Issue
Cyber security and other concerns regarding data transfer to Building Advisor Portal.
Product Line
EcoStruxure Building Operation
Environment
Building Advisor
Cause
Limited available documentation.
Resolution
1. What are the details around the authentication towards AU? Where the certificate can be used for DTSERVICES and INTREPRETER server?
The Data Transfer Windows service that is installed on our client's supplied server (normally within client's
firewall). In order to support Clockworks Connect functionality, the private key of a private/public key pair is installed on same server that the windows service is installed on. The Data Transfer windows service currently supports TLS 1.2.
The Clockworks Authentication web service provides ability to determine the identity of a request's caller. Validate Request with cryptographic challenge - Validate Request by creating cryptographic challenge for Data Transfer Service to sign with private key to confirm identity. Create Session Key - On successful validation, create and store Session key and send back to Data Transfer Service.
Files are named with a date and time stamp to make them unique.
When the DTS transfers the file successfully, it auto deletes the file from the folder. Saving the need to manage the file directory.
It is expected the DTS will create the file, export and the handle transmission of the data.
2. How often will the pointslist file be updated (can this be replaced by a manual task)?
Points list file would only be updated if configuration of BMS points has changed (i.e. from a retro fit or additional sensor etc.) – this would be a manual exercise post completion of BMS works.
3. What is the file-format and extension of the pointslist file?
The Clockworks Data Transfer web service provides the following data to the Data Transfer windows services:
• Data Transfer Service application configuration
• Point configuration
• BMS credentials
It works in concert with the Clockworks Authentication web service to ensure a valid a session has been created and is not expired.
Interpreter 2
The Clockworks Interpreter web service provides the ability to send data from our client's Building Management System (BMS) to our Cloud environment to allow for visualization of that data in raw (primary) or as analyzed after calculations are performed on the raw data. The Interpreter web services receives data in HTTP GET or POST requests and parses and validated the request before storing in a serialized and compressed binary format. If needed, factors are applied to resolve known data issues from the source. The interpreter supports the following features:
• Support TLS 1.0 and up for Transport Security. SSL is disabled.
• Supports Triple DES (deprecated) and Rijndael algorithms for message level encryption.
• Reserved IP address to ensure the same IP address is maintained which support organizations that: 1) Subscribe to default deny policy and do not trust DNS retrieval for security concerns 2) Not able to configure firewall rules by DNS and IP address if required.
• Optional security to lock down requests by IP address
4. What is the estimated use of resources on the ES server, when polling through this instead of polling the automation server directly?
EWS is used therefore the impact in very minimal.
5. What is the file-format and extension of the data file?
The List method describes a CSV file which is organized such that each row contains a unique sample for
a single point. Each row will typically contain a timestamp, value, data source reference, and point reference. This parsing method has the following features:
Features:
• All CSV files large and small are streamed creating a smaller memory footprint while parsing.
• Only valid point reference IDs configured (i.e. from CW Connect or through local config) and found in the CSV file are pushed to Interpreter.
• The Data Source Reference ID may be obtained from the following sources: Parent directory name being
monitored, a static configuration value, or a user configurable column ID found in the CSV file.
• The Point Reference ID may be obtained from the following source: A user configurable column ID found in the CSV file.
• Date and Time may be in separate columns.
• Date and Time may be in the same column.
Universal Parser: Table Method 3
The Table method describes a CSV file which is organized such that a row exists which contains all point names, often called the "point info row", and below this row all point values and timestamps will be located. This parsing method has the following features:
Features:
• All CSV files large and small are streamed creating a smaller memory footprint while parsing.
• Only valid point reference IDs configured (i.e. from CW Connect or through local config) and found in the CSV file are pushed to Interpreter.
• The Data Source Reference ID may be obtained from the following sources: Parent directory name being
monitored, a static configuration value, the as-is file name being parsed, a particular CSV cell above the
point info row, or a location in a CSV column which is below the point info row.
