How can IP networked systems adapt to lost connectivity?
IP network dependability matters in physical security and safety applications, given that a company’s assets and people are at risk. There have been strides in the areas of network dependability, fault-tolerance, reliability, and survivability. However, networks (or affordable ones, at any rate) still cannot ensure near-100 percent uptime, which is why system designers acknowledge and plan for the possibility of a network outage. We asked this week’s Expert Panel Roundtable: How can/should an IP networked system adapt when network connectivity is lost?
When connectivity is lost it is still important that your system still functions. That is why it is important that the controllers from an access control system communicate peer-to-peer and can authorise access without communicating with your server. This freedom from the host lessens the load on your network and means your access control system keeps working, even if the connection with your network is lost.
If we are dealing with an enterprise installation the video network should be designed to accommodate network switch or pathway failures. The optimal solution would be to design a multicast network to support the video management software. The solution should have redundant core switches and all switches should have redundant power supplies. Should a core switch fail, the network should have the ability to re-converge in a sub-second; worst case, the solution loses a few packets. Each edge switch should have multiple pathways back to each of the core switches so if we lose a pathway the video has a secondary path back to the core and that re-convergence should also be sub-second. If we lose an edge POE switch, there is not much that can be done as the camera will lose power and we will have a group of cameras down until the switch is replaced. We have found that the majority of network issues are a result of a poorly engineered network for IP video. The key to near-zero network loss is a properly designed and implemented network.
First and most importantly, if any kind of network connectivity is lost, users and service providers need to get an alert. If users don't want to lose any video, cameras should have on-board camera storage. When the network is functional again, the on-board storage should be off-loaded and put into general video storage. For access control, loss of network connectivity is generally not an issue for system functionality since databases are usually kept at the edge. That is, one would not be able to add/delete users or change access levels, but that can be logged and implemented when the network is back up. If losing external network connectivity to a particular site is an issue in an application that requires remote monitoring and management, the system needs to adapt to allow local monitoring. For example, the system should be able to keep local copies of the central access control database.
Assuming localised power, networked video and security edge devices continue to operate in the case of a network outage. Cameras continue to capture video (to an SD card) and access control readers can make decisions based on locally stored information. Then when the network is restored, the local information is shared with the larger network, and the system functions as usual. Concerns surround applications requiring real-time response, which is undermined by an outage. In case of an outage, cameras don’t work with other system components or provide video analytics alerts to the network, for example. Access control doesn’t work with “if-then” scenarios involving other devices on the network. In these applications, an alert system should notify operators of any network problems in a timely manner – system functionality is at risk.
There are a couple of schools of thought when discussing IP camera networks and a few precautions to consider. First, separate the networks. The camera network needs to be on its own set of switches so that the camera traffic doesn’t impede existing, day-to-day traffic of the corporate network. On the camera network side, we can always increase uptime by using equipment like battery back-ups to keep the network switches and recording appliance powered up during a power failure. Most cameras nowadays are PoE (Power over Ethernet). This is fantastic for the installer and makes powering the cameras exceptionally easy since only a single Category 5 or 6 cable needs to be pulled. However, should the switch go, so do the cameras. This is why the majority of these cameras still have a separate low-voltage power input, which allows you to utilize the SD card option to maintain recording.
Networks can, by their nature, be set up in many shapes or topologies. A network’s response to unexpected breaks should be part of its design from the outset. Ethernet strives to get data to its destination even if the route has to change several times mid-flight owing to circumstances. So, resilience can initially come from providing more than one path for all data, e.g. full loops of cable, or alternative networks such as cellular 4G, etc. If that isn’t viable, practically or economically, then maybe memory buffers are placed within data sources such as IP video cameras and network video recorders. These temporarily fill when connection is known to be lost, subsequently releasing the data to seek its destination when the connection is restored. Many cameras have SD memory card slots these days. SD cards currently reach 512GB in volume. As ever, make sure to design failure modes into your system.
Video systems should not be dependent on external or public internet connectivity. This is one of the big challenges of cloud video solutions; Internet connections are notoriously unreliable. If these systems must be connected to the public Internet, some storage should be maintained locally to prevent data loss in the event of a network outage. Private WAN connectivity is typically much more reliable, assuming there is sufficient bandwidth to handle video traffic.
If there is a downside of IP security systems, it is that they are so dependent on a (sometimes less than perfect) network. Physical security systems must therefore be designed to allow for any limitations of the network. (IP networks are also vulnerable to cybersecurity threats – another topic for another day.) Networks are important tools for today’s security systems, but they should not be an Achilles heel. Rather, system designers must rise to the occasion and maximise system functionality despite any network limitations.