Open architecture in physical access control is built around Mercury Security’s access control panels, the de facto standard embraced by more than two dozen access control original equipment manufacturers (OEMs). Mercury and several of its OEMs teamed up March 3-4 to present MercTech4, a conference in Miami aimed at updating security consultants about the latest developments related to the Mercury platform.
MercTech4 highlighted a new generation of access control products, which are increasing the capabilities for Mercury OEMs in areas such as two-way communication and encryption. Enhancements include use of the OSDP (Open Supervised Device Protocol) v2 communication standard instead of the older (and less flexible, less secure) Wiegand standard. Other advantages are relay count activations, a crypto memory chip and default encryption, a critical feature ensuring greater cybersecurity.
Integration of hardware with physical security
Mercury hardware is sold exclusively through OEM partnerships. The new LP4502 controller and access control platform use the Linux operating system. Mercury also provides hardware integration at the controller level with elevator manufacturers such as Otis, Kone and Thyssenkrupp, including “destination dispatch,” which groups passengers going to the same floors into the same elevators, thus reducing waiting and travel times. Mercury hardware is sold exclusively through OEM partnerships. The new LP4502 controller and access control platform use the Linux operating system
Integration of Mercury controllers with LifeSafety Power’s IP-based intelligent power supplies enables system health and diagnostic data to be shared for preventive maintenance.
Mercury also offers several “bridge” products to enable its OEMs to transition installed proprietary systems from outdated Casi-Rusco (GE), Software House I (Tyco) and Infographics (GE) technologies to an open platform using Mercury hardware.
Business as usual
Other recent news for Mercury is the company’s acquisition by HID Global last fall. Mercury Security President Matt Barnette says the acquisition will not impact how Mercury goes to market. “It’s business as usual,” he says. “It’s 130 days into the acquisition, so it’s still early on, but we are continuing to do what we do.”
Steve Carney, HID Global’s vice president of product marketing for physical access control, provided an update from the HID Global perspective to MercTech4 attendees. He reiterated that there would be no change in Mercury’s OEM go-to-market strategy. HID will develop a roadmap for improved combined solutions among the controller, reader, credential and cloud
He emphasised that Mercury’s team and talent remain core to the brand, and HID will develop a roadmap for improved combined solutions among the controller, reader, credential and cloud.
Open architecture companies throughout the access control industry – Mercury’s OEM partners – are incorporating the new boards into their products, each putting their “spin” on those capabilities and expanding the functionality of their systems. At MercTech4, seven of those OEMs hosted small groups of consultants in focused meetings to highlight what’s new with their products.
Lenel honoured as 'Platinum Premier' partner
Lenel, Rochester, N.Y., has been a Mercury's OEM partner since 1995. Lenel is Mercury’s first-ever "Platinum Premier" partner. In recent years, Lenel’s OnGuard system has evolved into a fully browser-based system providing both alarm and cardholder management through web browsers, and access to the platform on a computer, laptop or tablet. OnGuard WATCH (Web Access Trending and Comprehensive Health) provides system monitoring tools and health checks, such as tracking CPU usage and logging error files.
Lenel has introduced its own BlueDiamond mobile credentialing system based on Bluetooth Low Energy and deploying mature technology previously used by sister UTC companies for real estate locks and in the hospitality market.
Feenics, an Ottawa, Ontario, cloud-based access control company, was also among the Mercury OEMs participating in MercTech4. The Keep by Feenics platform is scalable from a single door to a global enterprise environment. A RESTful API provides easy connection of third-party applications. Feenics emphasises cybersecurity in the cloud, using Amazon Web Services, Transport Layer Security (TLS) encryption, and Veracode penetration testing. They use MongoDB open source database replica sets instead of Microsoft SQL.
 |
| Mercury and several of its OEMs teamed up March 3-4 to present MercTech4, a conference in Miami aimed at updating security consultants about the latest developments |
Integration and encryption
RS2 Technologies, Munster, Indiana, is another Mercury OEM highlighted at MercTech4. Their top vertical markets are K-12 schools, utilities, healthcare and government. RS2’s features include a PSIA-compliant interface, compatibility with BACnet and the Pinwheel DME (Data Management Engine) for bi-directional database integration.RS2 offers web-based support, and each edition of the Access It! software implements features suggested by customer
RS2 offers web-based support, and each edition of the Access It! software implements features suggested by customer. Product enhancement is a focus of RS2’s engineering.
Open Options, Addison, Texas, is a Mercury Platinum Elite partner whose customer base spans every vertical, and whose feature set reflects customer feedback. Open Options offers Mercury hardware mounted inside a sleek plastic enclosure, among other form factors. The company emphasises an open business culture and dedication to customer service.
Customer support is a direct phone line to speak with a live person every time to get any issue resolved. Open Options’ DNA Fusion Version 7 platform includes new features such as an updated user experience. DNA Fusion interfaces seamlessly with security technologies — including video, biometrics, wireless locks, and more. Last year, Open Options marked 20 years of partnership with Mercury Security.
Engineering for the masses
Avigilon, Vancouver, B.C., is embracing new Mercury products in its completely browser-based Linux platform that can scale from entry-level to enterprise systems. The ACM (Access Control Manager) software is engineered for IT professionals and is updated every 60 days.
For Avigilon, access control is a component of a broader approach that uses analytics and self-learning to manage massive amounts of data and provide the information an operator needs. The Linux-based system uses features such as the Avigilon “Appearance Search” capability to shift operation of security systems from a reactive to a proactive stance The system uses features such as the Avigilon “Appearance Search” capability to shift operation of security systems from a reactive to a proactive stance.
Genetec, Montreal, Canada, emphasises the value of its “unified” approach that combines video, access control and automatic license plate recognitions into a single platform – designed from the ground up – that incorporates communications, intrusion detection and analytics.
Cybersecurity failures prominent in the news often occur because of negligence – the customer had not implemented a software patch, for example. Genetec helps to manage such concerns. When cameras are deployed in the Genetec platform, the system provides an alert if a new camera firmware version is needed. The Genetec Update Service (GUS) notifies customers of any needed software updates.
Prominence of cybersecurity
Honeywell’s Win-Pak access control software is integrated with the Pro-Watch security management suite. Cybersecurity is a corporate priority for Honeywell, whose products follow the SDLC (systems development life cycle) process with security requirements based on the ANSI/ISA 62443-3-3 standard.
Microsoft's Threat Modelling tool identifies entry and exit points of systems that an attacker could exploit, providing the development team an attacker's viewpoint. The secure product development process includes static code analysis, secure code review, code signing, binary scanning and component inventory.
Products are thoroughly tested by the Product Security Assurance Team and at times by an Advance Independent Testing Team. If vulnerabilities are identified after release, they are handled by the Product Security Incident Response Team.
Cybersecurity issues dominated a consultant roundtable event on the second day of MercTech4. There was plenty of spirited discussion and some valuable insights among the 40 or so participating consultants. More to come on that in another article in the next couple of weeks.
Stay ahead of the trends on securing physical access control systems through layered cybersecurity practices.
