Digital resilience by design

Smart buildings present new, unprecedented risks to their developers, owners and tenants. Managing these must become part of the design process

December 2020

Words by Will Brouwer

“Cyber-security is already as significant a threat to a developer’s business as falling rental values, and its importance will only increase”

Smart building technologies present a tremendous opportunity to advance the built world and improve the human condition. They can help create better places that respond to the needs of building developers, operators and end-users, and they will be vital to the decarbonization of the world’s largest asset class. But they also bring a whole new constellation of risks, challenges and questions, which make the digital resilience of an asset every bit as crucial as its ability to withstand real-world change. Future-proofing a smart building means addressing security, privacy and interoperability — all of which must be designed in from the start.

As internet-enabled devices become ubiquitous, the line between physical and cyber environments is blurring. For developers, it’s easy just to identify the value that smart technologies can bring — such as improving energy performance, increasing revenues or offering a better experience for occupants — without considering the unintended consequences of the sum of their decisions. As a result, they, their shareholders and customers are left vulnerable to rapid change, and the vagaries of a technology landscape that is far more dynamic than the built environment.

This is most vividly illustrated by the serious real-world consequences that can result from a cyber-attack on a smart building, including financial loss, reputational damage and the downing of critical systems. A high-profile example occurred at US retailer Target in 2013, when hackers were able to steal the details of 40 million credit cards via an internet-connected HVAC system, at a total cost to the company of US$202m. And this happened before the massive proliferation of internet-embedded devices. The Target attack is a rare instance of a case going public: one of the barriers to understanding cyber risks is that no one wants to admit when they’ve suffered a breach.

Cyber-security is already as significant a threat to a developer’s business as falling rental values, and its importance will only increase. Managing this threat necessitates a risk-based approach. In practice, a successful cyber-attack requires motive and opportunity. A risk-based approach addresses both, making a comprehensive assessment of the risk profile and the threat landscape. The risk profile is the likelihood of being the target of an attack — who would want to attack you and why? This will vary depending on the size of an organization and its activities. The threat landscape encompasses all the potential routes by which someone could launch an attack. For a smart building, this is immense, encompassing the network, all the devices on it, and threats from the cloud it connects to. It is essential to consider the two together: a loose ethernet cable in a corporate office is the same threat vector as it would be in your home, but the risk profile is a lot higher.

"Developers cannot afford to mismanage such powerful systems: there is a growing backlash against the unauthorized use of personal data"

Cyber-security specialists are increasingly branching out into smart building applications, and they will be able to advise on technical best practices such as multifactor authentication and secure data collection. But this is too important just to outsource: there needs to be much greater awareness throughout an organization. “Security by design” must become a driving principle in the development of smart buildings, whereas previously it was an afterthought. There must be senior accountability, with an individual board member responsible for reporting on cyber-security, and training for the entire workforce.

No less essential is “interoperability by design”. Smart building components need to be periodically upgraded to capture future advances in computing, networks and software. In addition to continuous innovation and upgradeability, solutions must be built on the premise of interoperability to avoid vendor lock-in — being trapped with a single supplier whose technology does not integrate with any other. Using open standards and protocols should be a technical requirement for smart building systems, and this should be a key criterion for assessing any technology partner. That way, every component speaks the same language and can connect, and all the parts are interchangeable.

Smart building owners will also find themselves facing increasingly urgent questions from tenants and users about privacy. In a smart building, there is no clear distinction between the online and offline worlds, which means that we no longer have the same control over how much we engage and how much data is collected about us. Done badly, features such as digital access, location services and room occupancy have the potential to invoke an Orwellian architecture of oppression — far from the seamless user experience that they are intended to create.

"It is not enough to tack on an 'opt out' late in the design process. We need 'privacy by design'"

Developers cannot afford to mismanage such powerful systems: there is a growing backlash against the unauthorized use of personal data, and no brand is too big to suffer serious damage — as Facebook discovered after the Cambridge Analytica data scandal. Over the next ten years, privacy and data sovereignty will play a key role in shaping the next generation of the internet – known as web 3.0 –  and they will become a marketable factor for buildings, just as sustainability has done over recent decades.

Who owns smart city data?

The essential new rules of data governance

Read more

Visionary developers will ensure that all digital solutions are scrutinized to avoid unintended consequences, and establish clear guidelines concerning data governance. It is not enough to tack on an “opt out” late in the design process. We need “privacy by design”, where it is a key tenet of smart building solutions. This manifests as a robust position, and a robust decision-making process to support it. That might include asking questions such as whether a user has the ability to opt out of a proposed service — and if the answer is no, not implementing it. It might mean deploying Bluetooth beaconing instead of video analytics to monitor building occupancy, a far less powerful solution that gives occupants greater autonomy while providing similar functionality.

The principles of the European Union’s General Data Protection Regulation provide a good framework for designing digital solutions, including data minimization, collecting the minimal amount of data possible to carry out the specific function, periodically reviewing data that is held, and deleting data that is no longer needed. But developers should not see compliance as a tick-box exercise — they need to actively lead on the topic of privacy, keeping up with the changing regulatory landscape and shaping the conversation.

These questions are coming, so future-proofing an asset is about staying ahead and having the right answers ready.

Will Brouwer is a Smart Places associate at WSP in the UK

Leave a comment