What new standards are needed in the security marketplace?
The International Organization for Standardization (ISO) describes standards as guidelines or characteristics for activities or for their results, aimed at achieving the optimum degree of order. They might include product standards, test methods, codes of practice, guideline standards, and management systems standards. In the security marketplace, there are many standards currently used, including those from organisations such as ONVIF, PSIA and ASIS International. Might the value of standardisation be extended to new areas in our market? We asked this week’s Expert Panel Roundtable: What new standards are needed in the security marketplace?
There are hundreds of CCTV installers in the United Kingdom, but there are currently no formal training requirements or standards in place and no way of knowing which suppliers are truly credible. This leaves customers vulnerable to installing inadequate systems. We need to be much more aligned with standards in other industries, such as the Gas Safe Register for gas engineers. The NSI (National Security Inspectorate in the U.K.) has of course made some headway in our industry, but not every installer has the certification they should. Ultimately, you need to select the right camera with the right storage for the job and for this you need a systems installer who can provide valuable expertise and advice. Having a standard in place is good for protecting customers and when customers see the benefit, the entire industry will benefit too in terms of delivering best practice.
The security marketplace is full of companies touting their products as having the latest technology and being superior to the rest; but how do customers know which of these products have been tested in real-world situations, and can perform as expected? Standards should be put in place throughout the industry to provide customers with a clearer understanding of which products are put up against actual threats. It’s one thing to promote your solution as having the capabilities to detect or deter threats, and it’s another to see it perform in those situations to determine its true performance and overall utility. With more products entering the market each day, customers want to know whether their security solutions will have real-world utility. It is important for a clearer set of guidelines to be put in place so security professionals are not led to believe untested products have seen real-world threat situations.
Current standards have been focused on video streaming as it relates to IP Cameras – ONVIF and PSIA have been successful in developing this industry-wide. The standard has been adopted and many new cameras are available on the market. The next level of interaction needs to consider the expanded interoperability and control between the disparate systems – i.e. Intrusion Detection, Building Management Systems, SCADA controls, manufacturing systems and financial systems. A standard format or structure of exchanging data needs to be developed to facilitate the combining of metadata from multiple, disparate sources to visualise shared data and deliver more intelligent information for greater efficiencies. The increase in the IoT phenomenon will bring in new sources of data and video metadata from disparate devices and systems, which will require a standard method of storing metadata so reporting tools can extract the meaningful data and present it in a usable manner.
There are a number of standards needed in the physical security marketplace, including:
- Metadata for video analytics: While ONVIF has a basic video analytics service specification, the scope is limited and adoption is scanty. Standards are needed for both basic moving object-based analytics as well as advanced analytics such as facial recognition.
- Cyber security: There is a very limited adoption of the basic standards and best practices in our industry.
- Health monitoring: Protocols such as SNMP are pretty standard in the networking world for managing devices on a network, but as yet they have very limited adoption on network-connected physical security devices.
- Cloud connectivity: We need standards for recognising, connecting to and managing cloud-based devices.
- 360-degree video: There is rapid adoption of immersive video enabled by high-resolution fisheye and multi-sensor technology. How these de-warped/stitched images are processed and manipulated can be standardised.
Do we need that many new standards, or do we need the industry to embrace the standards that are already in place? I believe that current standards like ONVIF and OSDP are sufficient in what they offer the industry. Members of the security industry just need to start thinking outside the box and realise that it is with standards in place that real industry growth can occur. The next standards to come are likely system to system level standards, otherwise known as “PSIM standards.” The industry’s current silo approach that is built on proprietary products rather than interoperability does not encourage the development of the business opportunities that standards and general interoperability already afford. Without a standardised approach, cost is a real inhibitor for end users and even for some manufacturers, leaving these opportunities for industry growth untouched.
We see an increasing demand for offline locks in cases where doors do not require the highest levels of security (less critical doors). Installation is simple and inexpensive as no cabling is required. We think it is important that customers are enabled to combine multiple systems into one security solution. OSS Standard Offline allows for simple integration of various brands of offline electronic locks in security management systems. With OSS, customers can centrally manage any number of offline doors, together with online doors. Moreover, offline lock systems from different manufacturers can be combined. This means customers have a broader range of solutions to choose from, now and in the future, so they are no longer locked in to one supplier.
Generally, there needs to be greater harmonisation of security standards globally. Having an open protocol approach benefits customers and ensures that integrators and manufacturers can stay highly competitive in a market that demands closer integration. It is no coincidence that many other technology sectors already have this level of global harmony. For example, IP phones need this level of cooperation to function and ONVIF profiles have revolutionised the way CCTV cameras operate to enable broad integrated networks of surveillance. Proprietary systems belong in the past – rather than securing business for suppliers, they now alienate customers and ultimately cause a headache for anyone looking to upgrade them in the future. There are some locations around the world where localised standards are still in place, seemingly to suit the local authorities and to block foreign suppliers. Ultimately this needs to change to ensure everyone has access to the best solutions available.
Our growing industry adopts new technologies every day, which opens the path to a new and expanding array of opportunities to embrace standardisation. Many of those new technologies come from the IT sector, which has its own set of standards that can also serve us well. A problem with creating and embracing standards is that they can be hard work. Industry cooperation to develop standards requires involvement of industry professionals in work that is outside of (and likely competes with) their daily demands. Incorporating and adhering to those standards also requires effort, although the benefits to customers (and presumably the bottom line) offer rewards for those efforts.