The security week that was: 04/23/10

Standards gain steam

In an interview with, Bosch Security's Product Marketing Manager Chris Johnston told us: "The movement to create and popularize open standards -- such as ONVIF -- within the industry will have the greatest effect on video surveillance this year. Already, many major manufacturers' product lines are gaining certification by ONVIF, and most software head-end manufacturers are in the process of integrating ONVIF into their offerings." Johnston's quote appeared in our story "Video Surveillance: Manufacturers' Perspectives on the Year Ahead". While Johnston is clearly focused on ONVIF (Bosch was a founding partner of that specifications group), I think that the advocacy of standards applies not only to ONVIF, but also to the PSIA group and even to efforts that have been done by SIA.

On the topic of standards like ONVIF (which are actually just specifications, as my industry colleague John Honovich of would argue), the indication is "full steam ahead." In the last week, we saw ONVIF announce that it would be expanding into access control specifications, with the goal of ensuring that access control can be integrated simply with video products (which would presumably use the ONVIF video products standards).

Also this week, IMS Research's Simon Harris provided a positive outlook on ONVIF's efforts. "ONVIF has made impressive progress," said Harris. "In less than two years, the organization has attracted companies that account for 72 percent of the global network video surveillance market. Several of these have already released ONVIF conformant products or software, so it is becoming quite clear that ONVIF will impact the global security industry as a whole." (See related story on this topic.)

Lest this update be all about ONVIF, I want to give a quick overview on what is happening with the Physical Security Interoperability Alliance (PSIA). While at ISC West 2010 last month in Las Vegas, Nevada, I had a chance to spend time at the PSIA "plug fest" event, which was an event where a bunch of techies from different PSIA-affiliated companies showcased the interoperability of their products using PSIA specifications. I spent a fair bit of the time speaking with Andy Bulkley, the senior director for product strategy for GE Security's Enterprise Solutions Group and chairman of the PSIA Area Control Group.

According to Bulkley, PSIA has five primary work-groups for specifications. There's the video interoperability specification (now available), and they've been quietly building specifications for recording and content management (RaCM), which applies to storage solutions like NVRs. There also is an effort for a PSIA specification on "events", which sets up a common metadata specification for managing events across PSIA-compatible solutions. Coming out soon is an analytics specification (due out in a spring/summer 2010 timeframe), and sometime this fall, PSIA hopes to have a draft specification out for area control (which would include systems like access control and intrusion detection -- Bulkley's specialty inside PSIA).

"Customers want to pick and choose products," said Bulkley. "Standards are virtually becoming a requirement. I think it will help grow sales in the long term for companies in the industry."

Between the two groups, which really started to develop their strategies in mid-2008, there's a clear sign that standards are gaining steam, and the consensus from the industry (even from manufacturers who might have been labeled as "proprietary" just three years ago) that this is one of the best things which could happen to our industry.

In other news:
Bill might add surveillance to wiretap laws, Pivot3 funding, LOGIIC Consortium, more

A new Senate bill would add "video surveillance" to the nation's wiretap act; this follows the news of a school that was alleged to have been remotely viewing the webcams on student computers. ... Pivot3 has departed Vegas following the ISC West tradeshow, but they continue to rake in the chips, adding $4 million to the company's funding round, which previously stood at $25 million. ... Government officials in charge of federal buildings who have the right clearance should read up on new physical security standards for federal buildings (the standards are for official use only). ... We've heard a lot about cyber crime attacks on the petrochemical (oil & gas) industry, and now the oil and gas industry is fighting back. They've founded the LOGIIC (Linking the Oil and Gas Industry to Improve Cybersecurity) Consortium. ... State regulation of port security in Florida has consultants and corporations scratching their heads trying to figure out what amounts to dual regulation (national and state).