Smarter Response to Threats

Editor / Provider: a&s International | Updated: 10/13/2010 | Article type: Tech Corner

What makes a physical security information management platform good or bad? Reliability and cost-effectiveness are key issues, as well as an intuitive user interface suited for different operators.

Physical security information management (PSIM) expressly exists for situational awareness. A good platform has the potential to prevent situations from getting worse. In the event of a fire or other life-threatening scenarios, an integrated response may save countless lives.

However, a PSIM solution with a complicated user interface can create problems for operators to navigate and respond quickly, said Alf Chang, Senior Consultant for A&S magazines.

Good PSIM should unite systems into a holistic platform. “PSIM needs to have the ability to seamlessly fetch all data and then translate that in a single, analytical presentation and archival form,” said Bhaskar Ganguly, Global Marketing Director for Critical Infrastructure Protection, Automation and Control Solutions, Honeywell International.

PSIM systems must account for human psychology, especially in crises. “During an incident, it's imperative that the operators get all of the information they need in a way that is easily understood, without being overwhelmed with noncritical data,” Ganguly said.

Any platform for convergence should be simple to operate. “A system that requires less interaction with the operator is normally the best solution,” said Ken Pereira, CEO of OneBerry Technologies. “Automation is the main ingredient that makes or breaks a solid PSIM solution.”

Ease of use is achieved through intuitive features and extensive automated processes. “Workflows f o r ope r a t o r s on one GUI are essential, combined with the flexibility of portable communication integration,” said Stephen Moody, Security Development Manager, ViS Security Solutions. “This allows for incident control and the efficient deployment of operatives on the ground.”

A good solution should meet user needs and apply the most simple and efficient architecture, said Daniel Kok, Business Development Manager for ADC Technologies International. Conversely, a bad solution would include too many components from multiple vendors, which system integrators have no control over.

System Stability
A good PSIM platform should keep running, even if one of its subsystems goes down. “There have been a number of instances when a certain module or component did not meet the requirements of the project during actual usage,” Pereira said. “And when this particular module failed, the whole system was affected. It is advised that clients should go with a complete system that has been extensively tested. The key to a reliable system is decentralization.”

A modular approach can prevent installations from coming to a grinding halt, such as offline operation of building and security systems at certain times, Chang said.

Good networking practices can keep systems from crashing. “While system availability can never be 100-percent guaranteed, the risk of failure can be significantly reduced by incorporating standard IT redundancy and failover architectures,” said Brandon Arcement, Manager of Global Security Technology, Building Efficiency, Johnson Controls.

Along with network redundancy, users can use secondary verification techniques. “For example, an alarm can be validated through secondary sensing like video or access details,” Ganguly said. “In cases when a particular subsystem fails, there is always another sensing point available to the user.”

Customized Solutions
PSIM offers powerful functions, which are not required by every user. Providers need to design customizable but flexible solutions that are tailored to users or applications. A network infrastructure capable of supporting communications across a wide range of verticals would be optimum, said John Moss, CEO of S2 Security.

Computer Network Limited (CNL) uses template modules for specific vertical markets, enabling flexibility and reduced cost. “The advantage of this is the end user only pays for what they want,” said Matthew Kushner, President of the Americas for CNL. “If they need additional functionality in the future, they just need to add modules.”

Modules or business logic templates save administrators time. “These templates repurpose common actions and responses, and are also fully customizable,” said Larry Lien, VP of Product Management, Proximex. “Administrators and integrators can reuse these standard templates or create their own as necessary.”

As there are currently no PSIM standards, some providers make connectors for specific interfaces so systems can communicate. “As we build these connectors, they become part of a library of capability that is part of the commercial-off-the-shelf products,” said Bob Scott, Executive Director of Security Solutions Strategy for Intergraph.

Customers often bring their experience with hardware-based systems, which are notorious for underachieving. “With theses of tware-based systems , we encourage people not to overspecify the system since this can result in unnecessary costs,” said Kevin Daly, CEO of Maxxess Systems. “Once they understand how the system works, they can change it with little or no penalty. With software, you're better off undershooting requirements, getting used to the system and then getting additional functionality.”

Site-specific solutions are best addressed with flexible programming options, said Anand Mecheri, CMO of Siemens Building Technologies. “A rule engine is essential, to avoid proprietary customizations that become very hard to support over the life cycle of the solution.”

A set of rules and workflows can be programmed for one customer and sold to another user with similar needs. However, the client can claim exclusive rights to the solution, said Holger Maier, Product Manager for Building Integration System, Bosch Security Systems.

Multiple Stakeholders
PSIM platforms will be used by administrators and guards, who have unique needs. Authorization levels will also differ for sites with several stakeholders, such as airports with customs officials and law enforcement.

One system may be deployed, but use different GUIs. “You have to enable many protocol transfers in the system,” Chang said.

Administration and access rights are normally based on a hierarchical system, depending on the user's job function and needs, Ganguly said. A good system allows management

to assign authorization to individual users . “The system must be dynamic to the extent of being able to customize access rights for each operator, specifying what can be viewed and controlled, depending on the level of security privileges,” Pereira said. “This feature will allow management to determine the scope of responsibility and monitor the performance of each operator.”

Between Old and New
As PSIM must suit each project's needs, it requires careful planning and implementation. Most PSIM deployments are at new sites, as it is easier to put PSIM into a new site with nothing there, compared to a building with legacy systems. “If the owner wanted to substitute the original system with our system, this is in general more time-consuming,” Maier said.

Newer sites can select best-ofbreed products, making PSIM easier to integrate, Moss said. However, the cost of switching out subsystems may be prohibitive. The existing cable infrastructure, such as analog video lines, can limit upgrades as well.

Greenfield projects can include security in the planning phase. “All aspects concerning data management and integration among different devices must be discussed in detail to ensure that the security requirements are met,” Pereira said. “Locations of the different security devices like cameras and access controls must be part of the structural and electrical plans of new buildings.”

However, increasingly older buildings go through refurbishment for integration, Kok said. Arcement agreed, saying, “In fact, PSIM is often most valuable in facilities and organizations where an owner wants to leverage existing investment in disparate building and security technologies while still enhancing security operations through system integration.”

Regardless of whether the project is old or new, users will deal with stand-alone systems. “In today's world, it's all about sharing better information among systems and providing security operators and related stakeholders with an improved means of collaboration,” Lien said. “PSIM solutions bridge the gap between different technologies, improve processes, enhance security and save costs.”

Price Considerations The powerful performance of PSIM requires an initial investment, on top of existing equipment and subsystems. Most providers sell in modular packages, depending on the number of systems, features and licenses. Maintenance is usually charged separately.

Bosch sells by license, with several options. “The more doors, detectors, cardholders and cameras, the more the end customer pays,” Maier said. “With additional or customized features, you pay an additional price for it. And for the years after the warranty period, customized service maintenance agreements and service level agreements can be purchased to keep the system up and running for years.”

Pricing factors involved include systems, devices and how many manufacturers there are to support. Some installations could have three different ACS vendors, requiring additional integration. “This is largely dependent on the type of customer, as PSIM deployments vary a great deal, so different pricing structures are in place to suit different verticals,” Kushner said.

Going with one PSIM vendor can be cost-effective. “Normally, if the system requires more components to be integrated and the purchase is made under one contract, the cost savings may range from 10 to 30 percent, depending on the size of the project,” Pereira said.

Recurring support needs to be budgeted for. “We do have software support, with access to the help desk, updates and training, at an annual fee of 10 to 15 percent of software cost,” Daly said.

Intergraph combines licenses, maintenance and training in its pricing. “Our software is sold via a perpetual license fee — one time charge for licensed software, which is typically server-side and client-side software modules — with annual maintenance along with implementation services to configure, integrate, train and commission the system,” Scott said.

Users can decide what payment plans fit their needs. “Life cycle cost is always an important consideration when evaluating the purchase of a technology,” Arcement said. “As such, it's important that end users communicate which payment schemes and licensing structures work best for their organizations during the design process.”

Training Operators
PSIM is not plug-and-play and requires training to become familiar with its features. Training for operators can take two days up to two weeks, depending on the platform's complexity.

The system's complexity depends on the site's scale. “To get operators familiarized with the operational aspect of the entire system would depend on an individual's approach,” Kok said. “On the whole, we believe it will offer significant operational cost savings to the organization.”

