What is a BACnet node?

A BACnet/SC node can be a simple device, such as a thermostat, or a more sophisticated device that routes to an existing BACnet system, or it could be the main workstation for the entire facility. A node connects to the primary hub from which it receives broadcast and unicast messages. Or it can directly connect to one or more nodes to receive unicast messages from that node only.

What happens when a certificate expires?

A device with an expired certificate cannot connect to the hub. Device certificates need to be updated in a timely manner. This can be an administrative challenge especially if protecting your installation is extremely important.

Does a hub re-route messages or decode them?

The TLS connection from the device terminates at the hub. The hub decodes the message, then encrypts it again to send it on to the next connection. Decoding lets the hub read the destination address and properly forward the message to the correct recipient. A hub receives messages from only trusted devices.

What about the BBMD (BACnet/IP Broadcast Management Device)?

BACnet/SC requires no BBMD configuration with static IP addresses. The hub takes part of this functionality in that it distributes the broadcast. The hub is the heart of the BACnet/SC network. It does not require a static IP address to pass data through a secure web socket using a URI (Universal Resource Identifier).The host can use a regular URI DNS name and even a resource path to locate the hub and make a web socket connection.

Can a network have different types of hubs?

A hub may be a controller, a BACnet router, a Supervisor PC or a cloud service. With cloud deployment, a hub may be a virtual machine in a data center.

What happens if a hub fails?

If the primary hub fails, a redundant, failover hub automatically takes over.

Figure 22.   Redundant hub

The failover hub takes over when the device node cannot reach the primary hub. A node is configured to identify both the primary and failover hubs. The use of a failover hub is optional, but recommended.

When the primary hub is available again, the network automatically reconnects to it.

Should we get rid of your BACnet/IP with VPN?

Using a VPN is more secure than standard BACnet/IP. You should upgrade your networks one step at a time. This is possible because messages that are sent over a BACnet/SC link layer can be routed to and from BACnet/IP link layers.

What about scalability?

The number of devices a BACnet/SC supports depends on the hub. A large installation may have multiple hubs. Certificate management is designed to support large numbers of hubs and devices.