Canadian Electrical Wholesaler

Feb 14. 2019

CybersecurityBy Craig DiLouie


Connectivity enables LED lighting to go far beyond illumination and energy savings to offer revolutionary new capabilities and value for occupants, cost reduction, quality lighting, and business process improvement.


By networking luminaires and lighting control points in a centralized architecture, the lighting system becomes programmable and able to generate data. These data can be applied to strategies like optimizing space utilization, tracking inventory, and providing location-based services. These strategies in turn can produce tangible impacts on cost reduction, process efficiency, branding, and occupant satisfaction.


While connecting devices for various business purposes can produce extraordinary value, it can also impose data privacy and security risks. These risks may take several forms, with two notable attacks being sniffing and vectoring. Sniffing is when a hacker intercepts data between devices and assumes control of the device. A vectoring attack is when a hacker uses a building system network to penetrate a more secure connected corporate network for data theft.

Cybersecurity is a major challenge for the Internet of Things (IoT) as a whole (and corporate information networks beyond that), and lighting is not immune. The challenge is serious enough that it is now being targeted by legislation such as California’s SB-327, which requires manufacturers of connected devices to design them with certain security features by January 1, 2020.


Meanwhile, several IoT-related bills have been introduced in the U.S. Congress, such as the IoT Cybersecurity Improvement Act of 2017 (minimum security standards for connected devices acquired by the government), IoT Consumer TIPS Act of 2017 (directs the Federal Trade Commission to educate consumers), and the Smart IoT Act (requires the Department of Commerce to study the state of the industry). None of these bills have yet made it to a vote, however.

While the cybersecurity industry has a deep well of expertise and experience dealing with potential threats, it’s a new issue for many building industry, including the lighting industry, which is now working hard to ensure networked lighting systems are a strong link in the IoT.

While all this is developing, specifiers and designers should evaluate connected lighting systems with some basic knowledge of cybersecurity. In terms of security, what constitutes a “good” system for a given application depends on how it’s designed (security features) and configured (how it communicates) as well as the owner’s risk tolerance and level of technical knowledge.

For example, while IP-based systems enable lighting devices to be connected, monitored, and controlled in an Internet-based network, which can facilitate remote support, ability to access data, and an enhanced role for lighting in the IoT, they may require stronger security.

Many major manufacturers are prioritizing the issue with initiatives, drawing on standards and best practices such as ANSI/UL 2900-1, IEC standards, ISO 27000, and the NIST IoT Cybersecurity Framework. Over time, manufacturers ideally will streamline methodologies around best practices and design products with good cybersecurity tools built in, making security transparent for professionals wanting to focus on lighting.

It is possible the IoT will drive demand for standards-based security in connected lighting because it brings different stakeholders like IT professionals into the decision-making process.

Below are eight tips for enhancing cybersecurity in your projects:

1. Become conversant in cybersecurity “hygiene.” While lighting professionals need not become cybersecurity experts, they can benefit from education about basic concepts and practices.

2. Engage with the client about cybersecurity. It can be beneficial to engage the client about security needs during the project programming phase. This may require talking to client IT departments, which vary in how they’re composed. The IT department may have questions and requirements that will affect how the project is designed.

After product selection, it can be beneficial to include security documentation as part of the project documents. For challenging questions, the manufacturer should be able to provide support.

3. Ensure good encryption. Encryption is encoding data between devices to prevent them from being intercepted and manipulated. In a May 2018 bulletin, Cyber Security for Lighting Systems, the U.S. Department of Energy’s Federal Energy Management Program (FEMP), recommends AES 128-bit encryption.

AES 256-bit encryption is available, but there is a trade-off between power draw (and latency) and encryption in wireless lighting devices, resulting in a majority of devices using 128 instead of 256.

4. Choose an appropriate method of authentication. Authentication is about ensuring only devices that trust each other can share data. The FEMP recommends good authentication, with possibly the most secure authentication method being use of both a public and private key. The device initiating communication does so using a public key, and the responding device answers with a private key.

5. Safeguard the lighting network. If security is a concern, the network should be protected by a firewall. If the lighting network will touch the corporate network, as an added security measure, FEMP recommends segmenting it using a virtual local area network (VLAN). With a VLAN, a portion of a network is partitioned and run separately as a subnet with its own functionality and security.


6. Advise client on their responsibilities. The client should be advised about delineating administrator permissions (who will have access to the network and what powers they will have inside), the importance of installing vendor software updates (which may include important security enhancements) and changing passwords, and so on.

7. Secure after commissioning. FEMP recommends that any radios used to commission the control system be turned off after use. Or, if the radios are needed for ongoing system operation, they should be secured.

8. Scrutinize products. Look for suppliers that use a strong security methodology, are able to explain it, and can support you when needed. Here, education can go a long way in evaluating products with comparable security features but where the manufacturer implements them very differently.

One resource for evaluating products is the DesignLights Consortium (DLC), which lists networked control systems in a Qualified Products List that utilities in turn use to qualify products for their rebate programs. The Qualified Products List allows manufacturers to report compliance with certain security standards, and will require standards compliance in 2020.

Networked lighting and the IoT are a new world, presenting exciting opportunities for end-users but requiring new skillsets and creating new potential risks. Savvy building professionals will become educated on the basic issues, demand good security methodology from manufacturers, and engage with the right people at the customer to ensure all requirements are satisfied.

