With a membership of more than 65 manufacturers and systems integrators, the Physical Security Interoperability Alliance (PSIA) works to develop standards for and promote interoperability of IP-enabled devices across all segments of the security industry. PSIA Executive Director David Bunzel joins the conversation to discuss the group’s work as well as issues surrounding competing standards body, ONVIF.
In general, who or what is driving standards in the security industry?
There are so many different parts and pieces that all have to come together. It is no easy task to make standards happen. And it is no easy task because you are trying to get all the different parties to work at the same time, all with this leap of faith that the other side is going to work — when I plug it in, it works.
The manufacturers are having an influence because they have to have products that they enable with standards. Those manufacturers oftentimes have the technical people involved in creating the specs to make sure that they work.
You have specifiers out there who probably could have a big influence on how standards go if they embrace a type of specification because the more its specified, the more people adopt it, the more interest there is in promoting it further and making it better and more effective.
The customer is asking for it, especially the big customers. The bigger companies are asking, “Why can’t we have this where we don’t have to do all this custom software?” Many of these companies like Cisco make products that are standards-based and it’s why their market has been able to grow and they can’t figure out why that doesn’t make sense to the physical security market too.
PSIA launched in March 2009. Since then, has interoperability progressed at a pace you expected?
We are at where I would have expected it to be. The security industry was behind a lot of IT industries, for example, but because some of the companies in the security industry recognized that they needed to catch up, they acted reasonably quickly. They were able to come up with specifications and standards quickly. It was implemented into a lot of commercial products quickly. The groundwork is laid for not only the manufacturers to deploy products, but customers to be asking for products and also applications that capitalize on the products. It’s going to be evident very, very shortly. From the standpoint of what has transpired in four years, the industry has made a lot of progress, but it is in line with what our expectations were when we started.
So the heavy lifting to create a strong, lasting standards movement in the industry has been accomplished?
We have a full set of system and functional specs that can be implemented now and are ready for marketable products. The infrastructure is in place. There are probably more tweaks that are needed now than actual heavy lifting. We are making adjustments; we are fine-tuning things. We are making things easier for manufacturers to implement and customers to use. We are making sure test tools are available that assure interoperability.
Can ONVIF and PSIA coexist or is it destined that one group will eventually disband?
I can speak more about our standards. We can accomplish a lot of the things because we have taken a system approach. We have a broad range of product categories and classes that we support. At this point, ONVIF only has a video spec. The concept of interoperability is pretty much camera to VMS. There has been discussion about other areas of security they want to get involved with, but their tribal knowledge is focused on cameras. We have taken a different approach. That’s not to say that one will prevail and the other will go away, it’s just that we have taken a different approach.
What benefits has the industry realized by having PSIA and ONVIF competing to be the de facto standard?
In general, in industries where there is competition there is oftentimes a greater sense of urgency, so things are happening faster. Also, it probably challenges the other side to differentiate, to make their products or services or their specifications better. I don’t think the industry has been hurt by having two organizations, but of course at some point in time a lot of companies hope there [will be a consensus for one organization.] It is easier to choose between one or the other based on the benefits it provides.
Beyond the ability to get products to work nicely together, what significant ways does interoperability advance the security industry?
It is bringing a lot of different products together in a way where you can have more reliable data. You can look at a number of different devices and make even better intelligent decisions on things that are happening. Before you probably had to look separately at different things. It’s about integrating physical security management and decision-making a lot tighter so you can make better decisions faster.
What we have found fascinating is that a lot of the applications that people are coming up with are things that we didn’t necessarily envision. But we have tools that enable some of the solutions people are discovering because the tools are available. It’s not something that we said, “OK, we are going to solve the problem of a common API for these different devices.” People have realized we have a communication protocol. We have specifications that work in ways that will enable different applications that we hadn’t anticipated but people are using because we have great specs.
What is an example of that?
