- PSIM solution will need to provide the highest level of assurance that all information required will be available when needed.
- Each service within a SOA deployment should have a single functional responsibility
- SOA enables a PSIM application to process event data in real time
In any PSIM deployment, the day-to-day information load is relatively minimal. The challenge is the response to a sudden surge in this load, caused by a critical event or disaster scenario, comprised of multiple events happening at the same time. It is in these scenarios that a PSIM solution will need to provide the highest level of assurance that all information required will be available when needed. In addition, the solution will need to remain highly responsive, providing essential intelligence and data analysis, to enable security operators to react and respond immediately.
Service-oriented architecture (SOA), simply put, is a series of methodologies adopted to create separate software modules which, while interoperable, are independent to one another. This is referred to as “loose coupling” and is essential to an enterprise-grade, SOA-based solution.
Each service within a SOA deployment should have a single functional responsibility; such as reporting, authentication or communication. It is this separation of functional units that drives the benefits of SOA. Loosely coupled services allow developers to increase flexibility across networks and infrastructure boundaries, expanding capacity, distributing load and removing bottlenecks. Secured, published “end points” share the functionality of each service across the deployment, and with linked systems such as accounting or reporting. This enables greater PSIM integration with business systems and processes.
PSIM IN REAL LIFE
SOA enables a PSIM application to process event data in real time, as well as update operators and security personnel with the information they need both in the control room and in the field. The use of independent, stateless services provided by SOA brings new levels of availability, performance and capacity, while also improving disaster recovery of the PSIM solution. These are built into the application architecture, so are intrinsic before considerations are made at the platform or infrastructure level. This same stateless nature reduces the costs of growth and maintenance, and future high availability and disaster recovery (HA/DR) concerns, reducing the overall TCO.
The availability of data and the timely response to it are essential to a successful security operation. Information should be available to operators in real time. However, as deployments and security operations grow, too much information can lead to information overload. This dramatically reduces the effectiveness of security resources.
The follow-up to an incident needs to be tightly aligned to SOP while remaining unobstructed, allowing delivery of mission-critical information and analysis to security personnel, without the need for manual intervention. Security operators need to react as soon as possible to events, and the slightest delay can seriously impact the outcomes. Waiting for a PSIM system to catch up is not an option.
The four key areas that form the PSIM event pipeline are: event collection; event filtration; intelligent analysis; and alarm/response generation. Address each individually, refining and optimizing the way PSIM behaves in each area, to provide complete situational awareness in the fastest possible time.
Implementing SOA in a PSIM deployment ensures each of these vital steps within the event pipeline is separated into individual elements as a part of the greater software solution. Each service is concerned only with that step in the pipeline, and as such is developed and refined to excel in that function, unimpeded by other areas of the system.
Subsequently, each area is independently scalable, allowing PSIM solutions to scale only where additional capacity is required. This dramatically increases the cost effectiveness of upgrades required by growth in the security deployment.
In this SOA environment, each of the services is a completely stateless entity. This means multiples of each service can be added to a deployment to support operational requirements. For example, where HA/DR is needed, it can be added without having to upgrade the whole solution. Services can be added or removed from a deployment, even dynamically, allowing for 100-percent uptime during maintenance or dynamic increases in resource availability during those critical burst demands on the various systems seen during major incidents.