While PSIM offers increased functionality, it should be straightforward to operate. “The interface and workflow of the platform should provide an intuitive user experience when designed and commissioned properly,” Arcement said. “It helps to have operators who are comfortable with a mouse and keyboard, but they certainly don't have to be programmers to be effective in the control room.”

Evaluation Criteria
PSIM providers usually look for experienced partners and integrators that are familiar with both electronic security and networking. “It is key to have long-term, stable partners when it comes to deployment of high-level, integrated solutions such as PSIM,” Mecheri said.

CNL's criteria include how long the company has been in business, average deal size and how many employees have relevant certifications, such as Microsoft and Cisco, Kushner said.

Maxxess offers training to partners but does not request third-party certifications from them. However, it can be helpful in some situations. “Networking issues are very significant, both in how they affect the performance of our system and how it integrates with other systems,” Daly said.

The integrator should also have a close relationship with the owner and understand the organization's business operations and security processes, Arcement said.

Along with networking skills, installers or integrators should have experience with the connected subsystems. “Many years ago, it was getting wires in a wall, then getting wires to the controller and some keystrokes. Today, this is the easiest part,” Maier said. “The challenging part is to design the optimal system and subsequently to program the functionality according to the customer's organization and requirements.”

System integrators should also evaluate PSIM providers. Irish integrator ViS Security Solutions partnered with Proximex after analyzing its system architecture, flexibility, cost and unique approach. “Proximex has taken significant steps in the U.K. and European region, which provides commitment and quality reassurance,” Moody said.

“We have also found the Proximex team to be proactive and contribute significantly to client requirements and system designs.”

Legacy Challenges
PSIM is undergoing growing pains, ranging from bringing systems together, keeping data manageable and planning for tomorrow. These challenges require time and effort.

Hybrid systems are a hallmark of PSIM for sites with existing equipment. “In an upgrade project, challenges tend to focus around the compatibility of integrating new technology with legacy systems,” Ganguly said.

Older systems can be thorny. “An end user asked CNL to integrate a system which does not have open SDKs or APIs. The manufacturer had developed its product in complete isolation of IT standards, to the point of anti-Microsoft,” Kushner said. “We managed to work around it, but it's the lack of standards that is the biggest challenge we are dealing with.”

A dearth of standards means interoperability is still a long way off.

“The challenges relate to evolving standards, evolving concepts of operations that support the use of integrated technology like PSIM, and the fact this is still an early market, so we are dealing with innovators and early adopters,” Scott said.

Human Touch
A PSIM platform may have countless slick functions, but still must be accessible to humans. Having the highest specifications will do no good if the interface is too overwhelming for practical use. “The challenge for Bosch is to bring a solution that connects to any subsystem and that can be customized to any user's needs, but can still be handled by our certified VARs and integrators,” Maier said.

As projects get bigger, the scope of PSIM becomes more complex. “The big challenge going forward is efficient use of people,” Daly said. “Organizations now are more distributed. It's not just one building or campus, but 40 to 50 sites being centrally managed, often with at least some information sent back to a central point. What you do locally and centrally can be a critical design consideration for these systems.”

It is important for machines to do what they do best — crunch data from multiple sources — while human operators decide on the most appropriate response. This frees up operators from tedious tasks and helps them work smarter.

Future-Proofing
Growth can be difficult to plan for in large projects. “A technical challenge facing PSIM vendors is enterprise scalability,” Kushner said. “Some systems have been designed without enterprise-level scalability in mind, and trying to add this capability is proving very difficult for some companies in the marketplace.”

The future is murky at best, throwing off the best-laid plans. “In a greenfield system, the challenge is to accurately predict and define customer requirements at an earlier stage,” Ganguly said.

A more abstract problem is proving futuristic PSIM systems are real solutions already in use. “Unfortunately, integration is something which has been put in front of end users many times before, and their expectations have been high, only to find very limited integrations,” Kushner said. “Thankfully, PSIM is changing this, and more end users understand that they can build systems that give them exactly what they want.”

Regardless of how the future pans out, integration will be the wave of the future. PSIM harnesses existing technology and networking capabilities, enabling better use of data in a timely fashion. With increased automation of tasks, security operators can see more and respond faster to threats.

Piecing Together the PSIM Puzzle

Editor / Provider: a&s International | Updated: 10/12/2010 | Article type: Tech Corner

Physical security information management (PSIM) promises to make life easier for security operators. Instead of managing systems separately, PSIM provides a converged platform, bringing the most relevant information to the fore while advising the best course of action. Operators can piece together the whole picture from many disparate systems. In the event of a fire, smoke detectors can sense the fire, cameras can offer video verification and the PSIM can list response measures for the operator to take. An integrated platform maximizes existing investments, combining multiple systems into one seamless interface. However, each provider has its own way of bringing multiple inputs into a cohesive whole, resulting in varying definitions of what true PSIM is.

Physical security information management (PSIM) is one of the hottest buzzwords in the industry. Sometimes referred to as “situational awareness” or “command and control,” more viable solutions show that convergence is now a real-life trend.

The benefits are clear for holistic management. Instead of tracking access control on one workstation, video on another and intrusion on a third machine, operators can have a bird's-eye view of all systems through PSIM. “Technologies such as video analytics and PSIM help automate video monitoring, filter out irrelevant information, and provide operators and guard forces with the data they need to make more intelligent decisions — typically referred to as ‘actionable data' in the language of IT; ‘situational knowledge' in the language of public safety; and ‘total domain awareness' in the language of homeland security,” said Aberdeen Group in a March 2010 study on video surveillance.

All the flowery terms mean one thing: Bringing the most important information to the operator 's attention. Instead of trying to watch 100 video feeds, control room staff can manage their time better and respond to issues faster. “With the same number of full-time equivalent staff , the topper formers in Aberdeen's study are able to support 3.3-times more cameras and 21-times more alerts requiring evaluation and action by guards or operators,” Aberdeen Group said.

PSIM does not replace human operators, but helps them make sense of multiple inputs more efficiently. “For example, an operator monitoring an unidentified object in the airport can simultaneously view pictures from multiple cameras, access video archives to trace the sequence of events leading to the placement of object and path it has taken, monitor the chemical identity signal from a robot explosive detector, and evaluate evacuation procedures from a crisis management tool,” said Bhaskar Ganguly, Global Marketing Director for Critical Infrastructure Protection, Automation and Control Solutions, Honeywell International.

PSIM, VMS, ACS
Management software such as VMS or access control software (ACS) keeps tabs on individual devices in a system, sometimes even integrating inputs from other subsystems like intrusion. However, such management platforms cannot integrate all — including elevators, climate control and lighting — and usually are proprietary. True PSIM is vendor-agnostic and should give operators a clear set of steps to follow, depending on what sort of emergency is taking place.

No universal definition exists for PSIM. “There are many unique features which clearly set a PSIM platform apart; most of which have been customer-driven to answer real business challenges and provide bottom line value,” said Matthew Kushner, President of the Americas for Computer Network Limited (CNL). “It's surprising how far some VMS and ACS companies are willing to stretch the description so as to add ‘PSIM' to their product labels.”

A converged management platform needs to do more than pull in feeds of alarm data, video images and card usage. “A true PSIM solution provides a much higher level of integration, providing a bidirectional interface with an auditable database management system,” Kushner said. “This level of integration is the only way to provide local sites with complete command and control, regional managers with overall situational awareness and senior management a dashboard view of how a security situation could impact their business's bottom line.”

System-specific management software has limited functionality. “There are many VMS and ACS platforms that offer integrated solutions in a box,” said Brandon Arcement, Manager of Global Security Technology, Building Efficiency, Johnson Controls. “They typically don't have the flexibility of a PSIM software, as engineers are frequently focused on priorities other than just third-party integrations, and they are somewhat constrained by the application and control logic code at the base of their software.”

As ACS and VMS address specific system needs, they are less complex compared to PSIM. “With an open PSIM, you can include almost everything,” said Holger Maier, Product Manager for Building Integration System, Bosch Security Systems. “On the other hand, some ACS solutions integrate just video and intrusion, but are much easier to install for VARs and system integrators.”

Genuine PSIM solutions correlate relevant data from more security systems better than any other type of software. “Because PSIM solutions are built to support a variety of systems and technologies, the operator display and flow of information deliver a much more holistic view of the environment,” said Larry Lien, VP of Product Management, Proximex. “It's not focused on just video or alarm information, but connects and correlates information from many various sensors and systems to give operators the most relevant data in order to respond better to incidents.”

