Navigant Research Blog

The Google BMS Hack & What It Means

Lee Hamilton — May 12, 2013

The building automation world was rocked last week by the news that Google’s Wharf 7 building in Australia was hacked.  The building management system (BMS), built on the Tridium Niagara AX platform (Honeywell acquired Tridium in 2005), was compromised by security researchers Billy Rios and Terry McCorkle, who used a backdoor to access the system and gain access to the building automation system (BAS) – and all the equipment it controls – as well as the other systems running on the same network.

This is not the first time an Internet-connected BAS or BMS has been hacked.  History buffs may remember that when the U.S. Chamber of Commerce was hacked in 2011, they discovered that a thermostat in a Chamber of Commerce-owned property was communicating with a computer in China.  However, this is certainly the most high-profile breach of a building’s automation system to date, and it emphasizes the fact that, as the industry grows and embraces the Internet’s capabilities, it must also embrace the Internet’s challenges.

Chaos Scenario

The threats are very real.  In this case, the hack was orchestrated for demonstration purposes, so there was no real risk involved.  But think about the individual systems controlled by a BAS/BMS: fire and life safety, security, elevators, etc.  It’s not a far leap to consider worst-case scenarios where fire suppressant systems are de-activated or unwarranted persons are allowed into sensitive areas of secure buildings.  Chaos could be induced if control of the BAS/BMS landed in the wrong hands.

Everyone involved in the building automation industry should be working to improve BMS security.  The magnitude is huge – Navigant Research forecasts that the market for building energy management systems will grow to nearly $6 billion by 2020.  Rios and McCorkle claimed they found 25,000 active Tridium systems online, and with customers like ABB, Boeing, Changi Airport, and James Cook University Hospital, the scale of the risk is enormous.

Lynxspring – a leading provider of building automation and control solutions – recently announced a partnership with Netop to develop a cyber security solution for BAS/BMS.  The attention around this week’s event reminded me of a great article by Lynxspring’s Marc Petock on the subject of cyber security for building automation, in which he declared, “Gone are the days of security through obscurity.”  Now it’s time for all stakeholders in the industry to come together to protect its customers, their assets, and most importantly, the people within these buildings.

Leave a Reply

Your email address will not be published. Required fields are marked *

Blog Articles

Most Recent

By Date


Clean Transportation, Digital Utility Strategies, Electric Vehicles, Energy Technologies, Finance & Investing, Policy & Regulation, Renewable Energy, Smart Energy Program, Transportation Efficiencies, Utility Transformations

By Author

{"userID":"","pageName":"The Google BMS Hack & What It Means","path":"\/blog\/the-google-bms-hack-what-it-means","date":"5\/27\/2018"}