For example, some will ask, “Are elevators part of the security equation?” Some people would say so. Oftentimes, cards are needed to go to different floors because of security measures. All of a sudden the elevator companies are going to be engaged with us. What about building management? You now have specifications we have created for access control.
Access also enables an interesting concept that is becoming more evident in building management, which is awareness. When somebody comes into a building and they use their card to access the building, it enables all the different functions, whether it’s analytics to make sure that only one person is entering. The access system allows you in, an intrusion system is [disarmed] and a camera looks at you to make sure that they can validate that that’s you. But also, it’s after hours and an employee enters to go to his office. The power had been shut off as well as everything else to optimize energy. [The building management system] recognizes that the employee walked into the building, so the lights go on and the employee can go onto their [floor] level; their computer comes up and the heat and air conditioning is adjusted to your preference.
All of a sudden an access control device is also an awareness device that supports some other sophisticated building management and energy management functions.
Is interoperability compelling for small integrators as well or is it only for those that play in the enterprise space?
The ultimate objective or nirvana for us is we want to have products that plug and play. You plug them in, they are recognized, they enable certain functions for you to do that are typically done and we make the whole process of integration easier in the field. Right now there is a lot of custom coding and custom integration that is needed for all these integrators to do. Not all of them want to do that and not all of them have the resources. Oftentimes, they have to bring in a third party to be able to do that. Our objective is to have products that work in a plug and play environment, are easy to use, so integrators don’t have to do as much of the custom coding.
Are there tangible ways that we see interoperability trending in the industry? For instance, are RFQs coming out that designate standard-compliant products?
Yes, RFQs are coming out but it’s not clear all the RFQs understand things. For instance, a year ago people were putting ONVIF on RFQs. Was it realistic? Were they ready for primetime? Could you get an ONVIF-enabled camera? Yes. Would you want to specify it? Well, it wasn’t working very well. It was probably a salesman who convinced one of his buyers, “Put this on the RFQ because it’s a great reference point for us.”
On the other hand there is an opportunity, and of course I am going to give a biased answer, but it probably relates closer to PSIA. That is, as a specifier if you promote or basically say, “Our first priority will be going to PSIA-enabled devices,” whether the [products’] PSIA functions are enabled or not is not as important as the fact that you have provided a foundation to add products later. If you have a camera that you install on your system, and it is PSIA enabled, and you want to change or upgrade it later to one that has different features like infrared or megapixel or whatever, you don’t have to rip out the whole system because you [have committed to supporting] PSIA devices. So the products plug into the system and they work with a certain expectation because the specifications are there to allow that.
In my mind having RFQs with PSIA specifications makes sense to a certain extent if people accept the fact the PSIA specs will carry on and feel confident about it, and we feel confident that is the case, then you have an environment that people can build on indefinitely.
Is rip and replace or the prevention thereof one of the compelling arguments for interoperability?
Definitely. You can have your whole system set up and take one component and replace it and the way our specs are designed you can communicate with a new device very easily. There is no problem. You are still communicating. If you have a dashboard that is incorporating all of these devices into it and you swap out one set of things, the dashboard will recognize you have a different camera but still recognize and talk to it because it all talks the same language, which is PSIA.
Last year PSIA released its Area Control v1.0 specification to standardize the communication into access control and intrusion products. What’s next for the organization?
If you look at the building management industry, we are actually engaging with building management systems to discuss the relationship of our access control spec to their industry. We think there are going to be some very interesting ways that we can leverage the PSIA specs to support building management systems.
In addition we have an opportunity, as I mentioned before, with elevators. The elevator manufacturers will probably be engaging with us. Finally there is going to be some really innovative applications that come up. One of them is in the process right now. One of our member companies is going to be putting together a tablet mobile application for building management and security, relying on PSIA-enabled products. You are going to see the security director being able to take his tablet home with him and be able to monitor, manage and even make adjustments to his security products, allowing mobility into the equations. He’s not going to be as tied to the facility and he’s got a mobile application that will support that.