Open Road Ahead

It seems all of a sudden, when it comes to security systems and devices, “open” has become a good thing. In just the past few years, manufacturers have started endorsing open systems, consultants have begun specifying open products and several organizations have sprung up claiming to have something to do with “openness.”

But what exactly does “open” mean in these cases? Is it real or is it hype, and should we care? The answers to these questions and many others lay just ahead. We will explore how information technology (IT) and its convergence with physical (electronic) security, along with several other factors, are revolutionizing our industry as we know it.

ODBC Is an Example of How the IT World Promotes Open Systems
Openness in the security industry traces its roots to IT that carries the same terminology. In the IT world, “open” is synonymous with “freely available” and refers to easy-build solutions that utilize open technology.

ODBC – which stands for open database connectivity – is an example of a technology that comes from the IT industry and is used in the security industry. Its purpose is to make it possible for data to be accessed in applications regardless of who manufactures the database management system that houses the data.

So, with ODBC, you can write statements in a language called SQL and those statements will retrieve data from any database system. Thus, SQL Server® from Microsoft™, Oracle’s database management system, MySQL or any of the others that support the ODBC interface can be used interchangeably.

It is that last fact – the ability to make applications independent of manufacturers’ technologies (in this example, a database management system) – that is the source of the “O” in ODBC.

Because ODBC is an open standard that applies to many database management systems, one might wonder where it came from. Certainly no single manufacturer could decide to define a standard for the entire industry to follow. In the case of ODBC, the volunteer standards body called SAG (SQL Access Group) created the standard.

Open systems often, but not always, stem from the work of cross-industry volunteer groups. The “Hayes modem protocol” that is built into the telephone line modems on millions of computers is one such example.

The protocol got its start because the first company to make a programmable modem, the D.C. Hayes Co., invented the protocol and published it. Thereafter, other manufacturers of modems, in order to be compatible with software that utilized the Hayes protocol, copied it and extended it. (Alas, being a pioneer may guarantee fame but its does not guarantee fortune. Hayes went bankrupt in 1999.)

Hayes essentially invented an open standard for software-based modem control. This example shows two other characteristics of openness: survivability and extensibility. Survivability is clear in the Hayes case. Its open protocol outlived the company – to the good of the users of Hayes protocol-compatible products. If the protocol had died with the company, millions of users and hundreds of software manufacturers would have been left holding the bag.

As the state of the art in modem technology developed, features Hayes never considered became available. Because its protocol was extensible, others added new commands and options to old commands that kept the Hayes protocol alive. Almost everyone agrees a better protocol easily could have been invented, but momentum kept Hayes’ protocol going and the huge installed base of users kept it the standard.

Wiegand Is Security Industry’s Leading Open Technology
Is it unusual for a company to invent an open standard as Hayes did? Not at all, in fact, most so-called standards arise that way. The “Wiegand protocol” for access control card readers is a case in point. It was developed by Sensor Engineering as a low-cost way to output data from access cards that were “swiped” through a slotted card reader. Today, almost every manufacturer of card readers has a Wiegand equivalent.

Wiegand protocol has survivability: it is used with proximity readers, smart card readers, and even keypads and biometric devices. Its universality is due to its enormous installed base. Even though every manufacturer that uses it wishes it were better designed, there is no mechanism for that to happen.

The security industry has a very poor record when it comes to open standards. With the exception of the Wiegand protocol and the widespread use of NTSC standards in video cameras (and even NTSC, which stands for National Television Systems Committee, is a broadcasting rather than a security standard), very few examples exist.

Common Protocols Are Driven by Economics, Size of Industry

Why should it be the case that there are so few open standards in the security industry? Does the adoption of open standards not make economic sense?

The answer depends on the size of the consumer base for the technology in question. In the IT market, there exists many times the number of consumers of ODBC, compared with the number of consumers of, say, DVRs in the security market.

The introduction of ODBC ushered in new and innovative products that would not have been possible if a separate product development were required for each database system (Crystal Reports, for example, is a very popular report-writing software that relies on ODBC).

Once openness hits an industry, however, there is no turning back. If a database management system manufacturer were to decide to opt out of ODBC support, that manufacturer would certainly pay for the decision in lost revenue. Such a decision would essentially isolate that manufacturer from the broader market.

In the security industry, on the other hand, it was historically the case that not enough consumption existed to make openness pay for the manufacturers. This meant that most manufacturers did not publish interface specifications that would allow the integration of new features and products from others into the systems they produced.

For the end user who decides to adopt a closed system, the only choices to move forward are to do so with the original manufacturer or face an entire system replacement. Neither of these are attractive choices.

Growth, Convergence, Complexity Are Paving Way for Changes
The closed product attitude of the security industry is beginning to give way, though. Three major forces are driving this evolution: growth in the security market; the convergence of IT and physical security; and the increasing complexity of the new products entering the industry.

Post-9/11 growth in the market for physical security products and services is bringing in new buyers, and many of them have well developed IT infrastructures but less developed physical security practices. A robust and growing market is fertile ground for openness to take root.

