September 16, 2020

Facility Cybersecurity Framework Best Practices

Sri Gourisetti
Hayden Reeve
Julia Rotondo
Grant Richards


Federal facilities are increasingly adopting automation and connecting to the Internet creating an energy-internet-of-things environment that converges operational technology (OT) and information technology (IT). Today's buildings increasingly weave together networked sensors and cyber and physical systems that enable data to be collected, aggregated, exchanged, stored and monetized in new ways. Building technological advances have created new energy technology, services, markets and value creation opportunities (e.g. transactive energy, two-way grid communications, machine learning, and increased use of renewable and distributed energy resources). But as larger data sets are being exchanged at faster speeds between an increasing number of OT systems, it becomes more difficult to protect the security of the data lifecycle and the physical equipment it interacts with. These challenges are especially difficult to overcome because the economic and environmental gain (interoperability, big data, social networks and ubiquitous information sharing) are driving these prominent trends in the digital age. Often cybersecurity is an afterthought.

Revised: September 16, 2020 | Published: August 30, 2020


Gourisetti S.G., H. Reeve, J.A. Rotondo, and G.T. Richards. 2020. Facility Cybersecurity Framework Best Practices. PNNL-30291. Richland, WA: Pacific Northwest National Laboratory.