Access control systems & kits - Expert commentary

Protect physical assets from cyber-attacks
Protect physical assets from cyber-attacks

Recent cyber-attacks have disabled and even shut down physical assets. Robust foundational security and training staff, able to recognise an attack can help mitigate the threat, as ABB’s Rob Putman explains. Edge devices and data analytics As cyber security specialists, we must navigate an ever-changing threat landscape, one that is made even more complex by the increased interconnectivity between Operational Technology (OT) and Information Technology (IT), as companies look to leverage edge devices and data analytics, as well as remote connectivity, in the wake of the COVID-19 pandemic. As the threat surface evolves, the industry must guard against attacks on key physical infrastructure, carried out by a range of malicious actors, including nation states and criminals intent on blackmail. The chemicals sector, a high-value target for cyber-criminals Cyber-criminals view the chemicals sector, as a high-value target, because of the potential cost In 2017, not long after a ransomware attack that targeted Maersk, the world’s largest shipping firm, made the news around the world. Another cyber-attack, this time targeting physical industrial assets, generated fewer headlines, and yet could have resulted in both real, as well as financial, damage. Cyber-criminals view the chemicals sector, as a high-value target, because of the potential cost, both financial and reputational, to the operator, should production be interrupted or stopped entirely. Cyber security vulnerabilities put physical assets at risk The attack in question, a ‘Triton’ custom malware attack on a petro-chemical facility in Saudi Arabia, targeted a safety system, taking over system controllers. Bugs in the code triggered an emergency shutdown, but could have led to the release of toxic and explosive gases. It was a vivid reminder of how cyber security vulnerabilities are increasingly putting companies’ key physical assets at risk. Two more-recent high-profile incidents illustrate my point. In February, a Florida water treatment plant was hacked. The malicious actor remotely accessed the system for three to five minutes, during which time they opened various functions on the screen, including one that controls the amount of sodium hydroxide (NaOH) in the water. The hacker changed the NaOH from about 100 parts per million to 11,100 parts per million, which could have resulted in a mass poisoning event. Colonial Pipeline cyber-attack incident Then, in May, the Colonial Pipeline system that originates in Houston, Texas and carries gasoline, and jet fuel, suffered a ransomware attack. Using a VPN, hackers targeted back-office IT systems, forcing Colonial to shut down IT hosts and network infrastructure, severing communication with those OT systems that are responsible for communicating ‘transactional data’ associated with fuel delivery. In this instance, a single compromised password disrupted Colonial’s ability to invoice its customers. This dependency on OT data stopped pipeline and business operations, and the company was elected to pay the hackers an initial ransom of US$ 4.4 million, in order to restore operations. The Colonial attack was multi-dimensional, in that it not only impacted Colonial’s business, but also the wider US economy and national security, since the pipeline transports nearly half of the east coast's fuel supplies. Outdated IT system elevates physical risk The increased interconnectivity between IT and OT can also create vulnerabilit Attacks such as these prove that, armed with little more than a laptop, an email account and access to the dark web, determined hackers can cause disproportionate damage to physical infrastructure. As mentioned at the outset, the increased interconnectivity between IT and OT can also create vulnerability. Producers often want to know: Is it risky to connect a production asset or their operational environment to the Cloud? My answer is, if you do so without having done any risk audits around people, processes and technology, or without enhancing and maintaining that environment, then yes, that is risky. For example, we often observe that the life cycle of a production asset far outlasts the IT systems that are used to run it. Take a cement kiln. Several generations of plant operators may have come and gone, but that asset may still run, using legacy software, such as Windows XP and why not? Need to replace aging distributed control systems Well, that’s fine, if you are not concerned about having that asset compromised, and all that entails. A ‘flat’ IT network, an aging distributed control system, and machines with legacy versions of Microsoft Windows, all these elements, which are still commonplace in many industries, make it much easier