System Integration
There are a number of ways to integrate systems into PSIM. Some PSIM providers team up with hardware manufacturers to support their solutions, while others work exclusively with software companies. This results in different degrees of integration in the final management platform.

There are three ways to integrate systems for PSIM. First, there is hardwired integration, Arcement said. Then there is standard protocol integration, involving protocols such as BACnet, Modbus, Lon or OPC.

A standardized OPC client in the PSIM communicates with any OPC server, making integration simple. “The subsystem can deliver any data from the connected detectors and cameras, so the PSIM can process and display this information,” Maier said. “On the other side, the PSIM can be programmed to control the many different connected subsystems from one common customized user interface.”

Finally, systems can be integrated with APIs or SDKs from the manufacturer, which is the most robust integration. “APIs expose more information than a standards document can and thus allow a developer to support more functionality in the integration,” Arcement said. “One drawback is that these integrations take time to schedule and develop, and they often need significant maintenance when subsystem versions change.”

The software approach usually pays off better than spending effort integrating with hardware. “The real play here is the integration of event information and controls; therefore, software integration is usually the way to go,” said John Moss, CEO of S2 Security.

SDKs enable system integrators and installers to create different user interfaces, such as for VMS, said Alf Chang, Senior Consultant for A&S magazines and a former installer. Most sensors are covered by standard protocols, so a Wiegand card reader will integrate with nearly all platforms.

However, the maintenance of multiple systems is complex. “If you try too much to optimize each piece of the system, the system can become quite fragile,” said Kevin Daly, CEO of Maxxess Systems. “Often, a looser integration does not bring with it as significant a penalty as you might think, since it can provide you with more flexibility if the system components change.”

Making New Friends
Integrating third-party software is not hard technically, but the manufacturer may not want to reveal all of its secrets. Thus, the PSIM software may be able to display the proprietary software, but cannot run all features natively, such as built-in analytics.

Integration with third-party systems is straightforward if the subsystems support industry standards. “ONVIF is a great example for such integration and will enable integration of not only network cameras but also serverbased analytics engines and access control going forward,” said Anand Mecheri, CMO of Siemens Building Technologies.

The PSIM platform's integration is as deep as system manufacturers provide through their SDKs and APIs. “The biggest obstacle is typically a multitude of different systems which give acceptable service at the local level, but due to the intentional proprietary nature of these systems, it's almost impossible to bring all of these systems together into a single system,” Kushner said. “Most security equipment manufacturers have made interoperability through a common GUI almost impossible.”

At a recent project, the user wanted to use Agent Vi analytics on Milestone Systems' and Cisco Systems' respective VMS systems. However, each system displayed the analytics so differently that additional manipulations were required for uniform operator response, Kushner said.

It is reasonable to expect most day-to-day functionality to be available in the PSIM, but usually not all features are transferred, Arcement said. It could be that the protocol or method of integration did not allow certain types of information to be transferred; the subsystem manufacturer chose not to expose that functionality through the shared API or the PSIM developer chose not to support a certain portion of the SDK.

Intergraph emphasizes emergency response, so only the most essential functions are integrated for operational needs. “Not everything needs to be integrated right away, if ever,” said Bob Scott, Executive Director of Security Solutions Strategy for Intergraph. “Our goal is to provide our customers with value by increasing their operational capability though integration and by providing a platform or framework that can grow and evolve with their needs.”

Real-World Technology
PSIM delivers real benefits, but is not for everyone. A small installation with four cameras does not require a command-and-control platform to manage an overwhelming number of inputs. In general, large projects facing higher risk, such as airports, nuclear power plants and hospitals, are more likely to benefit from using PSIM.

As construction has slowed down, has demand for PSIM gone down? Some experts believe so. “I expect the number of PSIM installations has been lower recently,” Chang said. “Most commercial high-rise buildings can use their own surveillance management software as an alternative to PSIM, at least for physical security installers.”

ADC, a subsidiary of Robert Bosch, thinks differently. “In Singapore's context, we've been seeing increasing prospects and tenders based on seamless integration,” said Daniel Ko k , Bus ine s s Deve l opment Manager for ADC Technologies International. “IT infrastructure serves as the backbone for communications of virtually all electronicsbased systems. As technology advances and is able to cater to a wider bandwidth at faster speed and reasonable cost, security products will naturally follow in tandem and leverage on the backbone.”

Other market players have also observed growth for PSIM. “We've seen the mature markets like North America and Europe use PSIM more frequently in existing facilities, while emerging markets like Asia and the Middle East have requested PSIM more frequently for greenfield construction projects,” Arcement said.

More users facing high risks have adopted PSIM. “These tend to be companies who are geographically dispersed or concerned with business continuity,” Ganguly said. “If the customer is building a new facility that he sees as being high security risk, he would likely invest in the latest technology to mitigate the risk he sees in a possible breach.”

PSIM is sometimes installed for efficient business management. “In some cases, customers have already built their primary security infrastructure and now want to use the available information productively and intelligently to earn returns,” Ganguly said. “This is possible only when a PSIM system is installed and used in day-to-day operations.”

The number of PSIM projects has increased significantly, particularly for existing buildings with disparate security and building subsystems that need to be incorporated into a new or additional installation, said Stephen Moody, Security Development Manager, ViS Security Solutions. Integrating multiple subsystems, however, requires significant resources and can face roadblocks for third-party equipment. In the next article, we examine what makes a PSIM solution good, along with cost considerations and challenges.

The Evolution of Video Surveillance

Editor / Provider: Submitted by Johnson Controls | Updated: 7/20/2010 | Article type: Tech Corner

Video has come to an intersection where analog, IP and hybrid systems' capabilities meet, as explored by Alan Randy Matchett, Security Project Development Engineer III, Building Efficiency, Johnson Controls.

As the surveillance industry transitions and many end users migrate towards an IP-based platform, some security directors with existing analog systems are facing a dilemma. There are legitimate questions that need to be addressed regarding the design, upgrade and installation of an analog, IP or hybrid surveillance system.
● Does the existing network have the bandwidth to support upgrades?
● Can we integrate products from multiple vendors?
● Do I need a DVR or NVR? What's the difference?
● What other regulatory standards or protocols need to be considered?

Step one: Assess your camera and network capabilities
Before any investments are made or vendor contracts are signed, assess your analog system capabilities against your organization's security and surveillance needs. Are the video recording devices, matrix switches and viewing hardware systems able to meet security objectives?

What you don't want to do is embark on extensive equipment replacements without considering the building's cabling, network and power supply. For example, analog cameras may be easily replaced with new versions while network cameras could require a deep dive into the structure's cabling design.

Make sure that you have a network that can handle your security system's needs. It is paramount that you work closely with your IT department to determine if the existing network will be used or if your system requires a new network. Failure
to consider these capabilities could result in a security malfunction. For example, an e-mail virus could plague the network.

Ideally, the security system should run on a dedicated, independent network that is layered with redundancies and operates outside of the regular business network.

Step two: Identify the appropriate head end
There are a variety of recording choices available on the market depending on your organization's size, protocol and monitoring needs. While DVRs are more
cost-effective for buildings with fewer cameras, both DVRs and NVRs can reside on a network and both recognize analog or network camera signals.

The system differences become more important when you consider recording, monitoring and video management needs. An NVR has more robust features, leveraging the network to record and archive video data. You are also protected against equipment failures through intuitive e-mail alert capabilities and the system
is future-ready and expandable.

If your organization requires more than 100 cameras, a larger PC-based system offers higher storage levels and real-time video management features, ideal for buildings with one or more live command-and-control operations centers.

Step three: Defining your video management solution
During the earlier assessment of your organization's security needs, you should have outlined your needs for video management. These considerations may impact
your needs for analog versus IP. The priority level may be defined as one of the following:
● Basic postevent playback and review: This function enables the end user to find or confirm an event that has happened in the past. In this scenario, the data is saved or exported for later use. Analog, IP and hybrid system designs should offer this capability.

● Intuitive, real-time video solutions: This function recognizes a live event and provides real-time and recorded data. Through integrated technologies, the video system can trigger predefined actions from a variety of systems, including access control. All system designs, including analog, IP and hybrid, can meet this demand.