Craig DiLouie, LC, is Education Director for the Lighting Controls Association. Reprinted with permission of the Lighting Controls
Association, www.lightingcontrolsassociation.org
Photo by jaydeep_ on Pixabay

 

 

Rob McIntyreRob McIntyre

The use of reels is fundamental to the safe and efficient handling, transportation and distribution of wire and cable to the end user. The properties of wire and cable require reels to be robust and have certain structural specifications to ensure wire and cable goods are not compromised between the time they leave the factory to when they are installed on site. Wire and cable must be protected from any kind of mechanical damage, ingress of moisture, dirt and chemicals. Close attention must be paid to the temperature ratings of wire and cable; therefore, storage must be in an environment consistent with the rating.

Read More

 

Stephen LeeCEW caught up with General Manager of EiKO’s Canadian division Stephen Lee, who was kind enough to take some time out of his busy schedule to share his perspective on the industry.

EiKO is a global fixture, lamp and, more recently, controls manufacturer headquartered in Shawnee, Kansas. Additional locations include European operations in Frankfurt, Germany; APAC operations in Taiwan; and Canadian operations in Barrie, Ontario. EiKO also has five distribution centres in North America located in Ontario, Alberta, Kansas, Nevada, and New Jersey.

 

 

Read More

Q4 GDPGrowth in real gross domestic product (GDP) slowed to 0.1% in the fourth quarter, owing to a decrease in business investment and weak international trade. These declines were offset by increased household spending. Final domestic demand edged up 0.2%, after rising 0.8% in the third quarter.

The annual growth rate of Canada's real GDP was 1.6% for 2019, a deceleration from the 2.0% growth in 2018. By comparison, real GDP in the United States increased 2.3%.

 

 

 

Read More

 

Changing Scene

  • Prev
With the COVID-19 crisis underway, EFC is working diligently to provide current electrical ...
Submit your nomination for the EFC 2020 Trailblazer Award and EFC 2020 Industry ...
Hammond Power Solutions Inc. announced its financial results for the Fourth Quarter of 2019. ...
Electricity Human Resources Canada (EHRC) celebrated innovation and leadership in human resources ...
On January 31,2020, the new IDEA Connector will go live to over 6500 distributor locations with ...
Arlington Industries has announced the recipients of their rep sales awards for 2019.   ...
EDGE Global Supply, through its subsidiary Technology BSA, completed the acquisition of RK ...
AD is reporting total 2019 member sales across its 12 divisions were $46.3 billion, an increase of ...
WESCO International announces its results for the fourth quarter and full year 2019.   ...
After six years as president of AD’s Electrical Business Unit and chief marketing officer, Ed ...

ElectrofedDo you or an expert you know have an electrical topic that requires the attention of a greater audience? Are you and your company leading innovative strides and can benefit from sharing your expertise? Have your Product Section expertise and innovation recognized as a thought leader!

Electro-Federation Canada (EFC) is currently accepting proposals for product section members to be featured in an electro|POD podcast series to promote the innovation and best practices EFC’s various Product Sections are collaborating on.

Read More

 

 

 

 

Mary ShawNorth American electrical industry veteran Mary Shaw has been announced as the executive director of ETIM North America, a non-profit association charged with promoting and maintaining the ETIM global technical data classification standard in the U.S., Canada and Mexico.

ETIM North America (NA) is one of 22 ETIM federations around the world dedicated to propagating the ETIM classification model to assist manufacturing and distribution companies with the exchange and digitization of product information throughout the supply chain, to end users and to engineers and architects.

Read More

 

Legrand Lighting ControlsLegrand, North and Central America (LNCA) announced the acquisition, subject to closing, of Focal Point, a Chicago-based privately held manufacturer of architectural lighting products.

This acquisition is Legrand’s fifth addition to its Lighting Sector and marks the company’s elevation to a full solutions provider in the architectural lighting space. Legrand provides a high degree of autonomy to its lighting companies and supports Focal Point's business leadership team in the pursuit of innovation and growth. Legrand’s scale and infrastructure will allow Focal Point to deliver innovative lighting solutions to their customers, faster and with capabilities that are more robust.

Read More

 

 

Peers & Profiles

  • Prev
Sean Bernard is the Intelligent Controls Manager, Canada for Ideal Industries. Sean resides in ...
Christina Huang is a Senior Contracts Manager for Schneider Electric. She has a varied, technical ...
Jenny Ng is a Business Development Manager for the Power Solutions Division of Schneider Electric. ...
With over 60-years of experience in the lighting industry, CBC Lighting has established itself as a ...

Éric DeschênesLine Goyette

A new figure at the head of the electrification business unit and ABB Canada, Éric Deschênes is not a newcomer to the electrical industry. A long journey that we have already highlighted by emphasizing his passion for finding practical solutions that optimize the adoption of technologies. We met with him recently to discuss his new leadership role at ABB Canada and his projects. First, he would like to point out that recent changes to ABB Canada’s structure, as elsewhere in the world, have been made to decomplex the customer relationship. “The corporate matrix has been lightened to get closer to the customer,” says Éric.

Read More

 

Looking Back

Has no content to show!

Copper $US Dollar price per pound

Kerrwil Publications Great Place to Work. Certified December 2019 - December 2020

538 Elizabeth Street, Midland,Ontario, Canada L4R2A3 +1 705 527 7666
©2020 All rights reserved

Use of this Site constitutes acceptance of our Privacy Policy (effective 1.1.2016)
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Kerrwil