User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation

siemens.com/desigocc

Desigo CC

Product Family

Cybersecurity Meets Building

Management Systems

Introduction

We live and work in an exciting era. It’s one defined by Industry 4.0 – the

digitalization of business. Digitalization provides numerous advantages,

including greater convenience and increased efficiency. It also presents

security challenges. Cyber attacks are a constant and increasing threat due

to the across-the-board connectivity that makes digitalization possible.

In today’s connected world, the likelihood of a cyber attack is high.

How do you confidently face and mitigate cyber threats? You take a holistic

approach to security measures across all aspects of your organization.

This includes making sure the building management systems that manage

your facility’s infrastructure are well prepared.

At Siemens Smart Infrastructure, we believe security begins during product

development. We’ve adopted a “think security” philosophy in the development

of our Desigo CC family of building management products, solutions, and

services. This paper provides insight into how Siemens approaches cybersecurity

requirements during the Desigo CC product development and lifecycle

management processes.

Before discussing cybersecurity, let’s define it. For this document, we define

cybersecurity as the protection of life and company assets from harm caused

by digital attacks against the availability, confidentiality, integrity, authenticity,

and reliability of information in cyberspace. Cyberspace is the complex system

of interaction between people, software, and services that is facilitated by

using technical means to connect them to the Intranet and Internet.

Summary of content (7 pages)

PAGE 1
Desigo CC Product Family Cybersecurity Meets Building Management Systems Introduction We live and work in an exciting era. It’s one defined by Industry 4.0 – the digitalization of business. Digitalization provides numerous advantages, including greater convenience and increased efficiency. It also presents security challenges. Cyber attacks are a constant and increasing threat due to the across-the-board connectivity that makes digitalization possible.
PAGE 2
Desigo CC | Cybersecurity Meets Building Management Systems Let’s also define what it means to take a holistic approach to security. Leading companies and institutions take into account four key factors that impact security strength – people, communication, processes, and technology.
PAGE 3
Desigo CC | Cybersecurity Meets Building Management Systems “Security by Default” The concept of Security by Default is closely related to Security by Design. It calls for all protective measures to be automatically activated and in force by default at the time of product delivery, installation, or initial commissioning.
PAGE 4
Desigo CC | Cybersecurity Meets Building Management Systems “Separation of Duties Principle” Another IT security concept that’s closely related to the Principle of Least Privilege is the Separation of Duties Principle. It divides critical functions among different authorized users to prevent fraud and other abuses by employees or other authorized people. It states that no user should be given enough privileges to misuse the system on his or her own.
PAGE 5
Desigo CC | Cybersecurity Meets Building Management Systems Product security verification & validation Specialist cybersecurity skills & consultancy Security design measures aligned to IEC62443 Regular manual penetration testing Established incident handling process: Siemens ProductCERT Company-wide cybersecurity initiative Provide solid product foundation Automated testing tools & methods Continuous vulnerability & threat monitoring Customer security objectives & requirements Employee know-how P
PAGE 6
Desigo CC | Cybersecurity Meets Building Management Systems Re p o r t A n alys is H a ndling Disclosu re Figure 3 – Desigo CC Incident and Vulnerability Handling Process Desigo CC Cybersecurity Deployment We publish cybersecurity hardening guidelines to support the secure commissioning and deployment of Desigo CC products. These guidelines describe how the system needs to be configured in order to foster secure operation of the Desigo CC products and solutions in the intended operating environment.
PAGE 7
Desigo CC | Cybersecurity Meets Building Management Systems Conclusion As a market leader in building technologies, we understand the challenges you face in meeting your cybersecurity needs in today’s world. Our comprehensive security approach to the product lifecycle means our Desigo CC products, solutions, and services are designed with your security in mind. Therefore, Desigo CC can be part of your holistic approach to security that takes people, processes, technology, and communication into account.