● True integration of video surveillance with the building automation system (BAS): This solution expands past the surveillance and includes event management. The system is designed for end users with extensive security needs, including the protection of people, property and assets during live events. All building and business systems, including access control, fire, HVAC, lighting, human resources and others integrate together on a single IP network, through advanced sets of actions or real-time command-and-control dashboards.

Key considerations for surveillance system designs
If your existing system requires an update based on this assessment exercise, it is vital to plan for expandability and future upgrades. Your solution also needs to be vendor-neutral. For example, you want flexible head ends that recognize analog and IP signals. And most importantly, you need a network that is capable of meeting your camera and video management needs, both now and in the future. If you have not already engaged in discussions with your IT department, do so.

And if you have not considered a technology partner with full BAS integration expertise, you may be setting yourself up for future retrofits or unexpected costs. Even if your organization does not require a fully intuitive system now, your needs over the next 10 years must be forecasted, or at the very least, coordinated into a scalable surveillance system design.

Complete Storage Options Safeguard Video Footage

Editor / Provider: a&s International | Updated: 6/10/2010 | Article type: Tech Corner

The expansion of megapixel and HD cameras in the market requires extra storage. But where do DVRs and NVRs back up data? Attached storage devices are the answer, freeing up recorder space while keeping footage indefinitely.


Megapixel and HD cameras are at the forefront of security trends. Compared to SD cameras, they create larger files that cannot be absorbed by current storage devices. These cameras are mostly implemented in sensitive areas, such as airports. Government The expansion of megapixel and HD cameras in the market requires extra storage. But where do DVRs and NVRs back up data? Attached storage devices are the answer, freeing up recorder space while keeping footage indefinitely. Laws often mandate related video to be stored for a period of one to six months for security and evidence purposes.


Storage devices such as DVRs or NVRs cannot store footage indefinitely, due to limited capacity. Onboard drives are routinely wiped to free up memory, which may be before the device has stored one to six months of footage. To get the data off the device and comply with mandates, extended storage devices serve as backup memory.


There are many storage options available, and it is difficult to determine which type of extended storage is needed without considering the project. "Attention should be given to the three main attributes of networked storage — scalability, availability and manageability — and an assessment made as to how important each is to the project's overall goals," said Clifford Cox, Product Manager of Digital Video Systems, UTC Fire & Security. "Performance, cost and operation are the three key challenges that must then be managed."


The amount of storage needed shifts based on the camera and video compression used. "The typical amount of storage required per camera is high. The amount of storage varies depending on the resolution of the camera, data compression used, frame rate, hours of camera use, percentage of motion detected and the number of required storage days. You can range from 50 to 270 gigabytes per camera depending on the resolution, compression, bit rate and so on," said Bob Mesnik, President of Kintronics.


The longer data is stored, the more storage is needed. This is because all incoming data is kept instead of being overwritten. "A bank with sixteen 1.3-megapixel cameras using H.264 compression would take up 180 terabytes, if the data is stored for half a year," said Andrew Yu, Product Manager of Surveillance Business Division, QNAP Systems.


For the convenience of buyers, many companies supply online calculators to help specify their storage needs. For smaller files, a USB drive can be sufficient for storing data. With larger files, a network-attached storage (NAS) or storage area network (SAN) device will be required.


Storage Media
USB and Optical Disks
USB drives and DVDs are convenient for storing data, since saving data for extended periods of time is often costly and unnecessary, unless required by law. When the DVR or NVR reaches its storage capacity, data can be transferred to USB drives or optical storage. "A blank USB drive can be inserted into the NVR to retrieve the data for storage," Yu said. Then, it is simply tucked away in storage until the data can be discarded. This option is the simplest and most budget-friendly for many users, who do not need to set up a storage network or have smaller budgets.


DAS
Currently, the most common extended storage media is direct attached storage (DAS). "Most DVRs and NVRs are designed to use DAS, but these devices lack the ability for the high performance data transmission necessary for networked storage," Cox said. They are, however, cheaper, and compatible with most existing DVRs and NVRs.


The DAS is linked to a single DVR or NVR, without a network in between. "Disks are directly attached to the motherboard, and through that, to the CPUs in the system," said Jeff Whitney, VP of Marketing, Intransa. "It is the simplest of storage infrastructures, but is limited in capacity, performance and reliability."


When many cameras are used or image files are bigger, more DVRs, NVRs and DAS devices are needed. This could increase long-term costs, as well as increase the physical space needed for the equipment. "Small deployments with low storage requirements traditionally utilize DAS, while larger deployments may leverage DAS in a mixed storage environment that likely includes NAS and/or SAN," said Steven Kappel, GM of Security and Fire for the Mid-Atlantic Region, Johnson Controls.


DAS is recommended for smaller installations. "External DAS is best used when the capacity requirements are well known, will not expand over time and where the performance requirements are fixed," said Lee Caswell, founder and CMO of Pivot3.


JBOD and RAID 0
Another affordable option for extended storage can be found in JBOD. "JBOD is an acronym for 'just a bunch of disks,' and is typically used today as low-cost storage that can be plugged into a DVR or a video appliance solution," Whitney said.


A redundant array of independent disks (RAID) at level 0 is similar to
JBOD, but it uses a different method for storing data to a system. With JBOD, the data is filed in order, from one disk to the next when a disk reaches full capacity. The RAID 0, however, saves all incoming data randomly onto a minimum of two disks at the same time, which increases performance significantly. They can both be used independently or within a NAS or a SAN system.


NAS
Files can be stored and shared on existing network infrastructure using a NAS unit, said Trenton Baker, Marketing Manager at Aberdeen. They are more affordable and sufficient for mid-range projects. Unlike conventional servers, NAS storage uses performance-optimized components, such as faster RAID controllers and hard drives.


Network storage enables more users to access data. "Local files are managed by the NAS device, which has its own IP address accessible to other IP devices on the local area network (LAN)," said David Burks, Director of Global Marketing, Desktop, Consumer Electronics and Video Surveillance Markets, Seagate Technology.


Thus, it is convenient for users to back up data from an NVR to a remote NAS, Yu said.


Sharing security image files is rare and having a NAS unit does not mean it is used for data sharing alone. "A NAS with iSCSI service can be partly dedicated to file sharing and also remotely store data at the same time," said Jerome Jaussaud, Product Manager, Product Management Department, Sales and Marketing, QNAP Systems.


NAS offers advantages for surveillance applications. "The file system on the NAS platform is easier to support a hybrid storage case, where some storage occurs locally on self-contained NVR and DVRs, and extended storage is sent to a specific file on the NAS," Caswell said. "But there is a performance tradeoff because it is much more complex to share and send file-based data versus the raw blocks on the SAN."


However, the file-based nature of NAS systems make them problematic for high density and high bandwidth video storage, Cox said. This requires careful attention to the server and the network loads when considering NAS.


NAS is less suited for large projects with many megapixel or HD cameras. "As a result, NAS products are often used in more lightly loaded distributed environments," said Caswell.


SAN
A SAN is most suited for storing large image files from megapixel and HD cameras. A NAS system focuses on file sharing and simply storing data, whereas the SAN focus on high performance. "SAN management is typically complex and requires specialized training and software," Burks said. "Data is transferred at the disk block level instead of the file level."


Blocks are the native IP protocol for transporting video data. "In terms of streaming video, SANs are an ideal selection, which does not interject an additional operating system like NAS does," Whitney said.


Unlike the NAS, the SAN can store images remotely. "SAN systems are networks of storage devices that could include servers and digital tape libraries that may be remotely located, but can be accessed as if they are locally attached," said Mark Wilson, VP of Marketing, Infinova.


Additional SAN units can be added as storage needs increase, which makes expansion easy. "It is not easy to predict how much data is generated by individual cameras since bit rates are dependent on assumptions on how much motion will be detected," Caswell said. "The amount of motion can dramatically affect the amount of data needs and what the configuration should be."


Two common transmission protocols are iSCSI for IP SAN and fiber channel for fiber channel SAN. "Fiber channel SAN is more reliable and can be used to build a larger and more flexible storage network, but include proprietary fiber channel host bus adapters," Baker said. "Switch and channel requirements make it an expensive option."


Despite the price, some applications require speedy high-performance video, particularly large corporations and government projects. "The file transfer speed per 8-gigabyte fiber channel port is around 600 gigabyte per second," Baker said. "It is seven to 12 times faster compared to the NAS, and around six times faster than a 1-gigabyte iSCSI SAN connection." However, expanding fiber channel projects can raise costs significantly.


