The U.S. Department of Energy's Federal Energy Management Program (FEMP) has published findings from the concluded Federal Smart Buildings Accelerator (FSBA), outlining structural procurement reforms and interoperability mandates now shaping how federal agencies deploy building automation systems (BAS) and grid-interactive efficient building (GEB) technologies across a portfolio of more than 300,000 facilities.
Background
Authorized under Section 1007 of the Energy Act of 2020, the FSBA was launched by FEMP to accelerate adoption of smart building and GEB technologies across federal facilities. The program operated from its public introduction at Energy Exchange 2022 through September 2024, during which FEMP provided education, technical assistance, and facility assessments to agencies of varying size and mission profile. The accelerator ran in parallel with a broader General Services Administration (GSA) push to align facility standards-most visibly through the 2024 update to the P100 Facilities Standards for the Public Buildings Service, which established mandatory design and construction criteria for 300,000 federal buildings nationwide and formally required GEB measures across new and renovated properties.
GSA's own Smart Buildings directive, updated in 2024, established policy requirements to promote interoperability between devices through open protocol systems, implement cybersecurity best practices across IP-networked building systems, and incorporate cyber supply chain risk management (C-SCRM) principles. The GSA Building Technologies Technical Reference Guide (BTTRG) Version 3.0, issued in May 2024, reinforced these requirements by mandating that controls must be native BACnet, all new networked federal building monitoring and control systems must be IPv6 capable, and Building Systems Network (BSN) servers must hold a FISMA Moderate Authority to Operate (ATO).
Details
The Oklahoma City Federal Building, a flagship FSBA demonstration project completed in May 2023, has produced concrete performance data now informing portfolio-wide rollout strategy. The project is expected to reduce energy use by 41%, cut 3,100 metric tons of carbon emissions, and save approximately $400,000 annually in energy and water costs. The retrofit deployed solar photovoltaic generation, battery energy storage (BESS), lighting controls, and new HVAC controls under a utility energy service contract with Oklahoma Gas & Electric, with energy services firm Ameresco as the delivery partner. Funding was supported through a DOE grant and GSA appropriations totaling approximately $11 million. According to GSA, the project demonstrated that GEB-ready strategies can be deployed across buildings with minimal investment, and its findings are intended to serve as a replicable model for future retrofits.
FSBA assessment data also surfaced systemic obstacles. FEMP reported that while interest in GEB and energy management information system (EMIS) software was high across all agency types, agencies faced significant barriers including limited staffing, restricted maintenance budgets, and knowledge gaps around implementation pathways. Specifically, FEMP found that limited funding for maintenance left many agencies unable to significantly upgrade building equipment to enable measurable energy shift and savings.
On the cybersecurity front, operational technology (OT) requirements in federal BAS procurement are tightening under parallel regulatory tracks. The Office of Management and Budget (OMB) directed 23 civilian agencies covered by the IoT Cybersecurity Improvement Act of 2020 to inventory connected devices and establish cybersecurity waivers-yet many agencies had not fully met the OMB-established deadline of September 30, 2024. According to a December 2024 Government Accountability Office (GAO) report, OMB is coordinating a cross-agency working group to develop OT and IoT security best-practice playbooks that may specifically address building management systems. Separately, the Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025 (H.R. 872), passed by the U.S. House of Representatives, would require vendors managing or interfacing with automated control systems in smart buildings to establish formal Vulnerability Disclosure Policies (VDPs). The bill awaits Senate approval.
Outlook
The FSBA findings are expected to directly inform FEMP's next phase of GEB support programming, with continued emphasis on performance contracting vehicles such as Energy Savings Performance Contracts (ESPCs) and Utility Energy Service Contracts (UESCs) to bridge funding gaps at agencies with constrained capital budgets. For vendors, system integrators, and MEP consultants pursuing federal work, compliance with native BACnet protocols, IPv6 readiness, FISMA-compliant network architecture, and evolving OT cybersecurity disclosure requirements is increasingly a prerequisite rather than a differentiator. Agencies with large facility portfolios should anticipate that FEMP's GEB screening and prioritization tools-developed and validated through the FSBA-will be embedded in future procurement and performance contract specifications.
