Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Understanding BACnet: Present and future of protocol in industrial environments

Posted date 14/08/2025
Author
INCIBE (INCIBE)
Gestión de un edificio inteligente desde un dispositivo móvil

Until the arrival of BACnet, there was no standard industrial network protocol for building automation. Therefore, if you wanted to control different systems such as refrigeration or air conditioning, you needed different protocols, which made communication difficult because there was no standard for these cases.

The BACnet protocol was developed by ASHRAE in 1987 with the aim of developing a protocol capable of communicating with various devices through automation systems. Since its creation, it has continued to gain popularity in smart building management, being adopted by many suppliers around the world.

BACnet communication format

One of the main features of this protocol is that it is object-oriented, which allows for a flexible approach. In addition, all data is represented in terms of objects, properties and services.

An objet is defined as information represented on a physical input or output or logical groupings of different points that perform a function. This object has an identifier that allows the BACnet system to identify it.

As for the properties, they are the ones that allow the identification of a greater amount of information about the object, making communication through this protocol successful. In this case, you can differentiate between three types of properties, which are:

  • Mandatory properties: they must be present according to the BACnet standard as they are essential for proper communication. The most notable are identifier, name and type of the object.
  • Optional Properties: They are not essential for communication, but they offer additional information about the object.
  • Proprietary Properties: Additional properties created by developers to meet a specific need.

Finally, a service relates to a mechanism that a system can use to be able to access a property or request an action from an object. In this case there are a multitude of services, but the only minimum service that all devices must have is reading. Services can be grouped into five categories:

  • Accessing Objects: Services used to access and modify the properties of objects.
  • Alarms & Events: Services to obtain alarms, events and notifications of changes in values.
  • Files Transfers: Services used to modify and transfer files contained on devices.
  • Device Management: Services for device discovery, time synchronization, communication control, and device reset.
  • Network Services: Services that handle communication between devices in different network segments.

Architecture

As noted above, the BACnet protocol is not characterized by sending a large amount of data since its use is to control lighting, air conditioning systems or similar services, so it can be said that it is a light and efficient communication. Therefore, the architecture is not characterized by being too complex, since it only uses four of the seven layers of the OSI model as can be seen in the following image.

Arquitectura del protocolo BACnet.

As can be seen in the image above, the BACnet protocol uses the physical, link, network and application layers, the latter also performing the transport and session functions.
In addition, depending on the link layer or physical layer used in the protocol, different variants can be found, which are:

  • BACnet/IP: Used in VLANs and WANs so that devices can be connected directly to hubs or switches.
  • BACnet Ethernet: It is used in 8802-3 Ethernet networks. It is similar to BACnet/IP but it uses MAC addresses instead of IP addresses to establish communications.
  • BACnet MS/TP: It is based on the master-slave modes in the link layer.
  • BACnet PTP (Peer to Peer): It is only used in telephone networks. The EIA-232 direct connection is generally not used, with Ethernet being more common.
  • BACnet over ARCNET: This protocol allows it to be used over coaxial cable or RS-485 serial cable. Today it is supported by a few providers.

BACnet Secure Connect

Due to the increase in cyberattacks that the electricity sector is suffering, this protocol had to evolve to improve its level of cybersecurity, such is the improvement that has been called BACnet-Secure Connect (BACnet/SC), this improvement is a new protocol layer in the OSI/ISO layer model of the BACnet standard, which gives the advantage of having full compatibility with BACnet IP and BACnet MS/TP networks. This version of BACnet is based on the TLS 1.3 security standard with a choice of 128t 256-bit elliptic curve cryptography.
The following illustration shows how BACnet/SC works:

Topología BACnet

As it is possible to see in the image above, it follows a hub-and-spoke topology. In this topology, a BACnet/SC device is chosen as the primary hub and will be responsible for managing the communication and data transfer between the rest of the devices, called simple nodes. Only one primary hub is allowed in the entire network, but a backup primary hub can be set up in case the first one fails, as the next image shows.

Funcionamiento hub de reserva


BACnet vs BACnet Secure

BACnet/SC offers several advantages over the variants. These advantages are as follows:

  • Use shared IP networks without the need to set up a VPN.

  • Simple network configurations, allowing you to switch from simple to complex IP networks and from local to global without compromising existing security.

  • It uses Secure WebSockets, which is an extension of the HTTPS, protocol, providing secure message transport.

  • It allows communications independent of network configuration such as IPv4, IPv6, Wi-Fi and cellular data.

BACnet in industrial environments

In recent years, there has been an increase in interest in BACnet and its possible implementation in industrial environments thanks to the numerous advantages it can offer. Below are some of the advantages offered by this protocol in industrial environments:

  • Breadth of data: This protocol can provide a large amount of data such as data values, configurations, alarms, etc., which would be relevant information to facilitate decision-making. These characteristics are very difficult to find in other protocols such as MODBUS, since its capacity for sending data is lower.

  • Interoperability: BACnet was designed to obtain interoperability, allowing access to each object and its properties, facilitating integration and communication between different systems.

  • BBMD support: This protocol can be supported by BBMD (Broadcast Management Device) routers, allowing the communication of devices on different networks. MODBUS, on the other hand, does not have this feature and requires manual intervention.

  • Scalability and Adaptability: BACnet is continuously improved, improving its functionalities and adapting to new technologies. This scalability is especially important in growing industrial environments.

Conclusión

As has been observed throughout this article, the BACnet protocol is essential in the management of smart buildings thanks to its interoperability and its ability to adapt to new technologies. In addition, observing the continuous cyberattacks that the electricity sector is suffering, it has had to evolve and improve the level of cybersecurity of the protocol, for this they have been based on the TLS 1.3 security standard creating BACnet-Secure Connect, and finally, thanks to its features and continuous improvements, it is rethinking using the BACnet protocol in different industrial environments to be able to replace other protocols that are already outdated and cannot comply with the requirements of the needs that are required today.

Etiquetas