Understanding networks in modern building automation systems

Oct. 31, 2017
Even if a building is not completely 'smart', the use of networks in its internal systems may still be extensive


Envise, Washington DC

For traditional design and consulting engineers used to dealing with building automation and control systems under the traditional Division 23 specifications, many are faced with the reality that, for modern smart buildings, the information requirements are not, and most times cannot be addressed by this traditional understanding. Even with the creation of the Division 25 specifications for integrated automation, it usually falls under the traditional mechanical engineering consultant or contractor to take responsibility for making everything work together as one system.

Fortunately for building automation networks, they tend to be far less complicated than the large global enterprise solutions that major corporations and other large scale organizations rely upon to conduct their daily business. In fact many traditional “controls contractors” have enough networking knowledge to set up and manage these networks and work with other IT professionals to make the smart building network a reality. In recent years we have also seen a few network engineering and hardware manufacturers dip their toes into the smart building arena — unfortunately for them and their customers, the intimate knowledge of what exactly you are monitoring or controlling — a building — and its complicated mechanical and electrical systems, is still more important than understanding how to set up and manage a basic network.

More likely an Intranet

So what is a network? The kind of network we are talking about is an Internet Protocol or IP network, a collection of devices that have IP addresses and can share information between them. This is part of the much-discussed Internet of Things (IoT). But in a smart building environment it is more likely to be an Intranet of Things. An intranet is a network that is local to a building and information that gets shared to and from the “outside” world is very closely controlled.

Devices on a smart building automation LAN use fixed or static IP addresses, i.e., they get assigned at the time the network is first set up, and don't change.

Today all kinds of building automation devices live and play on these networks: temperature, pressure and humidity sensors, digital controllers for VAV boxes, air handlers, pumps and chillers, lighting controllers, smart ballasts and light switches, sub-meters for power and electrical consumption, just to give a few examples. In more cases we are seeing window blind and shade controls or even access and security controls now connected to networks. While these technologies have been network capable for some time, they were often on their own separate networks. Now we are seeing the convergence of these separate networks into one larger managed smart building automation network. The reasons for this are varied but one of the main reasons is that an ever-growing number of building systems that were once separate must now share data at an increasingly more open level. Additionally, as more systems share a common IP protocol, it is simpler to manage on one large building automation network than several disparate ones.

A single network within a building is often referred to as a LAN. This is your local area network and forms the basis of your IP intranet, the IP network that is internal and does not yet connect to the outside world. The IP addresses assigned to the devices that are connected to the LAN will be called private IP addresses. They are called private because they are reserved for intranets; they don’t exist, or have not been assigned to, devices that exist on the global Internet — the outside world. In the normal or “default” setup there can be up to 256 of these private IP addresses on a LAN. In some buildings this is enough, but for larger buildings this limitation could be too small. However, network engineers can deviate from this standard setup and can create much larger LANs if needed. Also the LAN can exist as your traditional copper wired Ethernet (the most common), fiber optics or wirelessly through Wi-Fi.

Sub-nets in a LAN

It needs to be recognized that not every sensor in a building, not every controller of every piece of equipment, may support being attached directly to an IP based network. Many small controllers are connected to a different kind of network that does not use IP addresses, sometimes called a sub-net — and that’s OK. These lower level sub-nets can connect to a device, called a router, on the IP network — your building’s LAN — and share information as if they were directly on that network. The reason sub-nets like this may exist are varied and depend on the manufacturer of the equipment, but as long as they support using an open protocol such as BACnet, then we can still make the smart building happen.

Smart building networks need to be “managed” and this brings us to an important difference between devices on a building automation LAN and the LAN that is used for standard computer networks. When we turn on our computers or tablet and log into the network, the network is smart enough to assign us a random IP address. With my computer having an IP address I can now do all kinds of things on that LAN; my computer is a “member” of the club. This is called a dynamic IP — the key word dynamic means it could change, or assigned differently, each time I log on.

An ever-growing number of building systems that were once separate must now share data at an increasingly more open level.

For devices in a smart building automation network having a dynamic IP address creates some additional challenges because it makes it harder for one device to find another device if the IP address changes every so often. For example if a person enters a room and the temperature sensor on the wall detects through its built-in motion switch that it needs to let the lighting controller know this information, it need to send a message to that lighting controller. The most efficient way this is done is for the controller in the room to know the IP address of the lighting controller for that floor and send the message directly using that fixed address. For this reason devices on a smart building automation LAN use fixed or static IP addresses, i.e., they get assigned at the time the network is first set up and don’t change.

