Ways of development of ACS.
Question for discussion
Integration of various security systems (CCTV, OPS, etc.) into ACS is an obvious trend in the Russian market today. How can this be explained and how big is the potential for its development?
Alexey NEGODIN:
— Integration is certainly a popular phenomenon in the Russian security systems market, but I would not say that integration into ACS is an obvious trend. The system that will be chosen as the core for integration is, in the vast majority of cases, determined by the main profile of the activity of the developer of the future integrated security system. Naturally, when creating an integrated system, ACS manufacturers take as a basis an access control system that is close and most understandable to them. Companies whose main activity is the development of fire alarm systems or CCTV do the same.
It is worth noting that due to its specificity and the variety of access algorithms to the facility, the ACS has more complex logical relationships within itself compared to the OPS and CCTV. Therefore, when choosing an ISS for a facility where it is necessary to provide non-standard access algorithms (gateways, «corridors for collectors», access using two cards, etc.), preference should be given to those complex systems where the ACS initially served as the core of integration, or to those in which a professional ACS from a third-party manufacturer is integrated at the software level.
Today, the Russian market offers a fairly large selection of integrated security systems: from software packages that combine equipment from different manufacturers to self-sufficient systems in which all components (both hardware and software) are developed and manufactured under one brand (usually, however, foreign). The development potential of this market, in my opinion, is determined by the ultimate goal of integration — to obtain a single, convenient information workspace (interface), a single interface line and a single database for managing related systems and complexes.
Sergey GORDEEV:
— There has always been a demand for integrated security systems. A modern facility security system is a complex hardware and software system that requires constant information exchange and interaction between various subsystems. It all started with the integration of ACS and fire alarm systems (FAS) at the «dry contact» level. In the last decade, the trend towards integration has been especially noticeable. Often, the customer wants to have an ACS combined with a video surveillance system, payment system, document management, and building engineering systems. The development of this trend was facilitated, first of all, by the emergence of IP technologies, network solutions in the construction of ACS, when individual elements of the system (controllers, interface modules) are connected directly to the local network without using traditional RS-485, RS-232 interfaces.
In my opinion, a modern integrated ACS should have 3 main features: open architecture, survivability, and controllability. Open architecture implies a universal platform (the software core of the system) that controls all processes and the exchange of information between different subsystems. Any new subsystem (module) should be easily integrated into the existing complex and interact with other subsystems. If one of the modules fails for any reason, the entire system remains survivable, and some functions are taken over by another module during troubleshooting. And, of course, the most important property is controllability. No matter how complex the integration, the main link has always been and will be a person. Therefore, the interface should be intuitive, allowing the operator to intervene in the system's actions if necessary and quickly make the right decision. Companies that can offer such solutions will certainly become industry leaders.
Alexey GINTSE:
— Integration of OS systems into ACS has long been not even a trend, but a reality. Today, I think, there is not a single ACS that considers itself sufficiently reputable, in which the functions of ACS and OS are not already integrated at the hardware level. This is easily explained — the correct functioning of any of these subsystems is highly dependent on the other. Indeed, allowing access to a room that is not disarmed is complete nonsense, as well as arming it while there are still people there. This applies to the most rigid type of hardware integration — at the protocol level. There are a lot of real offers of such systems on the market, and many of them are quite old (both foreign and domestic), if we mean the first appearance of hardware integrated ACS and OS.
There is a simpler version of hardware integration: we take the OS output and connect it to the ACS input (or vice versa). In this case, due to the developed and complex logic of modern ACS, it is possible to set reactions in the system at the hardware level, while the ACS and OS themselves do not necessarily have to have a single protocol.
The third type of integration is a single software shell and software drivers for ACS equipment and OS (from different manufacturers). In this case, the list can be continued for a long time, adding to it drivers for CCTV, PS, perimeter security systems, building management systems, etc. In large and powerful integrated security systems today, this is usually done, since the level of functionality and complexity of logic provided by software cannot be compared with what can be achieved using purely hardware methods.
The thought, in fact, can be continued: now we can already talk about the emergence of even more deeply integrated systems, for example, physical security systems and logical access systems (protection of computers and networks). For us, this is still exotic, but they already exist in the world.
