- Standard Rate
- £35.00 +VAT
- Member Rate
- FREE
DE6, part of CIBSE’s Digital Engineering Series, is intended for those that commission, design, construct and operate built assets to understand the scale of security implications.
These implications may revolve around national security, commercial security or private security. Each will have individual requirements and this document looks to provoke thought in this regard. The solutions will be a matter for each individual organisation, company or person to ascertain.
This guidance follows the approach of PAS 1192-5:2015, but also addresses other aspects of security not covered by the PAS. It considers aspects to be made that are more specific to the Building Services Engineer, such as Building Management Systems (BMS) and Internet of Things (IoT) devices as used in Building Services systems.
The increasing use of technology in construction has revolutionised the way information is shared, accessed, transferred and used. The advent of Building Information Modelling (BIM) has increased the amount of data transferred and required in these information exchanges. This in turn presents a number of issues to be considered when collaborating on projects, from those responsible for the implementation and administration of information management systems, to the day to day users and operators of the asset.
This document deals with cyber security in terms of planning for and dealing with attacks with reference to other, existing standards and with special interest paid to the elements of building services systems that may represent vulnerabilities to such actions.
We have also provided templates that should help with organise Model Review Meetings, which are available here:
The following free-to-all templates are made available alongside the Digital Engineering Series, and can be downloaded here:
- DE1T: Pre-qualification Questionnaires Template (Microsoft Word)
- DE1T: Pre-qualification Questionnaires Template (Microsoft Excel)
- DE2T: Employer's Information Requirements Template
- DE3T1: BIM Execution Plan Pre-contract Template
- DE3T2: BIM Execution Plan Post-contract Template
- DE3T3: Task Information Delivery Plan
- DE3T4: Level of Definition Matrix
- DE5T: Asset Information Requirements Template
- DE6.1T1: Services Security Summary Template
- DE6.1T2: Services Matrix Template
- DE7T: Organisation Information Requirements Template
- DE8T: Project Information Requirements Template
Contents of DE6:
- PAS 1192-5
- General principles
- Built Asset Security
- Security manager
- Built Asset Security Strategy
- Built Asset Security Management Plan
- Security Breach/Incident Management Plan
- Assessment of the potential risks in the event of a security breach or incident
- Risk mitigation
- The review process
- Review of the SB/IMP
- Built Asset Security Information Requirements
- Working with suppliers
- Asset management
- Common Data Environments
- Setup
- Access
- Training and awareness
- Technical integrity
- Cyber security
- Building Management Systems
- Smart meters
- Web-enabled devices
- Internet of Things
- Security and building regulations
- Questions for the IT Department
- Boundaries
- Connectivity
- Cooperation and coordination
- Advice for behaviour
- Updates and maintenance
- Firewalls between connections
- Air gaps
- Intelligence and surveillance
- Server locations
- Dealing with the aftermath
- Continuity planning
- Data recovery
- Public relations
Author
Carl Collins - Consultant to CIBSE
Acknowledgements
Dwight Wilson – Imtech
Dr Hywel Davies – CIBSE
Martin Howe – SES Engineering
Jeremy Newsome – WSP
Chris Powell – Atelier Ten
Mojca Roženičnik Korošec – Turner & Townsend
BEAMA BIM Steering Group