IP SAN connects through a wireless network or Ethernet channels. "All SANs before were connected via fiber channel, which can be expensive, but now, there is IP SAN which is more affordable," Jaussaud said.


Compared to fiber channel SAN, IP SAN can be implemented on a smaller budget. "Most of the storage related features can be achieved using IP SAN on the existing network infrastructure, cabling and hardware in a more limited distance," Baker said. The only downside to using IP SAN is that extended distances can affect data transmission for storage.


The distance from the NVR to a SAN system can be much greater compared to DAS or NAS systems. This is useful for installations with multiple sites.


RAID 5 and RAID 6
System failures can mean losing critical data. "Storage failures are almost always minimized by the use of RAID, in conjunction with the hot-swap capability of individual storage devices," said Craig Howie, Commercial Director of Visimetrics. "Other forms of data monitoring and integrity include status monitoring of individual storage devices for read errors, over temperature or RAID volume status."


Redundancy is achieved using RAID. "RAID aims at storage reliability and input/output performance," Wilson said. The RAID level depends on the number of hard drives required and their capacity for storage, minus a hard drive used to store parity data.


Common RAID levels for surveillance are RAID 5 and RAID 6, which strip data across multiple hard drives for automated backup and redundancy. "If a drive in a RAID system fails, the content can be rebuilt from the other drives in the RAID system," Burk said.


A RAID unit is capable of protecting up to 100 drives. "RAID 5 is commonly used in storage systems of two to 80 terabytes for recording video," Whitney said. "The system can keep running during the rebuilding process, which is important for nonstop video surveillance environments."


As soon a hard drive fails, a notification is sent and sufficient time is provided for a new hard drive to be inserted. RAID 6 works in the same way, except with two sets of parity data to accommodate two hard drive failures. This increases the minimum number of hard drives needed. RAID 5 requires a minimum of three drives, while RAID 6 requires four. Only units with three or more hard drives are capable of sparing one for parity data, which means RAID 0 and JBOD devices are not protected against data loss.


Aside from providing redundancy, data is stored faster, since it is distributed and written on separate drives simultaneously. "Increased speed of data storage is important because data could constantly be transferred from the NVR to the RAID unit when large image files are constantly streaming in," Mesnik said.


Mirroring
Mirroring is when a spare hard drive is used for a backup copy as opposed to many, like in a RAID device. "Because mirroring uses a single hard drive for backup, it can be slower in comparison," Wilson said.


RAID 1 mirroring is when the same data file is being written on two different hard drives in real time, but it is not sufficient for data protection. "It is not as popular anymore, and can mostly be found in 30 percent of higher-quality NVRs, as opposed to extended storage devices," said Jack Yang, Senior Manager, Product Planning and Marketing, Promise Technology.


Hard Drives
Hard drives are categorized into fiber channel, SCSI, SATA and SAS. Fiber channel and SCSI hard drives are used for enterprise purposes, which makes them expensive. "Fiber channel and SCSI hard drives are also out of date, even though they cost twice as much as a SATA drive. They have better drive performance speeds at 15,000 rpm, but it is too much for surveillance and their capacity is too small," Yang said. "SAS may have higher performance and dual paths for redundancy, but it becomes too expensive to be used in surveillance, which is why SATA drives are the best choice."


SATA drives are categorized by different levels of quality, with enterprise SATA drives considered to be most favorable. "AV and surveillance SATA drives are used for DVRs and NVRs as internal disks, so vibration is not too much of an issue," Yang said. "But when used in a RAID device, it lacks vibration correction and the failure rate is high, which means maintenance and replacement costs are high."


Specifying different hard drives is important because storage devices do not support all drives. Most devices support SATA and SAS drives, but some can only support SATA drives. Hard drive requirements needed to prevent selecting incompatible storage devices should be seriously considered.

Power Plants Consider Management Platforms

Editor / Provider: By the Editorial Team | Updated: 3/18/2010 | Article type: Infrastructure

With outdated systems come difficulties replacing, expanding and integrating. Putting all subsystems together under one management platform requires SDKs and direct manufacturer support. The migration to IP-based systems requires security managers at power plants to understand IP's benefits.


As plant buildings become increasingly complex and differ in many ways — use, size, operating hours or changing occupancy requirements, and environmental conditions — building automation systems become useful to integrate open protocol devices into a single system, said experts from Siemens Building Technologies in a prepared statement.


Migration can occur in phases. In the first phase, security managers might request certificates and proof-of-quality documentation before purchasing digital storage equipment, said Aluisio Figueiredo, COO of Intelligent Security Systems. For surveillance systems, analog storage equipment is replaced with DVRs. The next phase will see additions of network cameras for increased coverage.


"For the most part, traditional security is housed on independent networks, and power plants are slow to pick up building management systems," said Darryl Polowaniuk, Manager of Security and Fire Safety Solutions at Johnson Controls. Generally, potential changes to the system require a project charter. Input has to be collected from all stakeholders and business units to ensure the changes will not negatively impact any units or facilities, Polowaniuk said.


As such, replacing or upgrading equipment rarely happens. Expansion and integration occur more, said Anantharam Varayur, Director of Webcom Information Technology.


Access control, intrusion detection and video surveillance systems are limited in current integration. "With these subsystems, we register the alarm, show the event on the map, and display footage from cameras positioned around the perimeter," Figueiredo said. For older systems, many of the sophisticated features of access control and intrusion alarms are not part of the VMS, which means that information analysis and processing stay in separate systems.


Information Management
As most power plants have been operating for years, change is not considered lightly. In a typical control room, each subsystem has its own GUI, and the step towards building management solutions or sophisticated CMS and PSIM has not been made yet, said Richard Lack, Sales and Marketing Director at ASL Safety and Security.


However, changes are happening. "Before, multiple control rooms were used for every power plant with one or two operators," said Guy Van Wijmeersch, Market Director Utilities of Barco. "Companies are now centralizing and consolidating different control rooms into a larger one, fitting six or up to 20 operators to oversee plant safety and security."


After Sept. 11, the US North American Electric Reliability Corporation (NERC) established an Information Sharing and Analysis Center for the electricity sector. Specific to power plants, distur- bances or unusual occurrences must be reported to the appropriate systems, governmental agencies and regulatory bodies. Current systems are unable to effectively coordinate responses with all necessary parties.


One solution is PSIM software. A central platform can access disparate security devices via SDKs and APIs, and correlate the data from these various assets to create an intelligent and unified solution without major surgery on existing security infrastructure, said David Fowler, Senior VP of Marketing and Product Development, VidSys.


The energy sector is dominated by traditional engineers who are used to last-generation SCADA systems. "We're trying to move away from SCADA systems, which have very basic mapping and information management capabilities," Lack said. "PSIM can maintain legacy interface support and cover buildings and zones, and all subsystems within, via a 3-D environment."


Visual displays in the command and control room are critical. Grouped displays like video walls and PSIM software make more information easily accessible to operators during an emergency, Van Wijmeersch said. Nuclear power plants require video walls to be approved for seismic events such as earthquakes.


Information Sharing
The NERC requires critical information to be shared with government agencies and regulatory bodies. In reality, however, communication to external law enforcement parties is achieved manually through e-mail distribution lists and hotlines. "The market for communication and sharing of information is traditional and adopts new technologies slowly. Integration of software is also expensive," said Hagai Katz, Senior VP of Marketing at Magal S3. "Even SOP procedures are outdated; there is very little connection between the local police and power plant. Most simply do not have the standard of software and the channels of communication."


If suspicious activity occurs, such as a helicopter flying over a rural substation, the information is normally sent to an e-mail distribution list. This is a common information-sharing method among power plants today.


"There is no real-time sharing and the data is not shared online. However, information can be shared over a dedicated LAN," Varayur said.


It is important to note that most power plants are privately owned. Law enforcement agencies do not have permission to enter the plant, or access information, if help is not asked for, said Javier Prieto, Security Leader for Spain and Portugal, Honeywell Building Solutions. A balance must be struck between protecting plant data and sharing information with the necessary governmental bodies.


Training
With outdated systems comes an aging workforce. IP providers must train security operators who have worked with traditional systems for years to tackle new systems, IT infrastructure and workstations.


"If you have a sophisticated system, but operators are not able to respond to alerts or detection, you've got a huge problem," Prieto said. "Depending on how much background operators have in IT and computers, we give a full day's training on average."