for attackers to find and infiltrate a company, without needing sophisticated tools. The age-old mantra of not interfering with a piece of equipment or software that appears to be working, often applies to the individual assets. For example that cement kiln that are still controlled by the same Windows XP-based control software. However, if we’re honest, things have changed quite a bit, not because something was broken, but because innovation came in. That same kiln control system is most likely connected to other systems, than when first commissioned and that opens it to exposure to threats that it was never designed for. The human element There is a misconception that IoT-connected devices can open companies to risk There is a misconception that IoT-connected devices can open companies to risk, but many recent, high-profile cyber-attacks have been conducted from a laptop, by hacking someone’s VPN, or are a simple phishing/malware attack. In all these cases, the human element is partly to blame. Take the Florida attack. The compromised computer at the water treatment facility was reportedly running an outdated Windows 7 operating system and staff all used the same password, in order to gain remote access via the Teamviewer app, which the hacker was then able to use. Physical and human assets, key to robust cyber security Discussion on the best way to mitigate the threat is often framed solely around specific technical solutions and ignores the fact that robust foundational cyber security is really driven by two very different, but equally important, types of capital: physical assets (e.g. production machinery), and human assets. The truth is that smart digital software and industry-renowned cyber security applications, while critical, are in many cases, only as good as the weakest human link in the chain. Industry would, therefore, do well to ask itself the following question: Do we have a security problem, or a complacency problem? At this juncture, it is important to point out that the majority of companies that ABB works with, are at least aware of the threat posed by cyber attackers, and the potential impact of an attack, on their revenues, reputation and bottom line. User error and human-generated exposures Making sure staff are aware of the threat and training them to respond properly, if they are targeted, is vital However, user error and human-generated exposures are where most of these attacks occur. Those human failures are mostly not due to malicious intent from employees, but to the lack of training of the employees on secure behavior. Making sure staff are aware of the threat and training them to respond properly, if they are targeted, is vital. However, there are also age demographics at play here. Much of the operations employee base is heading towards retirement and often, there is no plan or ability to backfill these people. Need to invest in new digital and automated technologies If you think you don't have enough people now, in order to stay on top of basic care and feeding of the OT environment, with regards to security, what is that going to be like in 20 years? For this reason, there must be a major industry reset, when it comes to its workforce. Companies must invest in new digital and automated technologies, not only to ensure that they stay ahead of the curve and mitigate risk, but also to attract the next generation of digitally literate talent. Robust cyber security is built on solid foundations When we talk about foundational cyber security, we mean fundamentals, such as patching, malware protection, high-fidelity system backups, an up-to-date anti-virus system, and other options, such as application allow-listing and asset inventory. These basic controls can help companies understand their system setup and the potential threats, identify vulnerabilities, and assess their risk exposure. The Pareto principle states that around 80% of consequences come from 20% of the causes. In the context of cyber security, that means 80% of exposure to risk comes from 20% of the lack of security. If companies do the foundational things right, they can manage out a significant amount of this risk. Importance of maintaining and upgrading security controls However, having basic security controls, such as anti-virus software in place, is just the first step on that journey. Equally important is having someone within the organisation, with the requisite skill set, or the extra labour bandwidth, to operate, maintain and update those security controls, as they evolve. Educating, training and recruiting existing employees, and the next generation of talent, along with forging partnerships with trusted technology providers, will ensure that industry can leverage the latest digital technologies, in order to drive business value, and secure physical assets against cyber-attacks.

