This article originally appeared in the April 2023 issue of Security Business magazine. When sharing, don’t forget to mention Security Business magazine on LinkedIn and @SecBusinessMag on Twitter.
There is one acronym used in the security industry that is almost guaranteed to evoke a response from everyone that hears it, vehemently at times. The acronym is PSIM, short for Physical Security Information Management. In short, the PSIM is a piece of software that is supposed to incorporate data from disparate systems into…wait for the buzzword…a “single pane of glass.”
Almost anyone who has gone down the path of a PSIM loves the idea, but finds that they are expensive to maintain and by nature of the multitude of integrations with other systems; are in a constant state of being broken.
While the idea of the PSIM is great, it is very difficult to attain. It requires, at a minimum, for the PSIM software to be integrated with other software either through the “open” Application Programming Interface (API) which is rarely really open, or the Software Development Kit (SDK). The latter is typically made available at some cost to the PSIM software provider.
The integration is reliant on lockstep communication between companies who have limited reasons to communicate – with software releases, firmware and software patches all releasing at the same time. This never happens. Ultimately, a patch gets released that breaks the PSIM, which is then down two weeks to 6 months rewriting code in an effort to bring their system back online; only to have this happen repeatedly with every other integration.
Some companies have gone the route of creating web-hooks to pull information into their “single pane of glass.” This has some proven success because it does not rely on the API or SDK to integrate. The outcome is favorable if the platform is only pulling data or metadata to do something with it; like view a camera on a screen. It becomes much more difficult when the system needs bi-directional communication to turn the camera or unlock a door.
Overcoming PSIM Obstacles Using Interoperability
There is a new concept that is being used by some forward-thinking technology providers in the security industry – interoperability – which takes a page from the Internet of Things (IoT) to provide this elusive single pane of glass integration.
All IP-connected devices are part of an interconnected ecosystem with the purpose of connecting and exchanging data with other devices and systems across the internet (the IoT). By using IoT’s base communication protocols, there is no need for integration by writing to specific APIs and SDKs.
The advantages are that any technology communicating with the base communication can talk to another technology using this base communication natively, requiring no integration. This is the functional genesis of a truly open platform, not controlled by one company or technology.
Leveraging Standards
The ONVIF standard is one of the first interoperability communications that the security industry can point to; however, it is not the only one. The security industry is seeing more systems becoming interoperable with other systems using communication like RTSP for cameras or even HTTPS communication between networked devices.
BACnet, short for Building Automation and Control Network, is a standard for communicating with HVAC and other non-traditional security technologies.
MQTT is an OASIS standard for messaging between IoT devices, and has become the de facto standard for Industrial IoT devices; replacing Supervisory Control and Data Acquisition (SCADA) applications.
While BACnet has been around since the mid-1980s, MQTT is a relatively new standard. ONVIF, BACnet, and MQTT are all bi-directional – thus allowing constant communication to occur between technologies without the need for integration.
PSIA’s New PKOC Initiative
The Physical Security Interoperability Alliance (PSIA) is on the forefront of Interoperability between multiple access control systems. PSIA is an independent specifications writing body comprised of a global consortium of security manufacturers and system integrators.
In 2013, PSIA introduced the Physical Logical Access Interoperability (PLAI) as an independent standard to provide a way for organizations to transfer and update employee data between the HR systems and any access control system by leveraging the PLAI adapter on all access control systems. The PLAI adapter leverages the LDAP as the base communications protocol to facilitate the interoperability between systems.
In 2021, PSIA started a Secure Credential Interactive work group with the objective of creating a specification for the Public Key Open Credential (PKOC), which defines requirements for an open interoperable specification that can create a secure credential operable on any reader anywhere, as long as the holder has access.
“PKOC is intended to work on Bluetooth Low Energy (BLE) and Near Field Communication (NFC) devices,” explains David Bunzel, Executive Director of PSIA. “PKOC will initially support both iOS and Android devices using Public Key Infrastructure (PKI). PKI becomes the base communication that will make the interoperability function. This increases the security of the credential and removes the need for management of a site key or facility codes on any devices. The outcome of PKOC will be an open platform interoperable with other PKOC-enabled technologies.”
In the above example, there is a PKOC open platform. Making that PKOC-enabled technology also communicate via BACnet, MQTT, or some other base communication protocol seems like a logical next step. If so, the technology ecosystem will become exponentially larger with the potential to work with multiple open platforms all at once.
I would be remiss to not mention potential cybersecurity concerns that an interconnected open platform may bring. It will require due diligence on the part of not only the technology manufacturers, but also the consulting community, systems integrators, and our estranged brethren in the IT field to ensure that these open ecosystems are also protected.
Jon Polly is the Chief Solutions Officer for ProTecht Solutions Partners www.protechtsolutionspartners.com, a security consulting company focused on smart city surveillance. Connect with him on linkedin: www.linkedin.com/in/jonpolly.