In some countries, trained operators are transferred every few years, as a security precaution. "Government employees in India cannot remain in one position for more than a handful of years, which means that training new operators is an ongoing process," Varayur said.


Future Systems
Power plants, though conservative, are positioned to build new technologies into existing systems and eventually phase out obsolete equipment. New regulations will demand more integration, as well as efficient information management and sharing procedures. "In the future, a typical site will become more of a sensor fusion platform. We're seeing more requirements for video analytics, audio analytics and fiber-based sensors for perimeters," Lack said. "Because of the long perimeters involved, conventional video surveillance with heavy reliance on high-lux levels for lighting will be superseded by thermal imaging cameras."


Sophisticated management solutions that converge all relevant subsystems — not limited to security — into a cohesive 3-D and GIS-based platform are becoming a reality. "These systems will pull together an entire picture of what is happening and communicate it outbound," Katz said.

Considering Open and Integrated Systems

Editor / Provider: Submitted by Johnson Controls | Updated: 3/10/2010 | Article type: Hot Topics

Regardless of language, culture or economics, security in any country should protect people, property and assets. While different countries face varying compliance standards or none at all, system integrators, distributors and building owners or security managers must adapt their services and solutions appropriately.


Currently, the security marketplace is cluttered with thousands of providers claiming to offer the right products or integrated technologies to accomplish any and all goals. Walking the floor of any industry-related tradeshow can overwhelm visitors by the choices available. With the development of new standards and alliances, including the PSIA and ONVIF, end users and service providers find themselves inundated with marketing materials and white papers. It is not uncommon for a customer to question any provider's proposal.


The industry is still years away from establishing solid standards, due to countless overseas vendors and manufacturers who work with varying firmware or codec designs. Additionally, many vendors are still reluctant to create open architectures. This means that there are limitations to common building management protocols and varying levels of openness.


Meeting Business Outcomes
Building owners and security managers need to find partners who recognize their needs, and assess the priorities and perceptions of representative stakeholders, including building occupants. An analysis of that data is vital to the design process intended to meet desired business outcomes.


The technology-contracting model determines the appropriate levels of system integration to manage multiple, duplicate and discrete systems under various vendors, contracts and proprietary protocols — especially in today's ever-changing technology landscape. A single point of contact manages multiple contractors, balances first and lifestyle costs, and efficiently converges individual systems into a technology solution.


Users should avoid working with a company claiming to offer these services, without a proven track record of success. An experienced technology contractor understands the value of vendor relationships.


Open Protocols and Standards
A basic platform for an integrated solution is IP-based, and can use Ethernet technology and TCP/IP networks. This provides a foundation for success. The use of open protocols and standards will ensure that users can choose the best solutions for creating an intelligent building without losing features or connectivity.


A system able to support tens of thousands of data point capacities takes full advantage of distributed intelligence. Coupled with graphic workstations to create the basis for a personal command center, buildings can better manage the entire building automation system (BAS) network.


Building Automation Systems
One of the main highlights of a BAS is that integration can include different subsystems, including access control, video surveillance, emergency lighting, chillers, elevators and fire alarms. A computerized management system can be integrated for maintenance and facility management. Further additions can be made to the management system. In hotels, for example, power monitoring and staff paging systems can be added to round out the full intelligent building capabilities.


At the heart of the network is a modern, scalable asynchronous transfer mode (ATM) backbone, designed to easily manage and support services and protocols. ATM technology is a network infrastructure that supports enterprises with various multimedia — voice, video and data. It provides the basis for LAN interconnectivity and fully integrated network access. LAN and the ATM backbone are managed by one common network management system.


This network can distribute television, video-ondemand, e-commerce, Internet, BAS, video surveillance, and management system data through an entire complex. The network is modular and flexible, enabling users to start on a smaller scale and expand as needs evolve, to support dynamic and changing environments. In addition, the system design should ensure that any future upgrade to the optical fiber backbone and ATM switches will not adversely affect operations.


Setting New Standards
With more buildings implementing BASs, a new standard is emerging for the integration of subsystems and independent protocols into a manageable and operational network. These solutions are ideal for today's sophisticated, multipurpose facilities. It provides IP-based technologies for business and entertainment today, while offering the ability to address the demands of the next decade.

Layered Protection at Power Plants

Editor / Provider: The Editorial Team | Updated: 3/9/2010 | Article type: Commercial Markets

Security at power plants visibly deters and detects. With various technologies on-site and guards constantly patrolling, power plants are heavily protected against unauthorized entry. A&S explores critical areas and the systems deployed.


Power plant security can be divided into several levels. Depending on the facility, critical exterior areas include vehicular entrances, perimeter fence lines, pump houses and switch yards, said Darryl Polowaniuk, Manager of Security and Fire Safety Solutions at Johnson Controls. Perimeters can be protected using microwave sensors, direct burial detection, fence line detection, video surveillance with thermal imaging and guard patrols.


Entrance areas are generally protected through checkpoints, serpentines or vehicle gates integrated with access control and video surveillance for verification, Polowaniuk said.


Internal are as critical to operations include the main and subsidiary control centers, IT data rooms, telecom rooms, stores and warehouses where critical spares may be located, and computer rooms controlling plant process control systems, said Dale Zahn, VP of Business Development at Intellibind Technologies. These areas are often protected by access control, video surveillance and intrusion alarms.


IP Adoption
Most power plants were built well before IP development, which means that changes and upgrades require budgeting, Zahn said.


Analog systems are based on standardized and accepted measures. With emerging technologies, many IP-based systems have yet to reach their full potential, Polowaniuk said.


Advances in reliability, fault tolerance and redundant solutions are pushing old systems to evolve to IP, said Javier Prieto, Security Leader for Spain and Portugal, Honeywell Building Solutions. Some Spanish nuclear plants have already evolved to using IP-based systems.


Network technologies are used for remote surveillance and expansion. A power plant requiring more coverage around water areas may install cameras across a small body of water. Analog cameras would need extensive cabling to accomplish this. "The cost is much lower to install network cameras over long distances," said Aluisio Figueiredo, COO of Intelligent Security Systems.


Open platform software supports various types of encoders, so the video system is less vendor-specific. "Most systems today are hybrid, with analog cameras and digital transmission and storage," said Anantharam Varayur, Director of Webcom Information Technology. "Customers can purchase any camera to replace broken ones and still use the same encoder."


An impediment to IP is the prevalence of legacy equipment. "Building systems like lifts or escalators, and plant and manufacturing equipment, are still based on serial or analog interfaces," said Richard Lack, Sales and Marketing Director at ASL Safety and Security. For full integration, management platforms must support both IP and analog systems.


"It is not a question of why users won't move to IP, it's that they are not always presented with viable options," Lack said. "The systems in use are still working and were approved years ago."


Transmission
Fiber optics and wireless are common at power plants. "Remote locations use more fiber backbone, whereas closed environments tend to use reserved wireless frequencies," Figueiredo said.


In most plants, two LANs run separately. Surveillance footage is generally transmitted to a LAN not connected to the campus-wide network, Varayur said.


From cameras to encoders, analog transmission is preferred because power plants use specially armored coaxial cables. "UTP or STP cables, connecting megapixel network cameras, do not have this special protection, and in such electrically-charged environment, these cables are subjected to more interference," Varayur said.


Protecting Perimeters
Perimeters are protected by up to three lines of defense. "Critical functionality includes the flexibility to be able to set the alarm locally, while allowing for central monitoring, simple identification of the origin of an alarm and reliable verification," said experts from Siemens Building Technologies in a prepared statement.


Typical perimeter defenses include sensor cables on meshed fences, microwave barriers between the fence and protected building, and video surveillance to confirm and verify, said Fabrizio Leonardi, Marketing Director of CIAS.


Electronic sensors on fences can comprise an electronic card with specialized components that detect movement or vibration, said Martin Kowen, Export Director, GM Advanced Fencing and Security Technologies. "Each sensor has an ID and actively communicates with the system processing card, to know the exact location of the intrusion attempt."


Industry-acceptable false alarm rates are usually less than five false alarms per kilometer in a month, Kowen said. False alarms can be lowered by sensors interpreting anomalies. "If there is wind on the protected site, then data readings from each sensor will all change proportionally. This unified change in data reading will not cause a false alarm to sound," Kowen said.


Products based on fuzzy logic analysis measure and compare typical stored signals with the size, shape and rate of change of new signals, Leonardi said. Events that generate an alarm are date- and time-stamped, stored in memory and can be analyzed in real time.