The robotic transformation of the security industry
The robotic transformation of the security industry

The COVID-19 pandemic is only accelerating the expansion of Automation, Robotics, Machine Learning (ML) and Artificial Intelligence (AI), and changing how people live their daily lives. This expansion leads the way with technologies that are developed to solve problems, improve operations, streamline processes and assist people, to focus on learning new skills, creativity, and imagination. Transformation of the physical security industry One of the latest industries to be permanently transformed is physical security. The era of utilising security cameras is slowly changing into more advanced and more efficient technological applications - security robotic solutions. SMP Robotics is a California-based company, which is a pioneer in developing robotic technologies, powered by AI, to assist, improve and deliver on new expectations in today’s world. One of their services is smart surveillance systems. This represents a proactive approach to security. The company, SMP Robotics’ Founder and Chief Executive Officer (CEO), Leo Ryzhenko, stated “Autonomous robotic technologies will become a driving force in future security solutions.” Robotics and AI in autonomous security solutions The robots can patrol 24/7, counteracting intrusion and communicating via voice message with guards The company uses robotics and AI technology to implement autonomous security solutions, which reduce liability and overhead, as well as improving the quality of services. Robotic guards are capable of patrolling all types of facilities, in both urban and rural contexts. The robots can patrol 24/7, counteracting intrusion and communicating via voice message with guards. The inspection robots, deployed by SMP Robotics, are easily integrated with many existing security technologies, armed with obstacle avoidance and anti-collision measures, automatically recharge, and can recognise faces up to 50 metres. As the world grows increasingly complex, technology like this is essential to ensure safety for all. AI-enabled autonomous video monitoring ground vehicles The advancements in technological breakthroughs of SMP Robotics position the company and its AI-powered, autonomous video monitoring ground vehicles, to be the most adaptable to any industry, cost-effective for clients’ business needs, in providing various types of services from public safety, crime prevention, to asset protection and physical security. The last few years were very productive for the company. The latest generation of the autonomous models, which outperform in efficiency, dozens of security cameras, were deployed or in a process to be delivered to a number of key clients, in various industries throughout the globe, from oil & gas, nuclear power plants to data centres, healthcare facilities, and amusement parks. Smart security robots Tal Turner, the Vice President (VP) of Business Development and Partnerships, SMP Robotics, said “We provide autonomous, artificial intelligence, all-weather, all-surface, smart security robots that are turnkey and operate independently on their own, using real-time obstacle avoidance, face recognition, and other cutting-edge technological advancements.” According to Coherent Market Insights, the Robots as a Service (RaaS) market direction will grow by 15.9% by 2028 and reach the threshold of 41.3 billion dollars. SMP Robotics stands at the forefront of the security robotic revolution, making an impactful change to make the world a safer place.

How schools can make outdoor learning safe and secure
How schools can make outdoor learning safe and secure

