Core principles

Reliable Controls supports three secure remote access configurations, all managable via RC-RemoteAccess software:

• BACnet Broadcast Management Device (BBMD): Uses IP to segment networks and leverages BBMDs to forward broadcasts across networks.
• BACnet Secure Connect (B/SC): Uses the B/SC protocol for security and encryption if you specify client certificates in the BACnet Secure Network. Configure clients to connect using the B/SC protocol, which uses TLS-encrypted WebSocket connections with certificate-based authentication.
• BACnet Virtual Private Network (B/VPN): Uses Reliable Controls proprietary security and encryption methods. Configure clients to connect using the B/SN protocol.

Use the following table to determine which configuration best suits your system:

BACnet Secure Connect (B/SC) is a secure evolution of the BACnet protocol that uses TLS 1.3 encryption, digital certificates, and mutual authentication to safeguard device communications from unauthorized access and network threats.

Reliable Controls products support B/SC through RC-RemoteAccess, which simplifies secure deployment by acting as a B/SC hub for encrypted communications between connected devices.

Reliable Controls solutions that support secure communications—such as B/SC and RC-RemoteAccess--use TLS 1.3 with strong cipher suites and X.509 digital certificates to ensure encrypted, authenticated, and tamper-resistant data exchange.

For web-based products RC-WebView and RC-Reporter, secure communications to users are handled through Microsoft Internet Information Services. The highest support TLS version depends on the Windows Server version used:

• Windows Server 2016 or later supports TLS 1.2
• Windows Server 2022 or later supports TLS 1.3

System and Organization Controls 2 (SOC2) compliance indicates how an organization protects customer data and provides security through IT and OT services using five criteria: security, availability, processing integrity, confidentiality, and privacy.

SOC2 compliance generally applies to the governance around an implemented system and as such applies to the organization and infrastructure that hosts these services. Reliable Controls software products are on-premise solutions. We are unable to get SOC2 certification directly, but we work with our implementers and hosting service providers to adhere to SOC2. Our products are positioned to comply with the security, availability, processing integrity, confidentiality, and privacy criteria with:

1. Configuration and engineering: Software that is used to configure and program requires authentication to connect to a system through a system user. Our tools are configurable to require secure connection.
2. SSL/TLS encryption: Data transmitted within and outside the building automation system network can be protected with industry-standard encryption.
3. Access control: System users can be configured with unique credentials and specific rights and permissions. Additional configuration using SAML authentication can provide more options. Web-based users of RC-WebView, RC-Reporter, and the MACH-ProWeb BUI can also be granted unique credentials and permissions.
4. Password management: Enhanced password administration can require users to meet strict password strength requirements.
5. Privacy and confidentiality: Data stored in any software database or within the distributed building automation system is limited to information required to manage and report on system functionality. Access to data and audit trails is restricted to users with permission. Our products to not explicitly collect or retain personally identifiable information, minimizing customer privacy risk.
6. Change approval: Additional controls are available that enforce a change approval password for changes that impact a connected system. This provides compliance with Title 21 CFR Part 11.

We are committed to ensuring our products meet the requirements of the EU Cyber Resilience Act, including secure-by-design principles, vulnerability handling, and transparency obligations. We are aligning our processes and products with its requirements and remain committed to achieving compliance with all obligations as they become applicable under the Act's implementation timeline.

Yes. We complete software bills of materials reports for all software products to improve transparency, supply chain visibility, and vulnerability tracking. Software bills of materials are available on request through our Tech Support team.

Reliable Controls provides secure deployment guidance through our dealer network, including recommendations for network segmentation, access controls, B/SC setup, and secure remote access. Customers are encouraged to consult their dealer and request secure configuration options tailored to their building and IT policies.