Buried cables are often used between fences for detection. "We encountered major issues because buried cable sensors are easily affected from the electrically-charged grounds characteristic of many plants," said Hagai Katz, Senior VP of Marketing at Magal S3.


For outdoor perimeter equipment, power plants require lightning protection. If lightning strikes near the system, capacitors can charge and take the load, Katz said. It is important that outdoor systems are linked to uninterruptable power supplies.


Post-mounted radars integrated with cameras for verification can detect and track people or vehicles moving into detection zones, said Jason Burger, Sales and Marketing Manager at Navtech Radar. The control room can display information on an aerial map with corresponding video images.


Radar paired with video surveillance can better protect perimeters via wide-area tracking, Katz said.


Authorizing Access
Access control systems oversee exits and gates, including vehicle entrances, pipes, tunnels, employee gates, maintenance points, control rooms and so on, Katz said. Each gate has a different protection — car entrances may have a physical gate with cameras, LPR and guards. Conveyer belts could be protected by thermal cameras to watch for intruders climbing onto the belt and entering the plant.


Access control systems can be active and run up to 100,000 badges a day, said Kevin Pearman, Account Manager, Integrated Security and Building Management Systems, Bytes Systems Integration. Proximity or smart cards allow staff to access to buildings, and biometric technologies are used at critical areas to protect against identity theft. At major access control points, physical barriers are used, including turnstiles and heavy doors, coupled with X-ray baggage checks and radiation scanners at nuclear plants.


Access control is probably the oldest installed equipment at power plants, making upgrades a challenge. "Security managers have no desire to replace old equipment with new IP-based systems, but they would like the benefits of being able to open the door remotely and mapping out its status on a map," Figueiredo said. Protocol analyzers, essentially sensors deployed on doors, are substitutes when SDKs are not available. They can be used to integrate systems running on serial or RS-232 communication.


Adding biometrics is easier than linking existing systems. "If you're dealing with old technology, you run the risk of looking for manufacturers who aren't even in business anymore," Figueiredo said. "Integrating sophisticated technology like fingerprint or facial recognition biometrics gives you a huge advantage: direct support from the manufacturer."


Video Verification and Monitoring
A large mix of mostly analog cameras is installed at power plants. Fixed, PTZ, day and night, infrared, thermal, and higher resolution cameras monitor perimeter and indoor areas.


Real-time surveillance is mandatory. As systems are used to verify events at perimeter and access points, video footage must be transmitted at 30 fps, Figueiredo said.


Users are replacing broken cameras with higher resolution ones. "520 TVL is a minimum, and we are seeing more requests for megapixel cameras," Figueiredo said. For the most part, however, security managers are still learning about the benefits of megapixel and HD cameras.


Storage is vital — footage needs to be kept at least a month. The emphasis is on backup and redundancy.


Evacuation and Safety
Apart from security, safety is a primary concern. Power plants must have reliable voice alarm and evacuation systems to notify employees about airborne contaminants and other critical events.


Nuclear facilities often use voice alarm systems with confidence tones — a series of tone-generated blips broadcasted every 15 seconds indicate that the building evacuation system is operational. "If staff don't hear that confidence tone, immediate evacuation is necessary," Lack said.


In Europe, new legislation allows manufacturers to use field-proven IP-based routing rather than analog. "Voice alarm systems can now sit on the same physical network as the other subsystems," Lack said.

Power Plants Prepare for Change

Editor / Provider: The Editorial Team | Updated: 3/9/2010 | Article type: Commercial Markets

Power plants deliver usable energy to the world and are among the top-rated, high-risk facilities. Conservative and regimented in tried and proven SOPs, these energy generators operate on strict day-to-day practices that ensure the security and safety of people and assets.


As the threat of terrorist attacks become more real, governments, energy and electric organizations, and plant owners must review and increase security measures. Depending on the plant and its location, threats can include syndicated theft and extreme environmental activities. "You must understand your adversary, to define, design and plan your security system," said Javier Prieto, Security Leader for Spain and Portugal, Honeywell Building Solutions.


Most power plants today follow regulations and best practices for critical infrastructure. However, system guidelines are broad, leaving actual equipment specifications to be agreed upon by plant owners, integrators and the operations team.


Planning and installation must be carefully considered at the onset, to avoid using equipment unfit for the environment. The type of plant and its location makes every solution unique.


Current systems installed at power plants are analog and becoming obsolete. Introducing digital systems gradually brings more hybrid systems to the fore. However, integration is challenged by a lack of support from existing equipment manufacturers, some of whom are no longer in business.


Information management and sharing is still at a basic level and often done manually. As most power plants are privately-owned, external information is shared through e-mail distribution lists and hotlines. Within the plant, information is distributed from the command and control center. SCADA systems dominate, but have rudimentary mapping capabilities, which is crucial for response during an emergency. Fully integrated platforms, such as sophisticated CMS or PSIM, have yet to reach power plants.


When existing systems break down, outdated parts are becoming more difficult to find. Users are gradually moving towards IP-based systems, which offer more flexibility, scalability and cohesive information management. The time is ripe for change.


Regulations and Standards
Excluding nuclear plants, no regulations govern power plant security, so best practices and recommendations are followed. However, government organizations such as the US Nuclear Regulatory Commission (NRC), North American Electric Reliability Corporation (NERC) and the US Department of Homeland Security have been actively involved in standardizing requirements for the energy sector.


"The U.S. pioneered nuclear power stations, and many countries around the world, such as Japan, Mexico and Canada, follow American standards," said Hagai Katz, Senior VP of Marketing at Magal S3.


NERC requires power plants to look outside service territories and establish security principles based on the electric grid's reliability, which requires visibility at a higher level. "This means that security technologies applied should be designed with a 'protection-indepth' philosophy — to deter, detect, assess and respond to an incident," said Dale Zahn, VP of Business Development at Intellibind Technologies.


The corporation holds quarterly Critical Infrastructure Protection Committee meetings with representatives from the federal government, as well as industry representatives from the eight NERC operating regions. "Representatives have IT, operations or physical security backgrounds, and come from the investor-owned municipal and cooperatives," Zahn said.


System guidelines are broad, leaving users flexibility to specify their equipment wants and needs, said Darryl Polowaniuk, Manager of Security and Fire Safety Solutions at Johnson Controls.


Market
The market is large and relatively untapped.


Power companies will need to spend US$1.4 trillion over the next 22 years to meet power demands and modernize the transmission and distribution grid, according to the "Improving Power Plant Performance Through Technology Upgrade" white paper by Honeywell Process Solutions. Most power plants have been using the same security systems installed 10 or 20 years ago, making refurbishment or replacement a priority.


"In Europe, power plants are increasingly implementing security systems with 12 to 15 percent growth," Prieto said. Global growth is slightly lower, averaging 6 to 8 percent.


In India, there are one or more plant projects underway in each state. Some are old plants, with little surveillance. "There is a big opportunity to install video surveillance systems in these plants," said Anantharam Varayur, Director of Webcom Information Technology.


In South Africa, security makes up at least a quarter of the project's budget. "If security systems are found noncompliant, plants can be fined," said Kevin Pearman, AccountManager, Integrated Security and Building Management Systems, Bytes Systems Integration.


Designing and Planning
Most project tenders are indiscreet — there can be separate tenders for video surveillance, access control and intrusion detection systems. "At this time, orders can be awarded to multiple vendors, which creates a challenge in integrating the systems," Varayur said. "Customers must take the initiative of putting requirements together at the project onset for a comprehensive tender."


Driven by the need to meet local requirements, planning and design is usually standards-driven, Zahn said. Involved parties include representatives from plant operations, engineering, safety, the supply chain, IT, security and plant maintenance. Once needs are determined, an experienced system integrator will be hired to ensure consistency across a fleet of generating stations, involving equipment selection, operation, maintenance and repair of applied technologies.


As power plants are often located at remote sites, maintenance for faulty equipment requires long waits for repair technicians. "Sometimes customers actually buy spare parts, including cameras, network switches, encoders, additional servers, monitors and power supplies, to lessen the downtime of a system breakdown," Varayur said.


Security managers and their corporate security departments have a vested interest in the final design, as they will likely be stewards of the system upon completion, Polowaniuk said. IT managers also play a crucial role in supplying the network, involved in considerations for bandwidth requirements and redundancy.


