HPAC Magazine

Is the Internet of Things an HVAC thing?

August 20, 2019 | By Ian McTeer

I developed an intense interest in science and technology while watching the adventures of Captain Kirk and crew on the starship Enterprise on an old black and white television as a kid in the 1960s. Cruising through the heavens at many times the speed of light, teleporting crews to various planets, and diagnosing illness or injury using a handheld device among many other feats of fancy; yes, these could be real one day.

Yet, thinking about it now, I wonder if Kirk’s refrigerator could order fresh supplies or if his advanced mobile device could, using geofencing, open his garage door, turn on some lights and activate the HVAC system. Oh, but the Internet of Things (IoT) was probably old hat for Kirk and his contemporaries.

Figure 1

I advanced from cleaning furnace pilot burners to setting up a local Z-wave network in what seem to be a progression comparable to the speed of light. In 2008, my job as a field service representative with the residential business of Trane Canada took a dramatic shift into the world of internet based technology.

Ingersoll Rand (IR) had acquired Trane that year promising shareholders a great adventure in finding the elusive corporate synergy needed to “enhance the potential for improved growth, earnings and cash flow.” Just a few weeks later, I was introduced to the people behind IR’s pioneering entrance into IoT. A sister company called Schlage, a door hardware and security business, had developed a line of high security residential deadbolt door locks that talked to the internet using a Z-wave bridge through a portal called SchlageLink.

Where is the synergy?The newly integrated door lock and HVAC business units, under IR’s umbrella, talked about how a busy HVAC company might want to offer a customer a new deadbolt door lock and Wi-Fi camera as an add-on sale to the HVAC ticket.

It could work, right? What HVAC contractor wouldn’t want to make a few extra dollars changing out a door lock?

Figure 2

I quickly learned that not all doors are the same, especially the hole size and lock set-back from the door’s edge. Schlage’s original deadbolt lock body required a 2 1/8 in. (54 mm) hole in the door. Being a door hole neophyte, I discovered after trying to install a lock at my house, the hole made in my door was only 1 ½ in. (38 mm) and it was chopped out with a chisel, not professionally drilled with a hole saw (as shown in Figure 1).

Figure 3

How does one enlarge such an opening to the required size? I discovered that I could utilize a widely available jig made for undrilled doors to help in enlarging the existing hole out to the 2 1/8” requirement. As you can see in Figure 2, the body of the new lock covered the leftover screw holes. The so-called starter kit consisted of a deadbolt door lock, one Wi-Fi camera, a Z-wave light module and a Z-wave internet portal often called a “bridge” or “hub.” In theory, the consumer would be interested in having the ability to enter several codes into the door lock, maybe one code for the kids, another for mom and dad, and perhaps another for the babysitter.

Figure 4 What a great installation

The system could have been configured so that a child entering his or her code into the deadbolt would not only allow access but also turn on the camera pointed at the door and perhaps a nearby light. The image of the children entering the house would be recorded for the parents to review later or a real time alert may have been sent to one or both parents indicating the children’s codes had been entered.

IR’s home automation kit proved to be ahead of the curve, the term Internet of Things didn’t yet exist in the lexicon. Except for the really tech savvy HVAC diehards, very few industry people knew enough about local area networks (LAN), SSID’s, IP addresses and password protection security.
The starter kit proved to be a non-starter with HVAC contractors. Once we discovered the difficulties involved in setting up a customer’s LAN (including asking embarrassing questions such as “What is your router password”) and the issues related to home routers, the whole exercise fell into the bin of unrequited synergy. The internet was such an innocent place then – leaving the router default password unchanged was no more unusual than leaving one’s front door unlocked back in the day.

Since my first adventures in the IoT field, a cornucopia of IoT devices has flooded the market. At one time, getting a Z-Wave hub into a customer’s home meant additional Z-Wave device sales, but that is so 2008 now.
The hubs sold at big box stores or other supply houses can deal with any radio frequency now – although integrating some of the third-party devices into any given network may not be easy. As well, Apple’s “Siri”, Google’s “Nest Hub” and Amazon’s “Echo” operate as smart hubs that link to many IoT devices.

The internet is commonly described as a global network of interconnected computers. There are so many ways the internet adds value to everyday financial and social transactions that the benefits are incalculable. However, the internet was not designed to resist iniquitous behaviour by criminals and has become something akin to a gladiatorial arena for many users. Even simple coding errors can cause massive disruptions for many. Some examples:

In 2013, hackers stole an HVAC company’s login credentials for Target Stores building automation system and leveraged this access to upload malware onto the Point of Sale system thus gaining access to information about 40 million debit and credit cards in the U.S. Russia and Brazil.

CBC’s Marketplace, hired benevolent hackers to force entry into a family’s DIY home automation system purchased at a big box store. The hackers successfully manipulated the door lock, lights and HVAC system from a vehicle parked in front of the house.

