The collision of IT and OT in smart buildings

Negotiating the technical differences in our network systems
IT and OT in smart buildings Dan Ronald Optigo Networks BICSI ICT Today

The world of IT does not look quite like it did 40, or even 30 years ago. 

As the growth of the internet of things (IoT) accelerates, a wealth of smart new devices is being added to our networks: everything from security cameras to lighting control and energy metering systems.

IoT is a major trend that is here to stay, and smart buildings are the IoT. In some cases, these traditionally non-IT services will want access to data and the internet. IT departments have to work with facilities to decide what is acceptable, and how to manage this complex crossover.

Whether founded or not, there is a feeling in the facilities community that working with IT can be difficult. The IoT community is hungry to find an IT partner who understands their needs and is willing to work with them. As our buildings become more and more integrated, the two teams must come together in this ecosystem. To manage all these new internet protocol (IP)-driven systems in our buildings, IT and facilities will need to collaborate and make sure the lights turn on, the air is comfortable and the parking meters work. If the two departments do not communicate with one another effectively, our buildings—and the people who live and work in them—will only suffer for it.

Key Differences Between IT and Facilities

In the context of smart buildings, operational technology (OT) consists of elevators, lighting, heating, ventilation, and air-conditioning (HVAC), power meters, surveillance, access control, intercoms and fire alarms—essentially anything bolted to the building. As these devices become more networked with IP, it is possible for IT and facilities to collaborate to create impressive smart buildings.

At first, the systems might look and feel like traditional IT systems. There is, after all, some crossover between IT and OT in smart buildings. However, there are several key differences (Figure 1) and these differences present challenges that both departments need to understand.

IT and OT in smart buildings Dan Ronald Optigo Networks BICSI ICT Today

Facilities devices are often buried behind walls and inside ceilings, far away from traditional IT port locations. OT protocols, the most popular of which is BACnet®, do not always integrate well with IT protocols like address resolution protocol (ARP), even if they seem similar at first. Device identification management, maintenance windows, scalability and cybersecurity best practices are just a few other challenges that can arise when IT and facilities departments begin working together. This new partnership between the two might mean adjusting—or completely changing—policies and procedures, but doing so will result in more robust, scalable and secure smart buildings.

It all starts with first understanding our differences.

Port Locations

Facilities technology can be found everywhere. OT can be deployed in underground tunnels, on rooftop units, utility poles, behind walls, behind fences or in ceilings.

The bottom line? OT is rarely easily accessible. The odds that it will be conveniently located near a traditional IT port, a server room or a desktop unit are low. Because of this, the facilities technician may ask for ports in less than ideal locations.

A Difference of Languages

These operational devices may or may not use protocols that are designed to play nicely with IT. Of course, there are some crossover protocols between IT and facilities, like hypertext transfer protocol (HTTP); and on converged networks, IT protocols are often used to manage facilities systems.

The most dominant protocol in facilities, though, does not always work well with IT. The BACnet is the de facto protocol in HVAC systems. The protocol is widely used and being quickly adopted across other operational systems, such as lighting and elevators. BACnet is perfect for these machine-to- machine communications. When it is used with IT, however, issues can rapidly arise.

As an example, there is a concept of device discovery in BACnet which is both similar to and different from ARP. In this discovery process, devices send out broadcast messages known as Who-Is requests for I-Am responses. Because they do not use ARP, they do not go through routers; instead, BACnet systems use devices called BACnet broadcast message devices (BBMDs). BBMDs are essentially proxies that retransmit a BACnet discovery broadcast packet using a unicast version. As a result, the ARP table might not find these operational devices.

This is just one example of some of the differences between IT and facilities. It is beneficial to learn more and understand BACnet and the operational protocols in order to work well with and support IoT.

Assigning Device IDs

In IT systems, dynamic host configuration protocol (DHCP) is a common way of assigning IP addresses; however, for ease of management in facilities systems, fixed IP addresses and BACnet device IDs are typically manually assigned. From day to day, the device count, IDs and IP addresses will stay essentially static (e.g., elevators, access control, fire and safety systems).

