Building Information Modelling (BIM) is a new form of information processing and collaboration for construction projects with data embedded within a model. The UK Government mandated the use of BIM in 2011 in the Government Construction Strategy.
The British Standards Institute has published PAS 1192 as the standard for how to implement BIM. Section 5 of the standard provides guidance on how to keep BIM models and the information on the buildings they represent safe from cyber threats, during the design, construction and operational phases.
PAS 1192-5 specifies requirements for security-minded management of BIM and digital built environments. It outlines the cyber-security vulnerabilities to hostile attack when using BIM and provides an assessment process to determine the levels of cyber-security for BIM collaboration which should be applied during all phases of the site and building lifecycle.
The data involved in modern construction projects has the potential to reveal much of what is of interest to external threat actors. Such data needs to be safe from threats – and remain that way through the life of the building.
Architects and builders should be able to demonstrate that they understand customer concerns over sensitive information and put appropriate security measures in place. Similarly organisations outsourcing projects need to be intelligent customers who understand the risks to their information and put cyber security requirements into contracts.
That’s why the cyber security aspects of BIM are of relevance to any organisation working with BIM, digital built environments and smart asset management.
Ascentor has experience in developing a strategy for implementing the security aspects of BIM.
We understand the information security concerns around integrating sensitive information in models that have to be shared digitally with multiple users and have developed a pragmatic approach to assessing and managing the risks of BIM in Common Data Environments and down the supply chain companies.
We can help organisations either as intelligent customers seeking to ensure that their information is secure during such projects or as intelligent suppliers demonstrating that they can manage customer information in a challenging scenario.