WikiLeaks revealed that the CIA had developed spyware software called “Weeping Angel.” It was used to turn on the microphone in television sets manufactured by a large South Korean conglomerate. The TV’s software also contains credit card details for in-app purchases.

Anything you or your kids say after the wake-up words like “ok Google” or “Alexa” can be overheard and recorded by Amazon and Google. Theoretically, after the command instruction has been enabled, the device should turn off. However, if Alexa hears you talking about buying a new car, expect auto industry ads to start popping up on your social media feeds. Actor James Franco quipped: “My wife asked me why I spoke so softly in the house. I said I was afraid Mark Zuckerberg was listening! She laughed. I laughed. Alexa laughed. Siri laughed.”

In January 2016, a smart thermostat manufacturer pushed out a buggy update that created untold numbers of no-heat situations. The company’s service agreement forbids end-users from suing for damages caused by thermostats failing to operate the furnace properly. This past winter, another manufacturer’s buggy software update caused many furnaces to overheat the building while others simply failed to call for heat.

Whether it is a state actor or a bored teenager, there seems to be a concerted effort by the dark internet underbelly of demented players to hobble an otherwise important tool at least as significant as the Industrial Revolution. IoT devices, cynically known as “malware ready” by those eager to destroy them, are particularly vulnerable.
Bot networks containing Trojan horses and other malware aimed at your network may not crash your devices. Your computer or smart device may be used to attack some other device or turn your device into a storage medium for child pornography and such, all without your knowledge.

In 2017, malware known as “BrickerBot” attacked IoT devices between April and December. BrickerBot’s unknown author claimed to have permanently destroyed over ten million IoT devices.
Recently, a 14-year-old hacker going by the pseudonym “Light Leafon” destroyed over 2000 (and counting) IoT devices using malware he calls “Silex.” Light Leafon boasted on social media that his “project” started as a joke but, as he is having so much fun, it is now become a full-time obsession causing him to drop all his other botnet activities.

Wherever wireless networks exist, there is potentially someone looking to break into it. Hackers known as “war drivers” search for Wi-Fi networks from a moving vehicle using a laptop computer or smartphone to troll a network of interest. Using a GPS device, war drivers can record and later map the location of vulnerable wireless networks. And, wouldn’t you know it, war driving software is freely available on, you guessed it, the internet!

The internet is an awesome tool. HVAC engineers and designers have quick access to mechanical and electrical specifications including submittals and product catalogues; service and installation departments use online Installation, Operation and Maintenance materials and, of course, have the all-important access to parts information. Technicians with smart phones can gather not only written materials about specific products but some manufacturers provide QR codes and other methods to offer video instructions to on-site personnel.

Manufacturers now offer their HVAC customers to remotely monitor end user equipment from a web portal or smartphone app. Some homeowner and commercial Wi-Fi thermostats can transmit precious data to HVAC contractors saving time and money when things go wrong. In fact, a smart thermostat connected to a communicating unit control will send alerts to the service contractor often before the customer knows anything is wrong. The end-user must agree to monitoring, it is as simple as checking a box on the webpage that says something like this: “Allow my registered HVAC dealer to perform remote diagnostics for my air conditioning and/or heating system.”

Smart thermostat manufacturers may offer free lifetime access to the end-user; if the portal can support other smart devices, then the customer might incur an extra monthly fee. For example, Venstar Skyport Cloud Service works with non-aligned HVAC contractors offering a fee-based remote equipment monitoring services to residential and commercial facilities such as health clinics, restaurants and offices. Nexia Home Intelligence is aligned with Trane dealers, while a Carrier dealer can offer remote services through its Infinity System.

Considering the nefarious side of the internet, HVAC contractors, may want to shy away from IoT. Web enabled thermostats will continue to work even if internet connection is lost for whatever reason, but, as we have seen, connected thermostats are not immune from buggy software and botnet attacks designed to destroy the device. Perhaps, as in the animal world, large herds of caribou are somewhat “immune” from predator attacks because it is typically only the weakest members who get taken: the old, the sick and the young are most vulnerable.

In truth, the predators actually perform a service for the herd by removing diseased members and preventing overpopulation. Thus, in the IoT world, the strong security/16-character password types (the herd) are the least likely to be attacked by evil hackers (the predators); then again, perhaps my analogy is a bit too simple?

When things do not work in the internet world, what is an HVAC contractor to do? Maybe the furnace is working, but when it is not talking to the internet whose fault is that? Or, a bot just trashed the thermostat and your e-mail is subsequently spammed with ten-thousand calls for service.

“Captain Kirk, time-warp back and fix our internet, please!” <>

Ian McTeer is an HVAC consultant with 35 years experience in the industry. He was most recently a field rep for Trane Canada DSO. McTeer is a refrigeration mechanic and Class 1 Gas technician.



Stories continue below