This means that an IT partner should help the facilities team assign these IP addresses and understand that they may be unfamiliar with the concepts of virtual LANs or subnets. The facilities team may ask for subnets crossing multiple buildings or even multiple cities. They may not understand IT best practices, and if an IT partner requires the facilities team to change subnets, it might compromise their systems.

Maintenance Windows

Often overlooked, maintenance windows constitute one of the most complex hardships. Managing maintenance windows requires a layer of social communication that inevitably affects the network communication. It might seem perfectly reasonable, for example, for IT to do maintenance for an office on a Sunday at 2 a.m. No one would be on site or need access to computers, printers and Wi-Fi that early in the morning.

What about how that affects the facilities network and devices? Sunday at 2 a.m. might be when the solar panels are exporting data to the servers for optimization or when the system is working its hardest to tune the temperature for Monday morning. There is no right or wrong here—it just means that IT and facilities need to collaborate on their schedules.

Planning for Scalability

When it comes to scalability, there are some similarities between IT and IoT. Both the IT and facilities networks must be able to scale with the tenants’ needs.

Facilities personnel may not understand their future bandwidth and IP requirements. The world of connectivity is still new to many facilities personnel and some may not know that today they are using a minuscule amount of bandwidth compared to what they one day will. Their IP requirements may be low now, but that will change—this is the whole concept behind IoT. Soon everything will be connected and integrated. An infrastructure that can support this scale of connectivity will be needed. IT personnel will need to begin helping the facilities personnel understand that network growth is inevitable.

During construction, an operational system needs to be up and running long before people begin moving in. There will be bare walls, no desks, no Wi-Fi or phones. There may not be a server installed. To work with facilities, IT departments will have to become involved in the project well before they would normally begin. IT personnel will have to understand that planning and installation of these operational systems can start a year or more before staff moves in.

Even with this advanced planning, it is still possible that the building will open and the facilities team may realize they need another 12 ports. The system must be flexible enough to scale to support a whole network of IoT.


The concept of cybersecurity is in its infancy in the facilities industry. Facilities are only just becoming aware of cybersecurity. They are beginning to understand how important it is to be careful with data. With integrated IoT across both IT and facilities, personnel must be aware of how to design and manage building networks.

In IT systems, it is standard to blacklist certain destinations or devices that are deemed to be dangerous. It is common to filter out destinations based on what has been highlighted as suspicious.

In OT systems, personnel typically whitelist destinations and devices that are deemed to be safe, instead. That means that once filtered in, the operational devices will reach out only to a select number of well-defined locations.

External contractors having remote or on-site access to the network is another security question for IoT. IT departments tend to own and maintain everything that is installed (e.g., phones, servers, software). In OT, external contractors and vendors are common. Organizations typically do not want one employee on site who is dedicated to managing only a building’s solar panels. Organizations often opt for contractors who can come in at a specified time, perform the work, and depart.

It can be a revolving door of techs, all working to support the different systems, and some will need access to IT data. An HVAC contractor might need access to the system to ensure it is working correctly; electric vehicle (EV) charging stations might need to provide information on a map; tech support might need to view the network data to spot and fix technical issues. This is all information that IT would likely want to block for security. Facilities needs to provide access, however, to optimize their integrated systems. If vendor management is needed, contractors may need virtual private network access.


The growth of IoT presents an appealing opportunity for IT professionals. Right now, IT professionals can choose to be allies in the growing world of IoT. Building automation systems, security, renewable energy, EV charging stations, smart lighting and heating—this is all part of the trend called IoT, the future of technology.

If IT professionals embrace and become an ally to facilities, they will have an opportune chance to grow, learn and extend their value to the buildings. The real growth in building networks is going to come from the world of IoT.

Working with facilities will not always be smooth, as both have different backgrounds, different training and different perspectives. If IT professionals understand each other and acknowledge the challenges of facilities personnel, collaboration will begin.

