When a software vendor tells you they integrate with your BMS via BACnet/IP, what does that actually mean? Most facilities managers know BACnet exists — it's in every controls contractor's proposal — but the specifics of how the protocol works are usually left to the controls engineer. Here is what you actually need to understand to evaluate BMS integration claims intelligently.
BACnet in One Paragraph
BACnet (Building Automation and Control Networks) is an ASHRAE standard (ASHRAE 135) for communication between building automation devices. It defines a common language for how controllers, sensors, actuators, and supervisory systems exchange data. BACnet/IP is the variant that runs over standard TCP/IP networks — meaning your BMS network is accessible through the same kind of networking infrastructure as your office LAN, which is why software applications can connect to it without specialized hardware.
Before BACnet became dominant in the 1990s and 2000s, building automation systems used proprietary protocols: Siemens talked to Siemens, JCI talked to JCI, and connecting them to anything external required expensive gateways or full system replacement. BACnet standardized enough of the communication model that third-party applications can read data from and write commands to a BMS without needing the original vendor's software — provided they have network access and appropriate credentials.
Objects and Properties: The Core Model
Everything in a BACnet system is represented as an object. Each object has a type and properties. The object types relevant to HVAC control are:
Analog Input (AI): A sensor reading — zone air temperature, outdoor air temperature, supply air temperature, CO2 concentration. These are read-only from the BMS perspective; the value comes from physical sensors and cannot be directly written by an external application.
Analog Output (AO): A control output — a valve position, damper position, fan speed. These are typically writable by authorized devices.
Analog Value (AV): A setpoint or calculated parameter — zone cooling setpoint, heating setpoint, occupied/unoccupied setpoint. This is what a predictive control application writes to when it issues a setpoint command. Writing to an AV object is how Celaxis changes a zone's target temperature.
Binary Input / Binary Output (BI/BO): On/off states — occupancy sensor state, fan on/off, chiller enable. Binary inputs tell you whether something is on or occupied; binary outputs allow commanding on/off equipment.
Schedule (SCH): The weekly schedule object — the fixed timetable that defines when zones are occupied and what setpoints apply. This is the object that represents "the BMS schedule" when we talk about fixed-schedule operation. Writing to a schedule object is a higher-privilege operation than writing to individual setpoint values.
The Write Priority Array: How Overrides Work
This is the part of BACnet that surprises most facilities managers who haven't worked at the protocol level. BACnet defines a write priority array for writable objects — a ranked list of 16 priority levels from 1 (highest) to 16 (lowest). When multiple sources try to write to the same object, the highest-priority write wins.
Priority 1 is reserved for manual life-safety overrides. Priority 8 is the standard operator override level. Priority 16 is the BMS's own default schedule. When Celaxis writes a new setpoint to an AV object, it writes at priority 8 — the same level as a facilities manager's manual override from the operator workstation. The BMS's scheduled setpoint, written at priority 16, is superseded.
This matters for failsafe behavior: if Celaxis loses connectivity and stops writing to the priority 8 slot, the priority 8 value expires (either on a timer or when the connection drops), and the BMS reverts to its own schedule at priority 16. The building defaults to its normal operation automatically — no manual intervention required. Any software that writes setpoints to a BACnet system and doesn't design its priority handling this way is creating a risk of stuck overrides.
What "Read-Only Integration" Actually Means
When a vendor says their software uses a "read-only BACnet connection," they mean the software reads Analog Input, Analog Value, Binary Input, and Schedule objects to observe building state — but does not write to any AV or AO objects. It cannot change setpoints or issue commands. The BMS continues to operate entirely on its own schedule.
Read-only integration is appropriate for monitoring, fault detection (FDD), energy reporting, and baseline observation. It is not sufficient for predictive control. A system that claims to optimize HVAC scheduling but operates in read-only mode is an analytics tool — it can tell you what happened but cannot act on your behalf.
We're not saying analytics is without value — understanding your baseline before any intervention is important, and FDD tools that find faulty dampers or undersized chiller capacity are useful. But the claim of "HVAC optimization" without write access is a category error. Optimization requires the ability to act.
What Credentials Does a BACnet Connection Require?
BACnet/IP connections can be secured in several ways depending on the BMS platform version and configuration:
Device instance number: Every BACnet device on a network has a unique instance number. Your external software declares itself as a device (with its own instance number) on the BACnet internetwork. The BMS operator configures which instance numbers are trusted and what operations they're allowed to perform.
Network access: The BMS typically runs on a separate OT (operational technology) network segment. To connect an external application, the BMS network needs a route to the application's server — or the application needs to run an agent on a device within the BMS network. This is usually the main IT/OT coordination step: who configures the routing and firewall rules.
BACnet Secure Connect (BACnet/SC): Newer BMS deployments using ASHRAE 135-2020 support BACnet/SC — an encrypted, certificate-based variant that operates over WebSockets. If your BMS supports it, this is the preferred connection method for any third-party application. Siemens Desigo CC and Honeywell Forge have BACnet/SC support in current versions. Older JCI Metasys deployments may still use unencrypted BACnet/IP, in which case network segmentation (keeping the BMS connection on an isolated VLAN) is the primary security control.
How to Ask the Right Questions When Evaluating BMS Software
When any software vendor tells you they integrate with your BMS, here are the specific questions to ask:
"Do you read, or do you also write?" — Read-only = monitoring only. Write = actual control. For optimization, you need write.
"What BACnet write priority do you use?" — Priority 8 is standard operator override. Anything lower (9–16) may be superseded by the BMS's own scheduling. Anything higher (1–7) would override operator manual controls, which is inappropriate for an automated system.
"What happens if your system goes offline?" — The correct answer is: the BMS reverts to its own schedule automatically because the override expires or the priority 8 write clears. If the vendor can't answer this question, treat it as a red flag.
"What BACnet objects do you write to?" — Should be Analog Value objects for setpoints (cooling setpoint, heating setpoint). Writing to Schedule objects (SCH type) is a higher-impact change — it modifies the BMS program rather than issuing an override. Not necessarily wrong, but a different level of intervention to understand.
"What network credentials and access do you require?" — Minimum necessary: a dedicated device instance with read access to AI/BI/AV objects (for observation) and write access to AV setpoint objects only, within declared min/max bounds. No admin credentials. No access to control panels, schedules, or equipment configurations beyond what setpoint control requires.
BACnet is a 30-year-old standard with good documentation and a predictable behavior model when implemented correctly. The integration questions above are standard questions — any competent vendor should answer them without hesitation. If they can't, the integration is probably either not real BACnet or not implemented thoughtfully.