GSAPBS_Annual-BAS-Enterprise-RFI_2026

The U.S. General Services Administration (GSA), Public Buildings Service (PBS), is conducting market research to identify potential manufacturers of Building Automation System (BAS) integration software and equipment which (1) does not require secondary or 3rd party programming software tools to support controllers; and (2) utilizes block-logic (wiresheet) programming methodology which requires no additional software tools or licensing to operate. These hardware and software solutions would (1) be required to be installed, serviced, and supported by any business qualified to do so; (2) not be limited to specific manufacturers; and (3) be non-proprietary. The BAS, is a system controlling and monitoring building HVAC, and possibly other systems (e.g., lighting, utility monitoring, etc.), including devices such as field and global controllers, instrumentation, networking infrastructure, computers, virtual servers, and peripherals, software, programming, database files, and licenses.

GSA PBS has implemented, and is exploring the feasibility of continuing the standardization of an  enterprise-wide BAS solution across its building inventory, utilizing a single system for all new BAS installations in new construction, and upgrading/replacing existing BAS as the end of useful life is reached in a facility. GSA PBS has identified several buildings in its portfolio which will require a system replacement as soon as possible due to already reaching end of useful life.

Objectives for an enterprise-wide BAS solution include:

• Reduce IT security resource and personnel lift while supporting readiness for future IT initiatives.
• Standardize BAS hardware/software solutions that support Internet Protocol version 6 (IPv6) as GSA IT moves to transition from IPv4 in compliance with OMB Memo M-21-07.
• Further consolidate BAS Virtual Servers by consolidating multiple like-system buildings within regions to a single server.
• Reduce cost to GSA for server licensing fees, patching, updates and man-power by requiring fewer Virtual Machines (VM) which meets the server reduction requirement in OMB Memo M-19-19.
• Reduce GSA IT personnel time associated with scanning and remediating software and hardware for use on the Building Systems Network (BSN). Steps required for each different network device currently include:
  • Device scanning for vulnerabilities
  • Creating Security Assessments Reports
  • Working with Vendor/Manufacturer to correct vulnerabilities
  • Complete remediation
  • Keep devices compliant
  • Rescan every three years or if there is a major version upgrade release.
• Simplify Operation and Maintenance (O&M) contracts and training due to the number of disparate BAS systems across the portfolio. Having a single type of system that can be offered and supported by any certified vendor will provide more efficient methods for O&M handoff, training, expectations, and pricing.
• Simplify National-Level program integrations by standardizing on a common BAS platform. This will allow additional automated capabilities and reduced cost for integrations for:
  • GSA’s Fault Detection & Diagnostic system,
  • National Computerized Maintenance & Management System (NCMMS),
  • Unified User Interface (GSAview) to integrate disparate systems into one interface, and 
  • Advanced Metering

• Simplify procurement of Software Maintenance Agreements (SMAs) by standardizing on a common BAS platform. SMAs allow GSA to better upgrade and support systems and keep them up-to-date with IT Security vulnerabilities. Standardizing a common BAS platform would make the normalization, planning, and execution of procuring long-term SMAs more efficient and cost effective.
• Reduce time of deployment and complete projects more quickly and efficiently by standardizing on a common BAS platform. This will allow templates to be created for the various mechanical system types which include alarming, trending, and graphics that can be rapidly deployed on any project and could be customized by region.
• Simplify cost estimation of multiple large-scale projects by standardizing on a common BAS platform. Standardized pricing and established expectations will simplify and reduce the time it takes to develop Independent Government Estimates and Scopes of Work for projects and will reduce guesswork.
• Reduce the necessity of 3rd Party (or manufacturer provided) proprietary software tools that must be utilized to support field devices or programming needs. Each of these software tools must also be scanned and remediated by GSA IT for use on the BSN.
• Allow support for new emerging technologies like Cloud-based BAS, also known as BAS As A Service (BaaS). Standardizing on a single BAS system will reduce the number of tools that must be sponsored and supported for FedRAMP as more vendors move to that support model.

Although a single solution may be identified, it would be PBS’ intention to maximize the utilization of small business through authorized small business resellers for installation services as well as subcontracting opportunities for ongoing maintenance through a facility’s O&M contract. The acquisition strategy for future procurements that require installation of BAS software and equipment will be determined on a case-by-case basis, but may include the following:

• Stand-alone contract or GSA Schedule order for installation of a new BAS
• Subcontracting opportunities for authorized small business resellers through a construction contract or O&M contract

To assist in developing a strategy for an enterprise-wide BAS solution, GSA PBS is issuing this RFI to seek information from BAS integrators, providers, and/or manufacturers.