Article by Dan Ronald, CTO at Optigo Networks. Originally published in BICSI ICT Today. 

Recent Blog Posts

ATS, an industry-leading systems integrator with offices across the United States, has a clear vision for supporting customers.

We all have those jobs that just won't go away. It feels like you've tried everything, but the problems are still there. 

Unfortunately, you're guilty until proven innocent. 

You’re in the design phase of a new building. Contractors and vendors are all coming at you with demands.

The consulting specifying engineer of today is venturing into totally new territory: Division 25.

If you’re tired of going on site to capture BACnet data, look no further than your JACE.

Recent Projects

ATS companies use Visual BACnet to provide superb customer value

ATS companies

ATS, an industry-leading systems integrator with offices across the United States, has a clear vision for supporting customers. They want to be their clients’ trusted partner, through installation and beyond. With Visual BACnet, they found a way to serve more clients faster and deliver exceptional value.

Coventry University


Chris Goodman, the Senior BMS Technician at Coventry University, had broadcast storms that were happening more and more frequently. 

Ongoing construction due to Coventry’s campus expansion meant lots of new activity, with technicians installing new devices and making network changes. Already juggling these constant additions and alterations, Goodman and his small team then had to deal with the subsequent broadcast storms. As the broadcast storms became more frequent, Goodman and his team needed a solution.

Find out how Visual BACnet helped Chris solve the broadcast storms and improve Network Health in our free case study!

Data center expansion with OTI and Optigo Connect


Stack Infrastructure is a portfolio of hyperscale computing data centers. OTI completed work on Phases I and II, and returned for the Phase III build-out of a 4-megawatt data hall and brand new central plant. The Optigo Connect network put in place in Phases I and II was expanded on this project. The team achieved quick roll-out of a large, multi-service redundant network using the Optigo OneView management interface. Going forward, the facility management team can use OneView to remotely monitor equipment, manage power usage, and meet up-time goals.

Optigo Connect MR Soluciones The Landmark


The Landmark is a sophisticated mixed-use high-rise in Mexico. The owners wanted to integrate all OT systems in the skyscraper, while maintaining separate networks for each application. The Landmark is the fourth joint project between Optigo Networks and MR Soluciones. Together, these companies provide robust services to meet any challenge.

Australian Bureau of Statistics at 45 Benjamin Way with Delta Building Automation


Delta Building Automation (Australia) had a big job renovating the Headquarters for the Australian Bureau of Statistics (ABS) at 45 Benjamin Way. The building owner wanted to improve the building’s energy use and increase their National Australian Built Environment Rating System (NABERS) score to more than 4.5 stars, out of a possible total of six. Securing the network both internally and externally was a big priority, as well.

Penn State University Optigo Networks Visual BACnet


When Tom Walker looked at Penn State University’s Navy Yard network, he saw huge issues. The system was busy and loud, to the point where the overrun network was bringing down the entire building. Because this was happening on the MS/TP network, pinpointing the problem would mean boots on the ground to segment and test the chain, piece by piece.

Penn State University Optigo Networks Visual BACnet


When Tom Walker first started working at Penn State University four years ago, there were a lot of network issues. Buildings were dropping offline. Broadcast traffic was pushing 90,000 packets per hour. Walker was on the phone almost every single night because devices were down or had to be reset.


Torre Manacar Mexico City Optigo Connect


When MR Soluciones began work on Torre Manacar, they knew they needed a flexible and scalable network infrastructure to support a wide array of integrated systems. Optigo Networks was a natural fit for the massive project, designing a robust network at a competitive cost.



Short Pump Town Center, an upscale retail center, underwent a complete renovation in 2014. The flexibility of Optigo Networks’ solution meant the retail center’s unknown final design was not a barrier to placing IP surveillance equipment in the field.



Optigo Networks connected New York-based Boulevard Mall’s security surveillance devices in December 2015, using a Passive Daisy Chain topology.