Schools were never designed and built with social distancing in mind. So, it’s perhaps not surprising that as children returned to schools, for the autumn term this year, the prospect of outdoor classes and assemblies was mooted in the media and by the Government. Many in the education sector are making the case that, should there be further COVID-19 outbreaks, in the coming months, it would be better to utilise outside space, rather than resort to closing schools. In the COVID-19 era, head teachers are considering taking learning and large gatherings, such as assemblies outdoors, when possible. Managing ‘class bubbles’, hygiene and ventilation While Dr. Yvonne Doyle, the Medical Director of Public Health England (PHE) has publicly reassured parents that schools are not the ‘drivers’ or ‘hubs’ of COVID-19-19 infection in communities, there is a lot of pressure on school leaders to manage ‘class bubbles’, extra cleaning and hygiene, ventilation, and COVID-19 testing, to protect families and staff. It’s a logical step to switch, in certain circumstances, to outdoor activities where fresh air is on tap, and social distancing is far easier to manage. Specially built outdoor classrooms Across the school and nursery sector, there’s ongoing investment in specially built outdoor classrooms Across the school and nursery sector, there’s ongoing investment in specially built outdoor classrooms, which had been growing in popularity, even before the pandemic. These facilities offer numerous benefits as an extension of existing learning spaces and provide children the opportunity for hands-on learning, beyond a stuffy classroom. However, if outdoor spaces are routinely called upon as part of COVID-19 contingency planning, how can schools ensure that their outdoor classrooms and wider areas are secure, robust, and fit for purpose? When specifying outdoor classrooms and learning spaces, it’s essential to take into account the well-being of the students and staff, who will use them, noise pollution and acoustics. Most importantly, education managers need to ensure the surrounding area is secured and adequately protected from threats, including terrorism. Perimeter security measures for schools How can schools and nurseries secure their perimeters, so that outdoor learning is totally safe for all? A starting point is to seek out architects and suppliers, who have a good understanding of security standards. Worryingly, Jacksons Fencing’s research recently found that only one-third of architects are seeing both LPS 1175 and the UK police initiative, Secured by Design (SBD) physical security standards, specified for schools. This highlights a lost opportunity for architects to propose solutions that are appropriate to the level of risk and needs of the school, without turning the site into an unwelcoming fortress. Helping schools identify specific security needs Head teachers would be wise to work with architects, who not only know the latest security standards inside and out, but are also are willing to play a more advisory role, helping the school identify exactly what is needed. Head teachers should prioritise solutions appropriate to their site’s specific risks It’s also vital that architects don’t simply replace existing fencing and gates, with the same security systems that have been in place for years. Instead, they will need to meet changing needs and risks. Our research finds that teachers often report issues, with the school perimeter and gates, from being climbed over (28%) and causing injury, to gates not locking properly (10%). Head teachers should prioritise solutions appropriate to their site’s specific risks, which sometimes require altering of existing measures. School fencing is an important aspect of any education site. As well as defining its boundary and making a visual distinction between public and private property, the fencing and gates that surround and secure a school, will typically meet a wide variety of other important criteria, including preventing unauthorised entry to the grounds, protecting pupils, staff, and visitors from accidents and injury, deterring theft and anti-social behaviour, and reducing the risk of malicious damage, and acts of terrorism. Welded mesh panels for perimeter fencing Popular options for schools include welded mesh panels for perimeter fencing or sports areas, and railing systems to act as demarcation, in order to control foot and car traffic. Within the outlying boundary, barriers, bollards and parking posts will keep pedestrians, and vehicles safe from each other, while timber fencing and gates can be designed to control the flow of people, around the grounds and reduce the areas, where students can be hidden from view. Automated gates and access control Perimeter fencing must be complemented with safe entrances and exits for vehicles and pedestrians. Every school has unique entry-control requirements, determined by factors, such as size, location and the local environment. These needs influence the decisions you make, when preparing technical specifications for school security gates. Do you require gates to be steel or timber, manual or automated, single or double leaf? Specialist suppliers will be in the best position to offer inputs on school gates, which typically need to offer solid security and durability, with a welcoming aesthetic. Specifying access control system When specifying a school access system, it’s important to consider the areas of the school When specifying a school access system, it’s important to consider the areas of the school, such as sports fields, car parks, and children’s play and learning areas, and whether it requires playground segregation. Selected gates should meet the design of the fencing, to create a secure perimeter with no weak points, with automated gates conforming to all current safety regulations. . Noise pollution can be a problem as well, including noise coming in or leaving the school in residential areas. If more teaching is to be carried out outside, it’s worth considering acoustic barriers to reduce noise in and around the school. Timber acoustic barriers for security and privacy Timber acoustic barriers offer security and privacy, and can reduce noise levels, by as much as 32 decibels (in laboratory conditions), so are ideal for city centre schools or those located close to busy highways. There are many ways to build an outdoor classroom. Timber products can help to create a welcoming environment, such as wooden shelters, pergolas, fencing, and decking. Always check that high quality timber, ideally guaranteed for 25 years against rot and insect attack, is being used to provide an attractive, cost-effective, safe and sustainable solution, for all weather conditions. DBS approved installers And of course, installers must be DBS approved, so that they can install outdoor classrooms, during school holidays, or within term time, with minimal disruption. The COVID-19 pandemic had a huge impact on schools and learning. While nobody wants to think of fresh outbreaks of the infection, or any other virus, installing an outdoor classroom made from high-quality, long-lasting materials is a great way to future-proof school learning and ensure safety, and preparedness. Putting extra thought and care into the security angle will provide schools with decades of protection against a host of unforeseen events.

Latest Software House, Tyco International news

Johnson Controls integrates open standard PLAI Adapter into Tyco Software House’s CCURE 9000 for physical access control compatibility
Johnson Controls integrates open standard PLAI Adapter into Tyco Software House’s CCURE 9000 for physical access control compatibility

