functions, or regulatory requirements. This applies, for example, to laboratory and pharmaceutical environments with tightly controlled climate and pressure zones, to data centers and financial facilities with closely interconnected cooling, power supply, monitoring, and access control systems, as well as to energy and utility sites where technical auxiliary systems must continue operating in a controlled manner even during disruptions.
The field devices (e.g., sensors for temperature, CO₂ levels, or presence/motion and actuators such as valves, dampers, or switching contacts), automation stations, as well as management and operating systems of building automation solutions must therefore be specifically protected against manipulation and functional impairments.
A well-designed and secured IT network architecture for building automation ensures the necessary operational continuity. Network planning is therefore not a downstream consideration, but an integral part of building automation itself.
It encompasses both organizational aspects – such as responsibilities and operating concepts – and technical requirements including architecture design, device and participant management, and end-to-end security mechanisms.
Resilience and security as fundamental principles of building automation (OT security)
As soon as building automation takes over operationally relevant functions, disruptions have a direct impact on operations. Unauthorized access, misconfigurations, or failures of dependent systems can directly affect HVAC, power supply, visualization, alarm management, or access control processes.
Especially in critical infrastructure-related environments, resilient operational capability becomes a central focus. Core building technology functions must remain reliably available even if higher-level IT structures, connections, or external platform services fail. For this reason, critical facilities often include decentralized local control options that allow direct on-site operation independently of the central automation system.
In regulated environments, operational controllability is also essential: access must be clearly defined, managed, and traceable – including precise rules regarding who can access which systems, through which pathways, and with which permissions.
To implement IT networking for building management systems (BMS) as autonomous building control, operational reliability, autonomous and resilient operation, and centralized secure management are high priorities.
Users should be supported with dynamic procedural instructions and automated measures during situation handling.
A building management system is a higher-level system that provides a holistic overview through continuous status queries of the connected subsystems.
What must an IT network for a building management system deliver?
An IT network for a building management system (BMS) must ensure far more than simple connectivity between building systems.
A modern BMS IT network architecture should enable reliable and highly available communication between automation, management, and field levels, support resilient local operation even during WAN or cloud outages, and provide secure scalability. It must therefore clearly separate IT and OT into multiple segmented security zones, control all transition points and communication paths, and trace, monitor, and log all access activities through the use of secure gateways, switches, and firewalls.
In practice, this means that building automation networks must be designed not only for efficiency and convenience, but also for operational continuity, cybersecurity, and auditability.
Below, you can find an example network architecture for secure BMS networking:
Critical infrastructure building automation: What matters in IT / OT separation and segmentation
Three key IT architecture principles for designing a resilient IT network can be derived from the objectives and requirements of an autonomous Building Management System (BMS):
Strict IT / OT separation with secure segmentation (“OT security by design”)
BMS security is based on the clear separation of IT and OT networks, complemented by fine-grained segmentation within the OT environment (e.g., by domains such as HVAC, access control, and lighting). Secured transition points, role-based access, hardened devices, and secure protocols ensure that building-critical systems are protected against manipulation, misconfiguration, and cyberattacks.
Autonomous operation through local intelligence and offline capability
The network architecture is designed to ensure that the building remains operational independently of external WAN, cloud, or platform services. Local control logic, edge controllers, and decentralized decision-making capabilities ensure that critical functions such as power supply, climate control, or access management continue to operate reliably even during disruptions.
Centralized, standards-based management with modular scalability
A resilient BMS network combines centralized, secure management with open standards and a modular architecture. Standardized interfaces (e.g., BACnet, OPC UA, MQTT), encrypted communication, and controlled rollouts enable scalability, easy expansion, and long-term investment protection without vendor lock-in.
In the past, automation systems in industrial and building environments (OT) were physically separated from IT systems. As these domains increasingly converge, attack vectors emerge within complex interconnected systems such as TGA-integrated buildings, which operators must carefully monitor.
To address this, processes derived from IT security are used to analyze these risks, define appropriate protective measures, and extend security requirements accordingly.
How remote maintenance is implemented securely in building automation
In building automation, remote maintenance enables targeted access to systems such as HVAC installations in order to retrieve operational data, analyze faults, or adjust control parameters without requiring on-site intervention.
For example, malfunctions can be detected at an early stage, service operations can be prepared more efficiently, and software or configuration updates can be deployed centrally. At the same time, this requires clearly defined and secured access paths in order to avoid uncontrolled intervention or additional attack surfaces.
From a security perspective, compliant remote maintenance avoids direct access from external networks to productive building automation segments. Instead, service connections are routed through defined, secured, and auditable pathways. Roles, maintenance windows, approvals, and access targets must remain clearly structured during operations. In BACnet environments, BACnet Secure Connect (BACnet/SC) is an important component for achieving this.
How architecture, governance, and compliance are interconnected in building management systems
Building automation is not only a technical issue, but also a governance topic. Operators must be able to organize responsibilities, communication relationships, service processes, changes, and security measures in a transparent and traceable manner. An architecture with security zones, defined transition points, documented access models, and resilient logging provides the necessary foundation for this.
- Changes to setpoints, schedules, or system configurations must, for example, be documented in a fully traceable manner at all times.
- The permissions of both internal and external service providers should be clearly defined and restricted.
- Building automation systems support compliance with regulatory requirements, for example through the collection and analysis of energy consumption data or the secure and stable operation of critical building functions.
Relevant reference frameworks, depending on the environment, include the German Federal Office for Information Security (BSI) IT Baseline Protection framework, IEC 62443, ISO/IEC 27001, ISO/IEC 27019, VDMA 24774, as well as critical infrastructure- and NIS2-related requirements. Architecture alone does not guarantee compliance, but it provides the necessary foundation to implement it reliably and sustainably.
Future-proof building automation starts with the right network foundation
Resilient building automation is not an isolated aspect, but the interaction of security, availability, efficiency, and controllable operations. A modern building management system must not only function reliably, but also be prepared for outages, cyberattacks, and dependencies on external services.
The consistent focus on OT security by design, segmented IT networks, and clearly regulated access creates the foundation for stable and protected operations. At the same time, local intelligence and autonomous control mechanisms ensure that building-critical functions remain fully available even under disruptive conditions.
Through centralized, secure management structures and the use of open standards, an architecture is created that can not only be operated efficiently but also expanded flexibly. This reduces complexity, lowers operating costs, and protects investments over the long term against technological dependencies.
For planners and operators, this means comprehensive control, high fault tolerance, and sustainable efficiency throughout the entire lifecycle of a building. LANCOM Systems provides the reliable network foundation for this – secure, resilient, and consistently designed for use in critical infrastructures.
Feel free to contact us! We look forward to supporting you with expert advice and practical assistance throughout your project planning.
