Building-Wide Access Integration in Milan High-Rise Complexes

Electronic access control keypad with PIN entry

Multi-tower residential complexes built in Milan over the past decade have moved beyond single-entrance video intercoms toward integrated access architectures that govern every controlled threshold in the building: underground parking gates, bicycle storage, lobby doors, lift cars, rooftop terraces, and dedicated delivery areas. This shift is not driven by security concerns alone but by the operational complexity of managing a building with 50 or more apartments, multiple shared amenities, and a constantly changing population of residents, guests, maintenance personnel, and couriers.

The Milan Case: KNX and Control4 Integration

A documented example from the Milan metropolitan area involves two residential towers comprising 55 apartments across 14 floors each, completed in 2023. The access system was specified around KNX TP as the shared communication bus, with Control4 as the central supervision and event-logging platform. The KNX bus that handles lighting, blinds, and HVAC also carries access control telegrams from door readers, eliminating the need for separate access control cabling.

At each controlled door — 28 points in total across both towers — a KNX-compliant RFID reader operating at 13.56 MHz (MIFARE standard) sends a group telegram on the KNX TP bus when a valid credential is presented. The receiving KNX actuator triggers the associated door strike or electromagnetic lock. The Control4 controller logs each access event with a timestamp and credential identifier, making the audit trail accessible to the building administrator through a web dashboard.

Credential Types and Their Management

The building operates four distinct credential types, each suited to a different use case:

MIFARE Classic / DESFire EV2 smartcards — issued to all residents at handover, programmed with apartment number and access permissions. Revoked at the building management portal without physical card collection.
PIN codes — 6-digit codes assigned to individual residents for occasions when they forget their card. Codes are time-limited by default and expire after 90 days unless renewed through the portal.
QR codes — time-limited tokens generated through the Control4 app and sent by residents to guests or repair technicians. A QR code for a plumber arriving Thursday between 9:00 and 12:00 is valid only at the lobby door during that window. After expiry, the token is automatically invalidated with no manual intervention required.
BLE Bluetooth proximity — supported on select Eelectron 9025 readers, which combine MIFARE RFID with Bluetooth Low Energy (iBeacon / Eddystone). A resident's smartphone broadcasting the correct BLE token at the reader can trigger door release without any physical action, provided the app is in the foreground within 1 to 2 metres.

Lift Integration

Lift access control in Milan high-rises is typically implemented as floor-destination restriction rather than lift-entry restriction. A resident presenting credentials at the ground floor lobby enters the lift freely; the KNX system limits which floor destination buttons are illuminated based on the credential's permission set. Residents of the 8th floor can select floors 1 through 8 and the basement parking; they cannot select penthouse floors 13 and 14, which have a separate lift-lobby access reader.

The 2N Access Unit 2.0 is one device deployed in this configuration. It supports both RFID credential reading and WaveKey, which is 2N's Bluetooth-based contactless access method. With WaveKey, the reader detects an authorised smartphone within its BLE range and unlocks the lift-floor selector without the resident needing to locate and tap a physical card. In buildings where lifts are accessed multiple times daily, the friction reduction of proximity-based access is practically significant for elderly residents and those carrying luggage or children.

KNX Data Secure protocol encrypts access telegrams on the bus, preventing replay attacks that were possible with earlier unencrypted KNX implementations.

Delivery and Temporary Access Management

Parcel delivery has become one of the most complex operational problems in high-density residential buildings. The Milan case study uses an Amazon Locker integration in which a dedicated alcove off the ground floor lobby contains locker units. The intercom panel at the building entrance accepts QR codes from courier apps, granting temporary access to the lobby and the locker alcove only, without allowing access to residential floors. The QR token is generated by the locker system and embedded in the courier's delivery notification; it expires 4 hours after the scheduled delivery window.

For deliveries requiring resident collection at the apartment door — furniture, appliances, supervised deliveries — the resident generates a time-limited QR through the Control4 app and sends it to the courier. The courier gains lobby access only; the resident's apartment floor access requires a separate code which the resident issues at their discretion. This two-tier temporary access model reduces the building's exposure to unauthorised floor access while making ground-floor deliveries operationally independent of resident presence.

KNX Data Secure: Protecting the Access Bus

Earlier KNX implementations transmitted access telegrams in plaintext on the TP bus, which made them theoretically vulnerable to replay attacks where an attacker recorded a valid door-open telegram and retransmitted it later. KNX Data Secure, standardised in IEC 61784-6 and available on devices since approximately 2020, adds AES-128 encryption and message authentication to individual telegrams. The Eelectron 9025 series and Blumotix KNX RFID keypads both support KNX Data Secure.

Configuration requires ETS5 (version 5.6 or later) or ETS6, which handles key assignment and secure group address configuration. The installation complexity is higher than for standard KNX access devices — key provisioning must be performed carefully and documented, as lost device keys require physical device reset and ETS reconfiguration. In practice, installers handling KNX Data Secure projects typically have dedicated ETS training and document key material in a project-locked archive.

Remote Management and Building Administrator Access

Cloud-based dashboards for building access management shift administrative work from the building administrator's desk to any device with a browser. In the Milan case, the building administrator can perform the following actions without a site visit:

Add or revoke resident RFID card credentials
Generate temporary QR access tokens for contractors
View timestamped access logs with credential identifiers for any door point
Configure door-open schedules (e.g. bicycle storage door unlocked Monday through Saturday 6:00–22:00)
Push firmware updates to KNX access readers during off-peak hours
Receive push notifications on unusual access events (e.g. door held open for more than 30 seconds)

These capabilities correspond directly to the reduction in management overhead that justifies the higher initial specification cost of integrated systems versus standalone locks or simple key-code pads.

Considerations for Older Milan Buildings

The integrated architecture described above is feasible in new-build projects where KNX cabling is specified from the outset. Applying the same architecture to a 1960s Milan condominium is substantially more complex. KNX TP cable cannot share a conduit with 230V power circuits, so separate conduit runs are required. The condominium assembly must approve structural works, and the cost of adding 28 KNX-connected access points to an existing building typically runs to four or five times the cost of equivalent new-build installation.

A more practical approach for existing Italian buildings is a hybrid architecture: IP-based door stations at the main entrance (replacing the analogue intercom), standalone RFID access readers at secondary access points (not KNX-connected, managed via their own IP interface), and a light-touch access management portal that handles credential issuance without full building automation integration. This hybrid approach sacrifices the event-logging depth and automation triggers of a full KNX system but delivers most of the resident-facing functionality at significantly lower infrastructure cost.