Security transcends common solutions as new interconnection possibilities arise. What used to be a physical security industry synonymous with closed systems and proprietary operating protocols is now an open, networking and internet-protocol-based market fostering generous possibilities and integrations for contractors to offer expanded capabilities and services to customers.
This changed landscape promotes greater interconnection between different devices and operating technology. The move to open, integrated systems—a decades-long process—is resonating soundly throughout the security industry and with it comes unbridled opportunity for contractors.
Forces of integration
One of the most significant forces driving greater integration comes after years of working toward open standards for physical security technology. With standards and conformance documents leading the way—from organizations such as ONVIF, PSIA and the Security Industry Association (SIA), security contractors and manufacturers can set their sights on facilitating greater integration between technologies such as video, intrusion, access control, building automation, lighting, operating controls and many more.
Approved as an international standard by the International Electrotechnical Commission (IEC) in June, SIA’s Open Supervised Device Protocol (OSDP) underwent formal development by the organization’s working group beginning in 2011. The access control communications standard, IEC 60839-11-5, is designed to improve interoperability among access control and security products. Now, the industry can follow an international standard designed to bring higher security and greater functionality to new and legacy access control solutions.
As far as its impact on facilitating integrations between devices, OSDP is a huge step forward, according to Steve Rogers, certified smart card industry professional and president of IQ Devices, Carmel Valley, Calif. Rogers, co-chair of the SIA OSDP working group, said the standard fosters interoperability among multiple security devices and system architecture in a viable, long-term solution that increases the opportunity for end-users to bring in new technologies while installers expand beyond physical access control into information technology and networking or logical controls.
“There are many positive aspects to standards-based open architecture,” Rogers said. “As long as you build to that standard, you can communicate with any of the devices. OSDP simplifies all the steps of implementation, and end-users are in control of their destiny in adding new integrations.”
Reliance on Wiegand communications wasn’t going to cut it anymore, he added, especially because critical infrastructure and other applications were requiring bidirectional secure communications between the reader and the controller.
OSDP with Secure Channel Protocol (SCP) supports AES-128 encryption required in U.S. federal government applications. Additionally, it constantly monitors wiring to protect against tampering and removing the guesswork since encryption and authentication are predefined. OSDP supports advanced smartcard technology applications, including PKI/FICAM and biometrics, as well as other enhanced authentication protocols used in applications that require Federal Information Processing Standards (FIPS).
Integration at a systems level
OSDP for access control is only one piece of the puzzle, said Benjamin Butchko, president and CEO of Butchko Inc., Superior, Colo., a consultancy focused on matching appropriate solutions with problems or challenges.
“OSDP and standards at the equipment level (between the reader and the panel) is one piece of the spectrum of integration. Integration of systems like access control with intrusion detection, with communications, audio, video, command and control, business management or with industrial control systems is another level,” Butchko said.
“At that point, what you need is an information system in the back end that processes and consumes all that data, connecting to other databases, like procurement, HR systems and inventory control. Those types of integrations are feasible, but it’s complex work and takes a very progressive company to pursue this type of elegant solution,” he said.
Butchko said system integrators need to understand computer operating systems and how to diagnose broken data connections as they move into integration.
“They need to know more than the features of the product and [know] instead the IT infrastructure it’s built on and how to diagnose problems. The more they want to climb the scale of integration at the systems level, the greater the need to develop knowledge on computer science, networking and operating systems,” he said.
Butchko, who grew up in the engineering world, added that complex integrations should be saved for when they provide significant benefit to the end-user and bring in extra value such as a lower total cost of ownership over the life cycle of the implementation.
“Be selective of where you invest in integration efforts. Otherwise, you keep them as simple as possible because they are less expensive to maintain,” he said.
Mark Bennett, CPP, CSC and founder/principal of MSB Security Consulting Inc., Austin, Texas, said for a high level of integration, he specifies either a unified security management platform or that the contractor he is working with has a testing program for firmware updates before installing on a live system. They also need to recertify the integration after the update.
Achieving integration requires a look at existing systems in place (access control and video management) and determining if there are existing integrations with in-place systems or another system that has supported an integration, Bennett said.
“Historically, access control has been the dog and the video management system the tail, but that is changing where you see cameras using analytics to monitor intrusion and other environment variables. It usually requires an independent consultant to conduct a needs assessment and cost-benefit analysis to determine if existing systems are worth keeping or if a complete system replacement would be a more cost-effective option in the long run because of warranties and the product lifecycle. We generally see systems going through major upgrades or replacement every five to seven years,” he said.
Bennett is seeing increased interest in achieving energy savings in multitenant buildings from integrations with building automation controls and HVAC.
“Monitoring weather and civil unrest is also a possibility for companies who have employees traveling to areas where there’s a weather-related event or some type of protest or health issue (COVID-19) that could impact their ability to do their job or possibly endanger the individual,” he said.
As physical security continues to migrate to IT networking, one must integrate more software-related protocols and servers used in manufacturing and building automation standards, said Jean-Pierre Picard, product marketing manager at Genetec Inc., Montreal.
“Integration is moving to framework and protocol integration, and the next step to it moving forward is general data integration, with the ability to bring in external information at the data level. This is being driven by the operations side of the business. It’s not just about physical security, but lighting, manufacturing and distribution chain processes and control systems, where it’s too much work to create one-to-one integrations,” he said.
Vertical business units are capturing a host of new possibilities and trends in bringing systems together, Picard said.
“The variety of integration is just astounding. Airports, for example, require building automation and operational system integration. They want to bring in radar, baggage tracking and flight routing systems,” he said. “We are also seeing interest in integrations that help establish automated response, such as drone surveillance. We’ve seen an uptick in location tracking and tracking occupancy. As the physical security industry moves away from a simple hardware to software, it’s gotten people thinking about new ideas for deployment.”