What is BACnet?

Long, long before the Internet of Things was controlling your house, there were intranets of things controlling large office buildings.


BACnet (Building Automation and Control Network) is a protocol for building equipment and control systems. An open and international standard (ISO 16484-5), it's main purpose was the control of climate systems (heating, cooling and ventilation) in large office buildings. In practice, it has really been used for anything where central control and monitoring is important (lighting, fire alarms, etc).


While I only recently learnt of this protocol, I found it very interesting. The following is an overview of what I learnt.


Network stack

BACnet is a packet based protocol which can sit on top of various packet transports, including:

  • UDP/IP
  • MS/TP (Master-Slave/Token Passing) over twisted-pair cables for the lowest lost networking
  • Ethernet directly
  • ZigBee - wireless mesh network

Peer to peer

The protocol is decentralised and, without any security addons, allows any devices on the network to access any other devices. A device can ask another device to monitor another device.


Five BACnet "interoperability areas"

1. Data sharing

The data sharing model is object-based. A client device sends a message to another device, specifying an object on the device and reading or writing a property of the object. As multiple client devices may be writing to the same properties, a priority level (1-16) can be used. Priority 1 for manual safety shut-offs, for example. In order to remove the need to poll for changes, a subscription to a property (change of value) can be used.


2. Trending

Trend log objects enable data which is not being used for real time purposes to be collected more efficiently in bulk. The trend log object samples or subscribes to properties of another object (which may even be on another device). The trend log can emit notifications when it is getting full and a client can collect its contents in bulk.


3. Scheduling

BACnet has a powerful scheduling system built in. The schedules can be based on dates, date ranges or days of the week and can change the value of some property over the course of a day. It can either produce a changing readable property or write directly to another objects property. Like the trend log, a schedule could write to properties of an object on another device.


4. Alarm and event management

In addition to value change subscriptions, clients can subscribe to alarm conditions defined by the application. These alarm conditions can require human acknowledgement and may be escalated until they are acknowledged.


5. Device and network management

The fifth area underpins all the BACnet communication. It allows devices to discover other devices or objects (Who-Is, Who-Has), synchronising the time between devices, reinitialising other devices, and the opening an interactive terminal to the device over BACnet.



BACnet was installed in buildings before everyone had devices at their desks, in their pockets and on their wrists, so network security measures were not in the original specification. Addendums to the standard have added security enhancements and recommendations, but many building systems are older and updates are rare. There seems to be a lot of tools for securing BACnet, but it is not a simple task.



BACnet is an interesting and powerful device interoperability protocol. That said, it would probably be a challenge to hack something together without risking breaking other devices as it is fairly specialised. Still, I hope to get a bit further into BACnet or other building automation systems soon.


Further reading