Evgeny KIN:
— Integration of various security solutions at various levels has existed, perhaps, since the emergence of the technical security systems market itself. A lot of articles have been written on this topic, and equipment manufacturers and system integrator companies have implemented thousands of integration solutions all over the world. Not much time has passed since the first integrations at the level of dry contact between controllers of various purposes with hard assembler firmware appeared, to today's integration solutions at the level of databases, exchange protocols and embedded software.
In my opinion, ACS, being one of the most information-intensive areas in technical security systems (not in terms of loading communication channels, but in terms of the possibility of creating a complex interconnected information infrastructure), was and is most often taken as the basis for creating some kind of integrating platform for organizing an integrated security system at a facility. After all, to enter a house, you need to, at a minimum, knock on it and receive a response from some kind of access control.
It is not difficult to notice that manufacturers and engineering companies that focus their work on security video surveillance or OPS are not as active in integrating with other security subsystems as companies whose main business is ACS.
I think that this trend will continue in the near future: a steady trend towards moving away from software and hardware integrations of any level to software interactions for organizing the necessary security solutions.
Leonid STASENKO:
— Integration provides obvious advantages, and here it turns out that two plus two is no longer four, but five or even six. That is, the total effect of integration is greater than the sum of the effects, — we get new qualities from the integrated system.
For example, when presenting a card at a checkpoint that does not have access rights, you can initiate recording from a video camera in whose field of view the owner of such a card falls, and then in the report, when selecting access denial events, you can receive a direct link to a video fragment from each such event in order to watch it.
There are many examples of such interaction of integrated subsystems, and the number of options depends only on the system's tasks and the customer's imagination.
Large-scale foreign systems have also long had customizable software integration mechanisms in their composition.
Question for discussion
Technical and technological breakthroughs in ACS, are they possible in the near future? Will they affect hardware or software?
Alexey NEGODIN:
— In my opinion, there are no obvious breakthroughs, neither technical nor technological, — in the development of ACS in the near future. Access control and management systems are not developing as dynamically as, for example, video surveillance systems, but some progress still exists. On the one hand, the hardware is being modernized: IP technologies are being introduced, functionality is being expanded, and productivity is increasing. On the other hand, software shells are being improved: usability is increasing, and integration with related systems is underway.
I would compare a technological breakthrough to overcoming a chasm. You can train for a long time and then jump to the other side at once, or you can gradually, slowly, build a bridge brick by brick. In this case, improving software is like building a bridge, it happens evenly and gives a predictable result. And from the point of view of the resources expended, software refinement is less expensive than upgrading hardware. Therefore, new features in ACS should primarily be expected from software.
Hardware development is more like a leap over an abyss. Due to the complexity of implementing such improvements, they take a long time to prepare for them: accumulate developments, analyze technological capabilities, identify the optimal ones, and only then implement them. In addition, when introducing innovations into the hardware components of the ACS, it is necessary to be able to correctly assess their reliability, which will subsequently determine the fault tolerance of the access system as a whole. Therefore, hardware updates occur less frequently than software, although they are more significant.
Sergey GORDEEV:
— I think that the evolutionary path of development is most probable. If we make a retrospective of the development of ACS over the past 20 years in our country and in the world, we can trace the path of improvement and intellectualization of systems. In hardware — this is the transition from simple single-door systems to powerful industrial controllers capable of storing huge volumes of user and event databases, the emergence of IP technologies. Now, according to some Russian experts, about 30% of installed systems use IP devices. According to Western experts, by 2013 the share of equipment in ACS using the IP interface will be 61%. In software — integration of various systems into a single complex, management of distributed objects, development of modules for recording working time, pass offices, etc.Now, in my opinion, the main attention of both users and developers of ACS is focused on the level of protection of user identification data. There is a migration from simple 125 kHz technologies to smart technologies. It is no secret that a regular radio frequency card can be copied, like a regular mechanical key. Such services are already openly offered. Mifare technology was also «hacked» several years ago. Unfortunately, ACS at a facility is often designed on a residual basis — cheap solutions are laid down based on the budget. Of course, there should be a budget, but saving on facility protection can result in large losses in the future. To increase the level of facility security, two- or three-factor authentication should be used (card + pin code + biometric data).
