Articles by Raz Birman
PSIM systems extend their value beyond emergencies by including routinemanagement tools, that provide value during daily operations, such as automatingmaintenance activities Physical Security Information Management (PSIM), an acronym termed to describe a family of software platforms that claim to replace traditional command and control (C&C) systems, primarily used to provide situation awareness in control and monitoring centres of Critical Facilities. Traditional C&C systems belong to the Guards & Dogs (G&D) era where they were deployed in control centres to provide local situation awareness. They typically include a relatively thin software application layers above locally connected systems, whether they be analogue Closed Circuit TV (CCTV) cameras, serially connected Alarm Points and similar physical security systems. During the previous decade, with the increased penetration of network connectivity and rising bandwidths, physical security systems and edge-devices have become more and more Ethernet network based and therefore accessible over Wide Area Network (WAN). This shift had presented an opportunity to achieve better integration and aggregation of multiple systems and data sources, via a networked environment, that relay the information over distances and is less local by nature. Benefits of PSIM software platform PSIM systems had taken advantage of this technological shift to widen the scope of C&C centres and provide unified situation awareness and management capabilities. The primary benefits of a PSIM software platform are: 1. Relatively fast and easy integration of physical security systems, accomplished by an open platform, designed and built to facilitate such integrations. This is primarily accomplished by a Software Developers Kit (SDK) package that unifies and facilitates integrations. 2. Incorporating rules-based filters that process event streams and implement logic to determine event combinations that should constitute a higher level manageable entity – i.e., incident. 3. Unifying the Graphical User Interface (GUI) to provide a single, unified monitoring and management interface for all underlying systems and technologies, from different vendors, brands and models. 4. Facilitating the response by providing step-by-step task-oriented checklists of what needs to be done. These checklists are termed Standard Operating Procedures (SOPs) and are typically adaptive to situations and can be developed by security personnel with no prior software programming experience. 5. Automating the response or parts thereof and thus allowing operators to focus on managing the situation at hand rather than managing software interfaces and technologies. 6. Extending the value beyond emergencies by including routine management tools, that provide value during daily operations, such as automating maintenance activities, for example. A PSIM system must be flexible to the requirements of different market segment verticals including Critical Facilities, Safe Cities, Transportation Hubs, Banks, Retail In order to deliver on its promise, a PSIM system should be flexible and open enough to accommodate the requirements of different market segment verticals including Critical Facilities, Safe Cities, Transportation Hubs, Banks, Retail, etc. Within each of these segments there are subcategories with some unique requirements, such as Correctional Facilities as a special case of Critical Facilities, for example. PSIM systems are typically more suitable for large scale enterprise projects, even though they can also be deployed in small scales, if appropriate conditions are met. Beyond PSIM – The next generation The penetration of PSIM systems into traditional security operations have been slow and somewhat cumbersome. This is primarily due to the following hampering causes: 1. Being an enterprise system, PSIM platforms usually require substantial CAPEX budget commitments that are hard to approve and justify, when the organisation already has in place other, lower-cost alternatives. 2. PSIM vendors have done a better job at delivering technologies and products, but left a lot to be desired in adapting the platforms to particular, unique requirements and providing real added value. 3. While systems are most suitable to large scale deployments, they usually suffer from network outages and insufficient bandwidths that make the implementation awkward to operate and manage. ‘Beyond PSIM’, the next generation systems are expected to alleviate these hurdles and pave the road for smoother and wider adaptation. The primary added values of such systems are: 1. Geared towards addressing more than the physical security scope. Providing custom functionalities to integrate and facilitate situation awareness and management of Safety, Cybersecurity and Operations. 2. Extending the openness from supporting integration of sensors and edge-devise, to higher application levels that include custom GUI panels and mobile applications that are fully aligned with ideal situation management flows. 3. True enterprise deployment architecture that supports distributed servers / databases hierarchies that make the operation less sensitive to network outages and bandwidth constraints. 4. A flexible Business Intelligence (BI) layer that sometimes also supports predictive analytics, allowing the system to identify dangerous trends and pro-actively predict and prevent hazardous situations even before they happen. 5. Providing different GUI displays to different stakeholders and hierarchies. A Management workstation, for example, will primarily view dashboards depicting Key Performance Indicators (KPIs). 6. Supporting a project-oriented approach that allows fast and easy customisation of process flows, logical rules and GUI to satisfy specific unique requirements of various market segments. The ‘Beyond PSIM’ software platforms are likely to play an important role in managinga world of increasing cyber security risks and wider connectivity Similarly to traditional PSIM platforms, Beyond PSIM systems cover the complete incident lifecycle of Planning – Acting and Debriefing. However, they also enhance the enterprise hierarchical deployment capabilities and further allow selective structured collaboration that provides each department with the most relevant situation awareness and management visibility scope, according to needs and pre-planning. PSIM for cybersecurity risks The convergence trend of enterprise departments and corporate functions, driven by network based systems and devices and the global nature of risk, is hampered by ‘human nature’ obstacles. However, its slow progress is evident and very likely to expand due to cost effectiveness and streamlined operation. The ‘Beyond PSIM’ software platforms are likely to play an important role in managing a world of increasing cybersecurity risks and wider connectivity, driven by the evolution of Internet of Things (IOT). It is possible that some enterprises will require managed services approach, which is accomplished by cloud based, multi-tenant security management applications. However, due to information security sensitivities and constraints, for the foreseeable future, we still expect to see on-premises, privately managed systems that will deliver the value, while providing the enterprise with sufficient confidence level that important and classified data is not subject to risks of potential compromising.