Now that we have established “how” physically devices on a smart building network connect together and find each other through a LAN and IP addresses, how do they exchange the information that makes a building truly “smart”?

There are two main aspects of this, the first and easiest to answer is that smart building devices today communicate using a short list of open communication protocols such as BACnet. The Building Automation and Control Network (BACnet) has a 20-year history of IP network compatibility and also has purpose built characteristics for communicating information on building related systems. BACnet is also well supported on the lower sub-net level mentioned earlier along with another very common lighting communication protocol, DALI — Digital Addressable Lighting Interface. And while DALI may exist at that sub-level of network that does not use IP addresses, most of the main lighting control panels that the DALI network run back to do support BACnet at the IP level.

Another critical aspect of making smart building devices share information on a smart building LAN falls into the realm of those individuals and contractors who are responsible for making the whole smart building function as a single system. The workings of a smart building must be planned out in advance so that it is understood what information needs to be shared between the different systems. If you go back to the example of the room temperature sensor, which is part of the HVAC controls system, sharing information with the lighting control system for that floor, that is an action that must specifically be thought out, sequenced and programmed. The “reading” and the “writing” of data points even in an open protocol system that is connected to a smart building automation LAN is not automatic. It takes human intervention up front in planning and execution to make it happen right the first time.

Wide-area networks

We have learned that a smart building automation network is a collection of devices connected together within an intranet called a LAN where static IP addresses are used to identify each device and help it find other devices and share information through a variety of open protocols. These networks are easy to set up and manage with a little basic understanding. What about larger buildings, a campus, the internet?

LANs can be made much larger. At some point over a certain size of network, not always clearly defined, they become WANs or Wide Area Networks. This is most common for a large campus environment or a company that has several buildings in different locations. The internet itself may be considered to be a type of very large public WAN. When a smart building automation LAN connects to the internet it must do so through what is now called a public IP address. A public IP address is one that is in a special range that is allowed to be on the Internet and is “owned by” an ISP or Internet Service Provider.

When you sign up or contract with an ISP for Internet service, they let you borrow one of their public IP addresses so that you may connect to the Internet. This connection is achieved through a special managed router sometimes called a Layer 4 Switch. One of the things that make this switch and router so special is that it contains a firewall. The firewall is a way to separate your building LAN and the larger WAN or internet from unwanted traffic. The firewall contains the rules for what information can be passed back and forth between the two different networks. For customers who want their buildings to be on the internet or even part of a larger WAN, we spend some time going over these firewall rules and this is the beginning of cybersecurity.

It is important for system integrators to work with customers and network providers to ensure that the rules for firewalls are set up properly if the smart building solution will be accessible on the internet. Generally speaking it is not recommended that it is, unless the solution is to be made available for a specific marketing or showcase purpose.

Remote facilities management

What is more common is that the information from the smart building automation network be available to other computers or users not directly connected to that network, i.e., a different LAN within the same building. The classic example of that is a company that is headquartered in California but has a building on the east coast. Facility or energy managers at the headquarters in California can access the smart building systems in the remote east coast location just like they were sitting in the building, but that building’s smart building automation network is not connected to the internet, it is connected to the companies’ WAN — their larger private intranet.

This is becoming more and more common as corporations take a higher interest in the performance of their buildings, especially energy performance. While the essence of a smart building network is to get different building systems to share information and work together, the added side benefit is the sheer volume of data about all the building systems that can be collected from this network and stored in a central location for reporting and analysis.

Over the last 15 to 20 years we have seen a huge increase in the importance of networks in building automation, controls, power monitoring and other building systems that have led us to the smart building revolution. Even if a building is not what some would label a smart building, the use of networks for its building systems will be extensive. Extensive but not complicated as most of your designers and contractors under the different construction divisions will have the networking knowledge to make it all work. If you are an owner or if you are a design professional what is most important is clearly defining the expectations of what building systems must interact and why, in other words, what is the end result you wish to achieve?


An Integration Business Manager for Envise Mid-Atlantic, the author has over 22 years of experience in the digital control and HVAC automation industry. He is experienced with all aspects of automation construction projects from the sales and contract stage through to the final design and system commissioning. Phillips has designed building automation systems for a wide variety of specialty buildings including large scale data centers, hospitals, laboratories, school complexes and process facilities.

A version of this article appears in the October 2017 print edition of HPAC Engineering magazine.