Alexey GINTSE:
— If we talk about possible technological breakthroughs in the field of hardware, then, in my opinion, the most likely is the emergence of new readers based on a variety of biometric features. The most promising will be remote methods that do not require physical contact. Here we can recall the old story of how proximity technology once replaced magnetic stripe cards. In biometrics, I think, in the end, it will be the same. Electronics are getting cheaper (Moore's law still works), the power of devices and their memory capacity are growing. What seems expensive and exclusive today will become cheaper tomorrow and will be available to a wider range of consumers.
If we talk about software, then this is certainly the future, programs will become smarter, faster and more user-friendly.
Evgeny KIN:
— I am sure that in the future the main product on the ACS market, as well as on the security market in general, will be original software based on the most standardized hardware components. A striking example of such development is the IT industry, from where, in fact, IP technologies came to our market. «Bone systems» with a rigid set of functionality, most of which is unnecessary for the customer and, in fact, imposed, will give way to new solutions on the market. These solutions will be maximally adaptable to the specific tasks of the customer by changing the necessary software functionality of the system with minimal changes to its hardware configuration.
I think that the main technological breakthrough, including one that significantly influenced the TSB market, occurred at the turn of the 21st century, when mass commercial use of modern network technologies based on the TCP/IP protocol began, as well as the increasingly widespread use of distributed intelligence systems. This opened up a whole range of extremely interesting opportunities for security management.
Thanks to the capabilities inherent in network technologies that are widely used today, in particular peer-to-peer communications, it is possible to organize a truly distributed integration of devices. This allows you to save previously made investments in peripheral equipment (readers, cards, actuators), since it becomes possible to integrate almost all available technologies on the market into one common system.
It is no surprise that, due to all these factors, the focus of security management is shifting from hardware to software. The software functionality of the main hardware devices allows modern system vendors to deliver solutions tailored to the customer’s facility. This shift to highly flexible and scalable systems reflects the growing trend away from “bone-and-bone solutions” and also leads to virtually unlimited system architecture.
One of the key features of modern and promising security systems that are currently entering the market is distributed intelligence. In other words, intelligence that is not on the server, but in the system components. By moving the download from the server to the controller, the user not only ensures fast direct communication, but also receives maximum reliability, since the components are no longer dependent on the central server.
Leonid STASENKO:
— Perhaps the word «breakthrough» is not quite appropriate here, as is the word «revolution». For a long time now, the functionality of the ACS has been implementing almost all the requirements of a typical (or average) user, both in terms of hardware functions and software functions. Of course, unique tasks appear constantly, but these are, as a rule, very specific wishes of specific clients, ranging from the color and size of fonts or buttons in the software interface, and ending with some functions that are usually not in demand in everyday life. But even such functions in a good system can be implemented through its fine-tuning and the use of various types of automation mechanisms.
Both the hardware and software of the ACS adapt over time to new operating systems and an increasingly powerful technical base. For example, now there is no point in writing an ACS controller program in a low-level language (in assembler), since the resources of modern microcontrollers have increased by orders of magnitude with unchanged cost. It has become possible not only to write software in high-level languages, but also to implement a user interface in controllers similar to modern mobile phones. However, this is not in demand by the market — a beautiful touch screen is good for a stand-alone controller, but is absolutely not needed for a professional network controller. Although in security alarms using modern technologies, you can make very beautiful keyboards, especially since today a generation has grown up for whom such an interface is the norm of everyday life.
Question for discussion
Related areas of application of ACS (automation of processes related to control and personnel management, etc.): retrospective and prospect.
Alexey NEGODIN:
— Currently, the issue of integrating ACS into HR management systems (HMS) is becoming increasingly relevant. First of all, this is caused by the existing difficulties in the interaction of security services with HR and payroll services.
