Documentation
Protecting New and Existing Building Automation Systems
Today, Operation Technology (OT) in buildings is becoming smarter and more connected through its Building Automation Controllers (BACs) and Building Management Systems (BMSs). These systems can also include access controls, environmental controls, and the OT connection to the IoT. This inter-connectivity enables automation and efficiencies but also creates security exposures that pose significant occupant safety, financial and reputational risks.
Veridify’s DOME (Device Ownership Management and Enrollment) solution is designed to address new and existing systems with tools that allow the retrofitting of security to your current building systems. Plus, DOME works with industry-specific protocols like BACnet, Fieldbus, Modbus and KNX. DOME does not replace a building’s current platform. Instead, it complements existing solutions and works seamlessly across multiple vendors, devices, and processors.
Intel designs, manufactures, and sells semiconductors and a variety of computer and communications technologies. Headquartered in Santa Clara, CA, Intel® has more than 100,000 employees in 63 countries and customers in over 120.
As an Intel Titanium Partner, Veridify offers the DOME™ platform, leveraging Intel’s advanced programmable solutions, to deliver device-level cybersecurity protection to new and pre-existing building automation systems and industrial IoT applications. Veridify also provides IoT security tools for Intel Cyclone V SoC FPGAs and Intel MAX 10 FPGAs. These functions are used for secure boot and secure firmware updates, and may also be used to validate signatures made over messages and certificates. Learn more here. Veridify is also a general member of the Intel® Internet of Things Solutions Builders Alliance and the DOME platform was recently recognized as an RRK Ready Solution.
Veridify’s Bump in the Wire solution combines Veridify’s quantum-resistant security methods with Intel’s Max 10 FPGA to create a security gateway that can be implemented on already- deployed industrial endpoints on the Internet of Things (IoT) that were designed before the need for security was realized. Veridify offers fast, quantum-resistant identification, authentication, and data protection solutions on Cyclone® V SoC and MAX® 10 FPGAs. Veridify’s solutions can be used for secure communication with other Intel FPGAs, CPUs, devices running on 8- to 32-bit processors, or microcontroller endpoints. These solutions are ideal for applications targeting industrial IoT, automotive, defense, consumer and medical markets.
Intel provides building blocks for a scalable edge to cloud solution, including the Intel IoT gateway reference design based on Intel Atom™ processor, Wind River* Linux stack, and Intel security software. These provide a foundation allowing building solution providers to focus on their applications. KMC Commander, based on Intel technologies, enables building owners to quickly and easily aggregate, analyze, and visualize building data to drive operation efficiencies and increase tenant’s comfort.
For Building Automation applications, DOME’s simplicity and scalability is used to secure the thousands of connected devices often found in a commercial building or multi-building campus, regardless of the device size or operating system. DOME can address even the smallest, low-resource connected devices often found at the edge of in-building IoT networks, which are often unsecured. In this context, DOME is used to cost-effectively ensure every device in an automated building can be onboarded, managed, transferred, and retired with the security necessary to create a safe and trusted environment.
Security Built In
You can depend on KMC Commander’s security. A Trusted Platform Module (TPM) chip performs hardware root of trust, secure boot, and BIOS-level lock-down of unused I/O ports. Embedded Ubuntu Core software ensures secure operation. White lists and black lists prevent unauthorized IP connections. Custom user permissions, data encryption, and other measures enhance security.
Key Benefits of DOME for Building Automation
- Secure zero-touch provisioning of data and configuration settings in the field
- Provides sensor the ability to quickly authenticate their owner with no cloud or third-party
- Each device pedigree captured in a blockchain
- Ability to transfer ownership of a device an unlimited number of times
- Supports legacy and quantum-resistant methods
- DOME Client deployable as software with support for ultra-low-resource processors
How it Works
View the DOME Building Automation Use Case white paper
View the Future-Proof Security for Building Automation Systems solutions brief (joint with Intel)
Learn More
Contact a Veridify Security expert today