• The Point Reference IDs: The point info row is dynamically found by the DTS by matching criteria set by the
user. This allows a single DTS install the flexibility to parse multiple Table style CSV files where the point info row may exist in varying locations.
• Date and Time may be in separate columns below the point info row.
• Date and Time may be in the same column below the point info row.#
Example
Site Information:
Officeworks - Highett
Officeworks - Highett
Controller: AC1
Controller description: Retail - Rear
Parent Pack:
Parent Pack Description:
Status: Online
Time,Date,Control Temp {Deg. C},Zone Temp {Deg. C},Return Air Temp {Deg.
C},Outside Air Temp {Deg. C},Cooling Setpoint {Deg. C},Heating Setpoint {Deg.
C},TPI Target {Deg. C},OA Probe {Deg. C},GP Timer {},Supply Fan {},Cooling
{},Heating {},Stage 1 {},Stage 2 {},Economy Damper {%},Fault Relay {},Fire Relay
{},OA Temp {},Cool Reset {},Heat Reset {},Econ Reset {},RA Temp {},Control State
{},TPI {}
00:00:00,22/02/18,22.3,22.3,21.6,25.7,22.0,19.0,22.0,?????,On,On,On,Off,On,Off,0 .0,Off,Off,25.7,Off,Off,Off,21.6,Cooling,?????
00:15:00,22/02/18,22.7,22.7,22.0,26.0,22.0,19.0,22.0,?????,Off,Off,Off,Off,Off,O ff,0.0,Off,Off,26.0,Off,Off,Off,22.0,Off,?????
00:30:00,22/02/18,22.9,22.9,22.5,26.0,22.0,19.0,22.0,?????,Off,Off,Off,Off,Off,O ff,0.0,Off,Off,26.0,Off,Off,Off,22.5,Off,?????
00:45:00,22/02/18,23.0,23.0,22.7,25.7,22.0,19.0,22.0,?????,Off,Off,Off,Off,Off,O ff,0.0,Off,Off,25.7,Off,Off,Off,22.7,Off,?????
01:00:00,22/02/18,23.1,23.1,22.7,26.0,22.0,19.0,22.0,?????,Off,Off,Off,Off,Off,O ff,0.0,Off,Off,26.0,Off,Off,Off,22.7,Off,?????
01:15:00,22/02/18,23.3,23.3,22.6,26.2,22.0,19.0,22.0,?????,Off,Off,Off,Off,Off,O ff,0.0,Off,Off,26.2,Off,Off,Off,22.6,Off,?????
01:30:00,22/02/18,23.4,23.4,22.5,26.0,22.0,19.0,22.0,?????,Off,Off,Off,Off,Off,O ff,0.0,Off,Off,26.0,Off,Off,Off,22.5,Off,?????
01:45:00,22/02/18,23.4,23.4,22.2,25.7,22.0,19.0,22.0,?????,Off,Off,Off,Off,Off,O ff,0.0,Off,Off,25.7,Off,Off,Off,22.2,Off,?????
02:00:00,22/02/18,23.4,23.4,22.2,25.7,22.0,19.0,22.0,?????,Off,Off,Off,Off,Off,O ff,0.0,Off,Off,25.7,Off,Off,Off,22.2,Off,?????
The KGS parser provides a simple way to upload data.
By design, this method has a minimum number of configuration keys and a simplified CSV format.
• This method is intended to be uploaded once a day.
KGS driver expects lines in the CSV in the following format:
Demo_AHU-2,CoolingCoilValve,0.366034,12/1/2020 0:00
Demo_AHU-2,CoolingCoilValve,0.352827,12/1/2020 0:05
Demo_AHU-2,CoolingCoilValve,0.338367,12/1/2020 0:05
Demo_AHU-2,CoolingCoilValve,0.32544,12/1/2020 0:05
Demo_AHU-2,CoolingCoilValve,0.310596,12/1/2020 0:05
...
Data Source Reference ID[0], Point Reference Id[1], Point Value[2], DateTime stamp[3]
Row and Column data are zero (0) based.