Johnson Controls, the globally renowned company in smart, healthy and sustainable building solutions, has introduced the PLAI Adapter for the Tyco Software House’s CCURE 9000 security and event management system, which connects to the PLAI Agent, for physical access control system compatibility. PLAI Adapter This open standards approach enables enterprises to easily manage personnel identity and physical access, across disparate physical access control platforms and other identity-based systems, reducing complexity and cost in system administration, and improving the employee and user experience. The Physical-Logical Access Interoperability (PLAI) specification provides an open standard method of sharing and managing personnel, credential, card format and biometric details, across an enterprise. This enables customers to use their current badge technology and biometrics, without the need for duplicate enrollments in different systems and the need to issue multiple credentials. PLAI specification offers an open standard approach The PLAI specification employs an open standard approach to integrating these different platforms Created by the Physical Security Interoperability Alliance, the PLAI specification employs an open standard approach to integrating these different platforms, as opposed to relying on individual platform drivers, simplifying the integration process. The ability for centralised management of Personal Identifiable Information (PII), across multiple systems, with the CCURE 9000 PLAI adapter, can ease compliance with data privacy regulations, such as GDPR and reduce the risk of unauthorised access, caused by identity conflicts, in the operation of the access control system. This helps to reduce total cost of ownership, by easing the administration burdens of making changes to users, credentials, locations and roles. Interoperability for PLAI-conformant access control solutions Open standards can also extend the life of current systems and allow organisations to defer the cost of standardising on one physical access control platform. By supporting interoperability with other PLAI-conformant access control technologies and biometrics, systems can be extended to include security events and door control, as well as visitor management functions. PLAI Adapter for Tyco Software House’s CCURE 9000 is part of the Johnson Controls OpenBlue suite of connected solutions, which support healthy people, healthy places and a healthy planet.

LifeSafety Power to showcase their intelligent networked power supplies at the GSX 2021
LifeSafety Power to showcase their intelligent networked power supplies at the GSX 2021

LifeSafety Power will showcase its award-winning intelligent networked power supplies at booth 1463 during this year’s GSX show, September 27-29 in Orlando. Featured products include: FPO Generation 2 - Recently redesigned and re-engineered with updated features and capabilities, the FlexPower® FPO Generation 2 (Gen2) power supply line brings additional enhancements to both installers and users in the access control market. Network communications module FlexPower Gen2 includes the groundbreaking OutSmart™ visual voltage indication across all boards, visually showing the technician the output voltage of the power supply boards and each distributed output. Optional RS-485 capability on FPO and M8 devices allows larger managed systems on fewer network drops with the NLX NetLink™ network communications module. Refinements like built-in low battery disconnect and battery current sensor foster cleaner installations Added data points such as AC input voltage and main output current measurements on the FPO power supply and output cycle counts on the M8 yield a comprehensive view of overall system health. Refinements like built-in low battery disconnect and battery current sensor foster cleaner installations. Access control boards E12M and E12S Enclosures - One of the most spacious enclosures in the industry, the E12 is available in Unified Power or ProWire with dimensions of 48 (H) x 36 (W) x 8 (D). The E12 handles larger enterprise access control deployments–accommodating more access control boards, power supplies and managed outputs in a single enclosure for hardware and deployment savings. The E12 houses up to three FlexPower FPO power supply boards to allow up to 750 Watts of power to locking hardware, access control boards and auxiliary devices. It comes in two configurations: the E12M integrates with authentic Mercury Systems and handles 24 doors of access control; E12S integrates with Software House (SWH) controllers to handle up to 32 doors. Security management software NetLink lets users remotely monitor, control, program and report on system power Access Control Integrations - LifeSafety Power’s solutions integrate with several industry-preferred access control security management software platforms, including Genetec Security Center; OnGuard® for Lenel S2; and C•CURE 9000 from SWH. Security Center Integration for Genetec - Leveraging the Genetec integration between NetLink network communication device and Security Center, users can seamlessly add NetLink devices into the software platform, allowing real-time alerts to appear directly within the interface. From Security Center, users receive detailed data on the health and viability of power, connected locks and other devices. NetLink lets users remotely monitor, control, program and report on system power and connected devices and features patented battery management that includes health reporting, remote battery testing, email/SNMP alerts and other proactive notifications. Advanced power management OnGuard Integration for LenelS2 - The LenelS2 integration allows LifeSafety Power’s NetLink NL4 and NLX Network Communication Modules to interface with OnGuard access control software versions 8.0, in addition to 7.6, for advanced power management of enterprise access control systems. NetLink adds proactive monitoring and management capabilities to LifeSafety Power’s power systems, interfacing directly to the OnGuard platform, with all power system alerts indicated on the OnGuard software. NetLink adds proactive monitoring and management capabilities to LifeSafety Power’s power systems CCURE integration for SWH - The native integration with SWH C•CURE 9000 and LifeSafety Power’s intelligent network monitoring modules allows users to receive and centrally manage alerts and notifications through the software, for monitoring and control of PSX power and distribution modules sold and supported through SWH. Critical networking notifications are driven directly into C•CURE 9000, relaying real-time data and analytics on the health and viability of iSTAR door controller power, lock power and battery condition. Streamlining power installations ProWire Unified Power Systems/Helix - ProWire Unified Power Systems, the highest level of integration between a power system and an access control solution, are an installer’s blueprint for consistent, streamlined power installations. ProWire makes it simple to create a connected power campus, eliminating installation variability for repeatable and professional results. Network-connected ProWire systems can interface directly into Mercury Security or SWH C•Cure 9000 platforms, allowing users to receive, manage and control alerts and notifications. ProWire is compatible with Multi-Site Manager (MSM) Enterprise™, which yields advanced analytics so end-users can actively network, monitor and manage connected power solutions for greater uptime and dependability. Mission-critical applications Helix reduces the risk of system downtime or outage and features network management Helix AC/DC is the only solution for mission-critical applications in government, finance, medical and high-tech industry vertical markets. Designed for seamless failover protection with the automatic backup switchover of AC or DC power, Helix reduces the risk of system downtime or outage and features network management for predictive reporting that optimises and maintains the highest levels of performance. AC Helix monitors separate AC branch circuits, reporting trouble with a primary branch immediately and instantly transferring power to backup for uninterrupted system operations. DC Helix uses redundant power supplies to instantly transfer power to the backup supply on the failure of the primary supply. Helix is now available in standard, Unified Power and ProWire configurations to provide the ultimate protection to any access control power system.