Site-Specific Requirements
The type of power plant and its environment impacts security requirements. In general, hydroelectric, coal and fossil fuel, solar and wind plants follow best practices.


Security systems at nuclear power plants are doubled or tripled compared to other plants, as they should comply with legislation, Prieto said. For example, all systems at nuclear plants must be redundant, including networks, fences, control rooms and servers. In comparison, a solar plant might have a single perimeter solution equipped with cameras and fences, but nuclear plants can have up to three layers of perimeter protection.


Coal and other fossil burning plants in the environmental spotlight must follow procedural detection measures to protect against activists, Polowaniuk said.


Hydroelectric plants typically border large bodies of water, exposing them to more complex risks. "If a terrorist was to strike via a boat coming into the dam, it would be disastrous," said Aluisio Figueiredo, COO of Intelligent Security Systems. Armed military personnel usually patrol seaside or water borders at all times.


Cameras equipped with video analytics are necessary to track boats coming into secure areas. "This unique requirement is very common for water dams," Figueiredo said.


For seaside plants, noncorrosive solutions need to be implemented.
The salty and moist environment of ten results in equipment replacement after just one or two years. "Even standards such as IP66 or IP67 are sometimes not enough to protect against corrosion, so special anti-corrosive standards and practices must be used," Katz said.


Power plants located in rural areas with limited natural barriers become simpler to protect, Polowaniuk said. Thermal cameras and radars can be used to survey areas beyond the plant's perimeter. This is not so in urban environments.


In urban environments, plants must be careful not to disturb neighboring residences or commercial buildings. For example, strobe lighting and audible alarms could be disruptive, Polowaniuk said.


The high foot traffic in cities presents unique challenges. "Security incidents related to conventional delinquency, such as theft, increase for plants located in urban areas," Prieto said. "You cannot use long-range perimeter devices to survey areas beyond your perimeter, which means that other perimeter protection systems need to be considered."


Paired with a preference for aesthetics, perimeter security in urban areas can opt for noninvasive systems such as buried cables or decorative fences, Katz said.


Outdated Systems
Most power plants are dated facilities, with traditional analog systems in place. Systems and parts become obsolete, which make integration with management platforms difficult. In security, the shift toward convergence is an appealing solution to all high-risk critical facilities, but power plants are adopting slowly.


"The maturity of the market is an issue, and often security managers at power plants, who have been trained and are familiar with traditional systems, are reluctant to switch out existing systems," Prieto said.


Aging systems are the most pressing issue, and at some point, when the system is no longer scalable or does not provide adequate protection, it should be replaced, Polowaniuk said.


Most security systems in power plants are stand-alone and manually controlled. For example, if an alarm from the perimeter sounds, a security operator will maneuver a joystick to pan a camera toward the detection zone. "This is the common practice," Katz said. A balance must be struck between manpower and technology — as technology develops and becomes more automated, power plants can save on manpower.


Experts agreed that the energy sector, once at the forefront of security technology, is now lagging. "Most of these systems are coming to the end of their useful lives, and next generation power plants will be free to go straight into IP-based systems," said Richard Lack, Sales and Marketing Director at ASL Safety and Security.

Industrial Security Monitors Productivity

Editor / Provider: a&s International | Updated: 3/5/2010 | Article type: Infrastructure

Industrial compounds are generally large in scale and complex in design. On top of this challenging nature, fulfilling transmission needs and meeting regulation requirements pose serious challenges.


The mission-critical nature of industrial security systems depends on a reliable, safe transmission network. Available infrastructure is the key consideration and planning should account for transmission used for security systems, said Guy Yair, GM Enterprise and Vertical Solutions LOB, Alvarion.


"How the site has been used defines the network structure and types of cables that are being implemented," said Sylvain Voulfow, Security Product Manager, CAE Group (a member of TKH Group).


As large-area security projects tend to be completed in phases, a flexible architecture, such as WiMAX network, is crucial to suit changing security needs over time, Yair said.


Making sure data is delivered with enough bandwidth is essential, as inadequate communication too often originates from insufficient infrastructure, said Udi Segall, Senior Product Marketing Manager, Nice Systems.


Activity-based recording and signal transmission, localized storage and multicast distribution are designed to minimize bandwidth consumption, said Mike Webster, CPP Branch Manager, Global Security Engineering and Consulting, Johnson Controls. Involving the IT department is a necessary step for optimized bandwidth utilization.


Fiber optic backbones are favored for industrial manufacturing installations. "Multimode and monomode fibers allow transmission distance up to 2 km and 40 km respectively, with bandwidth capacity up to 100 gigabytes," Voulfow said.


However, legacy fiber backbone is difficult to extend, adjust and costly to deploy a new one, Yair said.


Although there has been skepticism surrounding wireless technology, it ensures effecive coverage of the entire site and saves on cabling costs. "Compared to trenching, which can cost as much as US$300 per linear foot in an outdoor environment, the initial investment and operating expenses of wireless network can be as low as one-tenth of the total investment for wired infrastructure," said Ksenia Coffman, Marketing Communications Manager at Firetide.


Once a wireless network is deployed, it should support feature upgrades that enable added encryption and capacity enhancement. "For mission-critical applications, a stable IP link must be made failure-proof to provide redundancy," Yair said. "Physical features such as a redundant power supply, or the WiMAX ability to automatically search and associate with an alternative base station upon losing connection, is indispensible."


Wireless mesh technology, with the design of redundant paths and multiple signal drop-off points, enables fail-safe operation. "However, wireless networks can be affected by adverse environmental conditions. Maintaining the network with redundant transmission is crucial. If a transmission node is damaged, it should be replaced quickly so there is no weak point in the system," Coffman said.


Compliance
Security systems play a key role in meeting safety and security obligations. "The industrial segment has been forced to address security concerns associated with the potential terrorist threat since Sept. 11, 2001, and such concerns are most widely held in the chemical and nuclear industries," said Jennifer Mapes, Industry Analyst at Freedonia Group.


Perimeter security in industrial environments has become more prevalent as regulations are developed. The Chemical Facility Anti-Terrorism Standards issued by the US Department of Homeland Security specifies a response time, demanding early alerts to be properly met, said John Romanowich, CEO of SightLogix.


"Depending on the industry and what has been manufactured, municipal, state or federal government standards could apply, as well as industry or international regulations," Webster said. To meet changing regulatory requirements, security personnel should build a set of compliance and risk management tools. These include enforcing segregation of duty policies, triggering compliance-based access and intrusion alarms, and implementing infraction and remediation management.


For industrial users, video surveillance requirements often pertain to high-definition footage with audio for inspection. "Few regulations exist to address security criteria for video," said Dave Tynan, VP of Global Sales and Marketing, Avigilon. "Regulation compliance is largely driven by the legal and consequent financial liability associated with the risk of the facility."


Typically, video is stored a minimum of two months, with real-time monitoring required at 20 to 30 fps of critical operation points and restricted areas, said Shi Zhong Su, Section Manager at Genuine C&C. Playback at 6 to 7 fps for general checkpoints is sufficient.

Building Automation to Reach $36 Billion by 2015, Says ABI Research

Editor / Provider: ABI Research | Updated: 2/26/2010 | Article type: Residential & Consumer

Recession and conflict always bring a reevaluation of energy management and calls for new ways to ensure organizations and nations use energy more efficiently. The same is true in the latest downturn and it is driving significant interest and activity in the market for building automation systems (BAS).


Energy use within commercial buildings has been growing year-on-year for decades and by now accounts for up to 20 percent of national energy consumption in some developed countries. This makes it a prime target for energy efficiency and environmental measures.


Despite being a traditionally slow growth area and one that was impacted by the latest economic downturn, the market for building automation systems will grow by three percent globally from 2009 to 2015, when the total market will reach a value of more than US$36 billion. This forecast is contained in a new study from ABI Research.


"Government financial incentives and regulations as well as organizations' own financial and environmental goals are coinciding with a drive to open up building automation systems to wider network management and integration, drawing companies such as IBM and Cisco into a market traditionally dominated by more specialist global companies such as Johnson Controls, Honeywell and others," said Principal Analyst Jonathan Collins.


Although low single-digit BAS market growth may not look significant, it actually is, given the current economic climate and the performance of the building industry in general. It also masks the shifts that will take place between revenue streams within the BAS market, as contract values will increasingly skew toward software and services and away from hardware – another result of the emerging trend for improved communication and connectivity with BASs.