The Road to Open Integrations

Ease of operation, faster response and greater situational awareness are typical drivers for integration of various security systems. For years, manufacturers have touted their ability to integrate with third parties, in many cases using claims of how open their products are as a proof point.

Unfortunately, there is no universal way to measure openness or how comprehensive is the integration. Most customers, specifying consultants, dealers and systems integrators have likely experienced through trial and error that not all integrations, or a given product's "openness," are the same. The good news is technology continues to improve and standards are beginning to take hold. So just what should we expect from security vendors in 2011 when it comes to integration?

Video, access control and intrusion detection integration

At a minimum, any integration (using access control or intrusion detection) with video surveillance must be able to access live video from the camera and have PTZ support capability, preferably with auto PTZ preset functionality when triggered by various events. Guard tour functions should be fairly easy to support as well, as this has more to do with the camera than the DVR or NVR, particularly when IP cameras with their ubiquitous Web servers are used. Tagging video based upon event triggers has been pretty standard for quite some time and should be able to support screen pop-ups, e-mail and multimedia messaging services (MMS), as well as tie the event to recorded video for future viewing. Most integrations also support the ability to retrieve recorded video through the access control system's user interface. If a user has to switch from access control to the video surveillance system's interface for any of these common functions, the integration is not very effective in terms of ease of operation, increasing user productivity and decreasing response time.

Recognizing video verification is valuable to both consumers and central station monitoring operations. More advanced integrations should likely support image enhancement, such as zoom functions as well as video export, through the access control or intrusion detection interface. From there, configuration modifications come in handy, particularly allowing the operator to establish new policies based upon various other security system events and parameters.

Integration of video analytics with Video Management Systems (VMS) and/or directly to access control or intrusion detection can be very valuable. After all, much of what video analytics can do is transform video into another type of smart sensor data, providing additional qualitative and quantitative information. As accuracy improves, it is interesting to note that operators may not need to see the video, taking the analytic event message as "gospel."

VMS vendors may observe that integration with access control and intrusion detection can go the other way, whereby the video surveillance system user interface becomes the primary interface. In this case, the VMS should be able to ingest events and alarms that come from access control, as well as intrusion detection systems. While it might seem "cool" to be able to trigger request to enter or exit, or stand-down an alarm from the video interface, unless there is a capability to fully leverage user enrollment/credentialing, authentication, role and other policy enforcement functions, it would seem that integrations of this nature are of limited value.

Ideally, all of the advanced functionality of the cameras and the recording systems (whether they be DVR- or NVR-based) should be accessible through the integration. These integrations would essentially allow the operator and administrator to configure, operate and maintain the video system through a single interface. However, perhaps we can only hope for that high level of integration in the most sophisticated system offerings when multiple vendors' systems are used. Otherwise, this level of integration tends to work only when a single vendor offers access control, video surveillance and in some cases, intrusion detection systems. The implication is that full access to the source code or a very robust API would likely be required to allow for full customization.

Several vendors offer intra-security portfolio integrations linking their own access control, video surveillance as well as other security systems together; although, the integrations may still not be as robust as customers and dealers would like. Nonetheless, at least one vendor has started to refer to this type of integration as "unified" security.

Active Directory and human resource database integrations that eliminate re-entry of user and role information is common and, in a number of cases is used to enforce access to the security applications themselves. In 2011, we should expect to see an increasing number of integrations with other security systems, such as network security (particularly as unified or converged credentials gain momentum), and SCADA systems used in critical infrastructure operations. We may see some renewed efforts to integrate, or at least promote integrations with other building management/home systems (HVAC, lighting, telephony, etc.). Some of the impetus is attributable to being "green" in a smart building, but it may also be the "Trojan horse" that allows Internet/broadband service providers to grow new service offerings (namely, enter the security system monitoring market). Mass notification integrations may also become more prominent by communicating over video, phones (audio and text) and digital signage.

Are Physical Security Information Managers (PSIMs) the solution?

As much as PSIMs have been frequently offered as a panacea for integrations, many of these systems have done an admirable job of aggregating multiple disparate third-party systems together. While this has taken some considerable integration effort, many of these integrations are largely uni-directional where data is bubbled up to the PSIM. With the exception of controlling PTZ cameras and recalling recorded video, similar to many access control systems, many PSIMs do not appear to be able to push response actions back down to the underlying security systems quite as easily. Few seem to be able to manage users and policies across multiple third party access control systems. This essentially would enable user and policy federation between various organizations. Clearly, this capability is sorely needed by numerous enterprises. Standards will make PSIM integrations easier and may also enable greater bi-directional control, but they will also remove part of the PSIM value proposition-all integrations will become easier for vendors.

ONVIF and PSIA to the rescue?

The semi-competing ONVIF and PSIA specifications (technically, they are not standards yet) have captured a large number of manufacturers' interest and certainly do help support "openness" claims. Even better, some have begun to release products that support, at least partially, the specifications. However, the specifications largely address the lowest common denominator features, leaving the newer and innovative capabilities of various devices subject to closed, or at least proprietary application programming interfaces (APIs). The level of integration with a given device can vary greatly from one vendor to the next when it comes to enabling and using these exceptional capabilities. Cameras seem to be the main focus but it will be interesting to see if and how the NVR vendors open their software to their competitors. These specifications are a step in the right direction for customers, dealers and integrators.

While integrations can vary significantly and should be treated with a caveat-emptor philosophy, there is a clear customer requirement to make security systems easier to operate and to have one interface that can be used to report and manage all events. Integrations will increasingly enable security systems to provide additional value to businesses and consumers and create new opportunities for vendors, dealers and integrators.

Bob Beliles is President of B2 Convergence Consulting, an independent firm focused on network, security (logical and physical) and identity/asset management technology and services.