Johnson Controls makes C-One2 mobile terminals from Coppernic available for the C•CURE Go Reader
Johnson Controls makes C-One2 mobile terminals from Coppernic available for the C•CURE Go Reader

Johnson Controls, the provider of smart, healthy, and sustainable buildings, and architect of the OpenBlue digital connected platforms announce the availability of the new C-One2 mobile terminals from Coppernic for the innovative Tyco Software House C•CURE Go Reader. C•CURE Go is an application that extends the capabilities of the C•CURE 9000 security and event management system with portable, secure access control functionality, even in remote or disconnected areas. Ideal mobile solution The Coppernic C-One2 handheld Android device, featuring a multi-technology HID read head, is the ideal mobile solution for controlling an individual’s access rights at any time and from anywhere. The C•CURE Go Reader application validates credentials, performs roll calls, and can even enforce anti-passback on a per-device level and also in an online mode in conjunction with iSTAR controller areas. C•CURE Go Reader can operate in offline mode, caching personnel records and clearance data C•CURE Go Reader can operate in offline mode, caching personnel records and clearance data, as well as buffering offline transactions and synchronising instantly with C•CURE 9000 when back online, making this ideal for construction sites, temporary entrances, offsite events, or roaming security checkpoints for spontaneous badge checks. Associated portrait image For emergency situations, the C•CURE Go Reader features a roll call system administrator to produce a list of all users currently within a specified area, a crucial function for any emergency or evacuation plan. Cardholders simply present their QR code, iCLASS, MIFARE/ DESFire EV2, or proximity card to the Handheld reader. Once presented, C•CURE Go Reader shows the associated portrait image, cardholder status, clearance information, and whether the individual can be admitted or rejected. For quick tracking, the C•CURE Go Reader can easily create check points and track IN and OUT status for personnel, as well as capture the GIS location of each card ship and show locations on C•CURE 9000 workstations.

Related white papers

Top 5 ways to ensure visitor safety and security

Moving to mobile: A guide for businesses switching to mobile access control

Attention OEMs: 5 Ways RFID Readers Can Secure Your Markets