In much the same way telephony converged around the network infrastructure with the introduction of IP telephones, physical security is following suit. Converged systems bring with them the programming and data handling practices of the IT departments that manage the networks on which these systems depend.

Finally, the complexity of some of the new products, particularly in the area of video analytics and biometrics, means it is unlikely any manufacturer will be able to afford to build the most sophisticated solutions without going beyond its own stable of products. Open systems are essential to achieving this last point.

Shift Seen Ahead From Single Source to ‘Best of Breed’ Products
Large manufacturers with closed product strategies traditionally offer single source buying for their customers. This makes it easier to purchase products and obtain support. As our industry moves to open systems and products, sin
gle source buying will give way to “best of breed” buying. Under this new approach, buying will be more complicated but the range of options available to buyers will be more exciting.

The manufacturer of the best access control system for a given application may not, for example, also manufacture the best video management solution for that same application. Under single source buying, the purchaser simply has to live with either an access control or video system, one of which is less than optimal. Under best of breed buying, both the access control and video system that best fit the buyer’s needs are integrated, even if they come from two different manufacturers.

This evolution toward best of breed buying is found in many industries as they mature and is a sign of healthy economics. It sustains a larger pool of both suppliers and consumers, and creates new opportunities for products and services.

The shift, however, to best of breed does not always come smoothly. Existing manufacturers may be reluctant to share market space – however fast it may be expanding – with newcomers. Inevitably, though, market forces prevail and companies either open their products or fail.

Openness Requires Willingness to Share, Not Necessarily Standards

In the security industry, we are in the early stages of an open product revolution. There are very few standards to guide manufacturers in making open products, but openness does not require standards, only the willingness to share information.

Typically, the information required to integrate a product with other products is provided in one of two forms: as protocol documentation or as API (application programming interface) documentation. A protocol is the language used to control a device from another device. Usually, this control occurs over a communication line of some sort. Older designs used RS232 or RS485 serial communications, and new ones use TCP/IP network communication for this purpose.

An API is more advanced than a protocol document, and it specifies how a programmer can write code to control a device. Often APIs come with a software development kit (SDK) that includes simple examples of programming to aid developers.

Unfortunately, some products are closed not because their manufacturers want them to be but because there is just not a method of controlling them externally. In those cases, there will not be APIs or SDKs, although the manufacturer may make more advanced models of the product that do have them.

To determine whether the products you are using or specifying are open, investigate these five things:

1) Is there an API, SDK or protocol specification available for the product in question?

2) Is the manufacturer willing to provide the necessary documentation to any third party with a valid use that requests it?

3) If there are problems with the API or SDK, does the manufacturer provide a way to get those problems addressed, even if for a fee?

4) Has anyone else ever integrated the product in question, and can you communicate with them?

5) If the product is not open, does the manufacturer have in its line another product that serves the same purpose but has published interface specifications?

If you want an integrated application and the answer to these questions is “no,” then you may want to consider finding a different product for the purpose. There are open products available in almost every product category, and as more buyers insist on openness, the better the products in our industry will become.

How Open Systems Can Benefit Manufacturers, Integrators, Users

S2 Security Corp. of Wellesley, Mass., recently announced the installation of the 1,000th S2 NetBox, an integrated security management system. That product has been open since its inception, with a published API available over the Internet, an SDK and available support. Initially, end users such as the Foxwoods Casino in Connecticut (see the September 2004 issue of Security Sales & Integration for an exclusive look at this installation) worked with the API to integrate it with their IT operations.

Recently, though, manufacturers have started to use the S2 NetBox API to extend their own product offerings. Imprivata of Lexington, Mass., maker of the OneSign single sign-on product that controls passwords and multifactor access to applications in IT environments (so-called logical security) used the API to allow physical location to be used as an authentication factor. Thus, OneSign is able to prevent login at a computer in a building by a user who is not known to be physically in that building.

In another example, EasyLobby of Needham, Mass., manufacturer of a secure visitor management and badge production program, used the API to integrate the two products. In the integrated solution, a badge issued by EasyLobby to a visitor can be used to grant access through the S2 NetBox.

Of course, open solutions are not limited to S2. IP video camera supplier Axis Communications of Chelmsford, Mass., has offered open products since its inception. APIs are freely available for Axis’ cameras, a fact that has been instrumental in helping the company’s products proliferate.

Neither is openness limited to newer companies. Irvine, Calif.-based HID Global, which is synonymous with identity management products, went to great lengths to assure that its Vertex panel product included complete documentation to assist third-party integrators wishing to adopt the product.

These innovative solutions illustrate the fantastic power of open architectures. In very little time and with relatively little expenditure, three leading products were integrated to offer users new solutions, each more powerful than would have been possible had any of the manufacturers acted alone. The result is synergistic: the manufacturers involved get new revenue opportunities, and their systems integrators can provide better solutions to meet end users’ problems.

Open systems and open products are now reaching the security industry as a result of the growth in our market. It will take some time for openness to become the standard in the industry, but the process is irreversible: openness is here to stay. By selecting open products, buyers will assure themselves maximum flexibility and a measure of protection from obsolescence.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Get Our Newsletters