It goes without saying that the access control and management system is under the control of the organization's security service, while the HR department relies on the HR management system in its work. This means that each of these departments has its own independent employee database. The result is the following: there is one employee, but the «management methods» are different for them. For the HR department, there are no such concepts as time zones, rights and access levels, just as for the security service, there is no timekeeping. In practice, it turns out that in order to control the time worked and calculate wages, HR departments are forced to use data on the arrivals and departures of employees contained in the ACS database, and the security service, in order to organize personnel access to the facility, turns to the HR department for information on newly hired or dismissed employees. Everything is solved quickly and easily in small companies, but the «HR» and «security» departments of large organizations have a need to automate this daily routine. Russian manufacturers of access control systems are willing to meet them halfway.All professional ACS have long ago acquired the ability to keep track of working hours, building a wide variety of administrative reports and unified timesheets, and in the last few years they have been actively acquiring modules for integration with personnel management systems. The improvement of these modules is taking place in the direction of automatic synchronization of ACS and SUP databases. I would like to note that the developers face a difficult task, since each specific organization has its own specifics of personnel records management, determined by its structure and internal regulations.
Sergey GORDEEV:
— Quite quickly after the advent of computerized ACS, data from the access system began to be used for recording working hours by exporting data to the enterprise's personnel management systems. The idea of using one card for various applications (access to premises, to a personal computer, payments in the corporate canteen, payment for services) has existed for a long time. And we know of many facilities where a regular radio frequency proximity card is used in this way. Again, the problem is that only the serial number of the CSN (Card Serial Number) card is used for these purposes, which, as I noted above, is not particularly difficult to copy.
Much has been said recently about a universal electronic card that will replace all social cards and many other documents, such as, for example, compulsory health insurance policies, student cards, public transport tickets and many others. With the help of the card, it will be possible to receive state, regional and commercial services electronically using ATMs, information kiosks, personal computers equipped with a reader, mobile devices.
The closest to ACS is the IT sphere. Logical access covers applications intended for use on personal computers and focused on the network environment, including secure identification and/or login to the PC operating system or network, secure e-mail, data encryption, remote access via VPN.
In recent years, there has been a trend towards the convergence of physical and logical access. This should ultimately lead to users being able to receive a comprehensive solution from one vendor, providing physical and logical access via one card.
Alexey GINTSE:
— In Russia, the allocation of such functions as time & attendance into a separate direction has not taken root, although in the West there are even separate systems specializing in time & attendance and personnel management. Most of the ACS sold in Russia already have these functions by default to a greater or lesser extent.
I think that even now the complexity and depth of the products offered is such that most customers do not use even 50% of what is available (I am not even talking about what will happen). If this continues, the issues of user training will become very acute. Even now, the most reputable companies conduct training seminars not only for installers, but also for customers. And the prospect… Remember the old cartoon: «it seems they counted us»… I think that says it all!
Evgeny KIN:
— Today, in any vertical market, security management decisions depend on a number of factors, including cost versus performance, functionality versus design, and short-term versus long-term investment. New requirements dictate a different type of thinking from decision makers. Security managers are now paying more attention to flexible modular solutions. And instead of paying money for individual products and systems, then investing colossal amounts in their differentiated support, TSB market clients increasingly prefer to invest money in innovative integrated structures. Perhaps the most important thing here is the process of gradual (very slow) change in thinking and a preference for investing not in “rigid”, but in promising and maximally flexible systems.
Leonid STASENKO:
— The gradual merger of ACS with business process automation systems is a natural phenomenon. If we have the ability to control the presence of personnel in a particular territory in ACS, and quite objectively, then it would be a sin not to use this to record working hours. Moreover, a manager can simply receive information about the location of his employees to make some immediate management decisions. And in an integrated system, you can also see at the right moment what a person is doing in a specific territory. In general, control of labor discipline using ACS began to be used more than ten years ago, and now it has simply become a trend. This is evidenced by sales statistics: at least for every two access systems sold, one is sold with a working hours recording module. And this is not counting third-party time and attendance systems, which also often receive information from ACS via integration interfaces.
Prepared by:
Alexey NEGODIN, Head of ACS Department, Alfa-Pribor Research and Production Enterprise OJSC
Sergey GORDEEV, Regional Sales Manager, HID Global (Russia and CIS)
Alexey GINTSE, AAM Systems
Evgeny KIN, Nedap Security
Leonid STASENKO, RELVEST Group of Companies