Standards move industry to 'Next Quantum Level'

The bane of the security alarm industry has been its lack of standards. Many complain this black hole leaves the door open to a mish-mash of technology and no set directives for safety, regulations and compliance. It also opens the door to having standards dictated and even the ongoing proliferation of proprietary technology.

The Department of Homeland Security's Chemical Facility Anti-Terrorism Standards (CFATS) are risk-based performance standards many predict will have a positive impact on safety and security measures in the industry. Although its name implies it's for chemical companies only, many other industries are impacted.

According to Jim Henry, chief executive officer of Henry Bros. Electronics Inc. in Fair Lawn, N.J., CFATS is a directive that will increase spending. "Commercial enterprises aren't swimming in extra cash," said Henry. "They don't want to spend on something that isn't moving forward or gives their business the ability to move forward," he said.

Henry said commercial customers spend to get a return on investment or become code compliant. "CFATS has the first standards that would be a positive driver of business. It drives code compliance; 10 years from now it will look a lot like the fire industry. You won't be able to get approved if you don't meet the criteria."

Lead organizations: ONVIF and PSIA

On the networking side of the business two organizations leading the quest for standards are the Open Network Video Interface Forum (ONVIF) and Physical Security Interoperability Alliance (PSIA). Many of its members cross-populate each organization.

One of the differences between the two organizations is the network communications architectures they have adopted. PSIA embraces REST or Representational State Transfer Communications Protocol.

The REST architectural style was developed in parallel with the HTTP 1.1 protocol, the World Wide Web. ONVIF follows Simple Object Access Protocol or SOAP, an XML-based messaging protocol Web Services use for communications.

Frank Yeh was the primary writer of the PSIA base model framework. Yeh is an IBM senior architect, Security & Privacy, Costa Mesa, Calif., and chairs PSIA's core working group. IBM is a founding member and recent PSIA board member.

Yeh said REST was chosen by PSIA in part because it is "more accommodating to the integration of low-end network devices. IP standards will continue to enable the security industry to make the best use of networked technologies and help end-users be more effective over the long term."

He added that PSIA is not only IP video security. "PSIA is not just about cameras and digital video. There are a whole range of devices that participate in the greater physical base that aren't cameras," he said. Yeh believes there will always be "multiple standards at play in any industry. If you don't have open standards or have proprietary standards, then it may actually increase system costs. The physical security mindset is that proprietary is more secure. You can be very secure with open standards," he added.

The ONVIF core specification version 1.0, written by Axis Communications, Bosch and Sony defines network video communication framework based on IETF and Web Services standards. Web Services technology is suitable for other applications/devices, including access control.

Hans Busch is a software development engineer for Bosch Video Communication Systems in Nurnberg, Germany. He chairs the technical committee responsible for maintaining the technical specification for ONVIF.

"The creation of standards is a big step for the industry; that's where the real value is," said Busch. "Our intent is not to cover everything or be all things; there are already some well-established standards out there and we want the least effort. We don't want to reinvent everything that's out there and working well."