Interested vendors are requested to respond to this RFI by May 13th at 3:00PM Eastern, to jacqueline.desimone@gsa.gov, with the information outlined below:

1. Company Information

• Name of firm
• Point of contact (name, phone number, and email address)
• DUNS number
• Business Size (Large/Small) for NAICS 561210
• Socioeconomic Category(ies) (8(a), HUBZone, SDVOSB, WOSB)
• GSA Schedule Contract Number (If Applicable)

2. Capabilities Narrative

• Systems offerings: Provide information regarding the integration software and equipment that your company offers for Building Automation and Control Systems. At a minimum, we request that the following documentation and information be provided that identify or demonstrate:
  
  • Proposed BAS support of emerging technologies and services like Cloud-based BAS, also known as BAS As A Service (BaaS) or Hardware as a Service (HaaS).
  • BAS hardware and software as an Open-source solution that meets GSA requirements for Open-protocol (BACnet, MODbus, LonWorks) communications.
  • BAS hardware and software solutions that can be installed, serviced, and supported by any business qualified to do so and shall not be limited to specific manufacturers.
  • BAS hardware and software that does not require secondary or 3rd Party proprietary programming software tools for support and utilizes block-logic (wiresheet) programming methodology which requires no additional software tools or licensing to program, modify, or operate.
  • Proposed BAS Software Maintenance Agreement model and plans for supporting continuous maintenance (minor and major software updates) on the systems.
  • BAS hardware and software that fully supports and is capable of utilizing Internet Protocol version 6 (IPv6).
  • Solution roadmap for end-of-life components
  • Strategy for addressing vulnerabilities and patching for newly discovered vulnerabilities, as well as monthly security patching requirements.
  • Availability of nationwide coverage of authorized small business resellers

• FedRamp certification: Describe any current or in-process FedRamp certifications for a proposed cloud-based BAS software. If the proposed solutions are not yet FedRamp certified, please provide a narrative describing your willingness and approach to obtaining certification.
• Supply Chain Risk Management (SCRM): Provide responses to the following questions pertaining to National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Rev 5.2.0 Controls, SP 800-161 Rev. 1, and the Cybersecurity Framework (CSF 2.0). If an answer is “no”, please provide further explanation:
  • Does/will your organization have a SCRM Plan that aligns with NIST SP 800-161 Rev. 1, Supply Chain Risk Management Practices for Federal Information Systems and Organizations?
  • Does your organization have written SCRM requirements in contracts with your suppliers?
  • Does your organization verify that your suppliers meet SCRM requirements through contractual terms and conditions?
  • Does your organization have documented procedures to detect cybersecurity threats and attacks?

• Examples: Provide examples of current or past (within the last 5 years) offered systems that cover multiple buildings, or an enterprise-wide solution, that meet most or all of the requirements outlined in this Request for Information. At a minimum, please include the following information:
  
  • Building size(s) and location (indicate if government, educational, or commercial)
  • Make/model of system
  • At minimum, provide one (1) example of the proposed system type being utilized as an “overlay” integrated to one or more core system types that may or may not be proprietary in nature but normalized to a single platform.
  • At minimum, provide one (1) example of the proposed system type being utilized for a project in which the previous hardware and software within a building was completely removed and replaced with new equipment and software.

3. Additional Information

• Please include any other information and/or recommendations to assist GSA PBS in its structuring of this requirement to maximize small business participation, its approach to acquiring an enterprise-wide solution, and the manner in which requirements are described for the identified items/services.

Please limit responses to no more than fifteen (15) pages (excluding brochures, and listings of authorized resellers), and submit in either Microsoft Word or PDF file format. It is recommended to submit the information in the format as outlined above to minimize the effort of the respondent and structure the responses for ease of analysis by the Government.

This notice does not constitute a Request for Quote (RFQ)/Invitation for Bid (IFB)/Request for Proposal (RFP) or a promise to issue an RFQ, IFB, or RFP in the future. This notice does not commit GSA to contract for any supply or service. Further, GSA is not seeking quotes, bids or proposals at this time and will not accept unsolicited proposals in response to this sources sought notice. GSA will not pay for any information or administrative costs incurred in response to this notice. Submittals will not be returned to the responder.

All questions regarding this RFI must be submitted by email to jacqueline.desimone@gsa.gov.