was commissioned and published by Intersec
magazine in 1999.
THE PROS AND CONS
Lets suppose you are a member of a team. Your team is so important that some of the tasks it performs are mission-critical; even a matter of life or death to someone or something. Suppose that you are prevented from communicating with other members of your team other than through a human intermediary whose job it is to take in your messages, interpret them, and to then relay instructions to the appropriate colleague who is needed to take action solely on the basis of what is passed on. Can you picture that? So here is a question for you, the team leader. How well would your procedures cope when bad things came flying your way, thick and fast, as one day they will do? Will the critical mission fail? Will metaphorical lives be lost? Will you have a very tough time explaining why such a potential disaster was allowed?
Its fair to say that in many situations the answer to some or all of these questions would be yes. In our opening paragraph the metaphorical members of the team might be the intruder detection system, access control system, closed circuit television system, fire detection system, heating, ventilation and air conditioning systems. So why is it that many buildings and organisations only permit these to talk to each other via the human being who is lumped with the Control Room Operator title? The most conscientious and well-trained staff members who are tasked with fulfilling this role can occasionally be a bottleneck or corrupter of communications owing to information-overload, distraction, and natural human erring. Weve all heard the Chinese whispers illustration from a wartime situation earlier in the twentieth century havent we? The British radio operator in the frontline trenches calls Send reinforcements. Were going to advance., while HQ many miles back are handed a slip of paper upon which is written Send three-and-fourpence. Were going to a dance. Theres too much at stake for each of us to let such simple, human, but greatly important mistakes happen when they can be prevented.
So why doesnt everyone integrate their systems and arrange for these inter-system messages to pass quickly, reliably and automatically? Well, that brings us neatly to the core of this article. We highlight some of the advantages and disadvantages which may need to be considered on the way to reaching conclusions for any particular set of circumstances.
HOW TO COMMUNICATE.
There are three popular methods which have been used to permit separate systems to communicate with each other and at least hint at integration. These are:
Let us briefly describe each in turn:
Hard-wiring involves the talking system having within it either a number of hidden on/off switches which are each electromagnetically switched by the system itself (commonly known as relays), or a set of transistors which each independently switch a voltage on or off. The listening system is arranged to have the necessary circuitry to electrically sense the on/off status of as many of the above talkers as are necessary to pass commands from one system to the next. Quite often a multi-core cable connects the two systems outputs to inputs, and vice versa if desired. This simple on/off switching method has been around nearly as long as electricity has been put to good use.
Data Protocols are designed so that the listening and talking systems can simply monitor or contribute respectively to any stream of electrical signals that appear upon the cable that connects them. Certain voltages, frequencies and data-coding methods are agreed by the engineers of the World and hence you will see RS232, RS485, and many others standards bandied about universally. But, as will be highlighted later, this does not mean that one manufacturers equipment will automatically understand anothers. The long-standing lack of a resolution to this issue has been the bane of the security industry for many years. This may be pictured with the analogy that although your fax machine uses the same telephone-line protocol as your colleagues in Amsterdam, and that his message to you uses all the same written characters from A to Z that you are familiar with, this does not mean that you can automatically read a fax written in Dutch. Translation may still be needed.
Computerised gateways (nothing to do with the computer manufacturer of the same name) have become much more common in recent years as powerful machines have become readily available and software development has blossomed. The purpose of these gateways is to quickly translate the protocol and language of a talking system into the corresponding tongue of the listening system. Such is the capability of these gateways that many systems may talk and listen simultaneously, often to more than one other system. Not only can translations be done automatically, but incoming information may be used to automatically make new decisions before the outgoing message is recomposed to reflect this creativity. In addition, the gateways often use the tremendous capabilities of their host computer to offer the necessary Man-Machine Interface (MMI) that gives the Control Room Operator a window into the programming and status of the integrated whole, and maybe a keyboard and mouse, or a touch-screen, to allow human contributions to be made to the continued smooth running of the whole affair, because it isnt Hal from 2001, yet.
PROS AND CONS.
Each of these methods comes with a mixture of associated benefits and troubles. Which is significant for the reader? Only the reader can decide.
Any method of integrating either existing or newly installed systems can reduce the reliance on staff to ensure that the whole and its component parts function satisfactorily. This can result in a reduction of the number of staff required, and a reduction in training costs owing to the fact that automation means PhDs are not necessary to be in attendance. This also means that stand-in personnel experience a much shallower learning curve in the event having to relieve an unscheduled absence of regular staff. Quite simply the technology multiplies greatly the effectiveness of each person using it. The man-machine interface is often pc-based which means that one or more VDUs may present the users with full-colour illustrations of the information that they need. Site maps or schematic/process diagrams that the operator can zoom in or out are particularly effective GUIs (Graphical User Interface, pronounced goo-ey) as they can automatically update as circumstances within the system change second by second. Very user-friendly.
Staff performance can be automatically monitored in the more sophisticated computerised systems owing to their ability to create an audit trail of events and consequent actions. This may highlight training needs.
More importantly, Health & Safety at Work, lone-working and life safety concerns are greatly assisted by the who, when, where, what, how and why trail that is retained by the computer acting like a black box flight recorder. Indeed, emergency procedures are much more likely to be followed correctly in the heat of the moment when staff are speedily prompted to appropriate action by the computer, shielded from information-overload by a machine that can make many complex decisions on their behalf, and empowered to initiate lengthy and intricate sequences of necessary actions that will be executed by a computer that will not forget how to do it under pressure. Your insurers will sleep well at night.
Your accountants may sleep well too as the capital outlay on integration may provide long-term dividends just as, for instance, an energy management scheme can. Imagine how together your operation would be if the right messages were passing unhindered between the following: building and energy management, environmental control, elevators, fire alarms and extinguishing, public address, paging, telephony, CCTV, intruder alarms, access control, IT networks, retail EPOS, etc. Costs would be much reduced, as inefficiencies, right-hand not knowing what the left-hand is doing, mistakes, information-overload and human frailty could be minimised in the grand equation.
PROVERBS ABOUT EGGS AND BASKETS.
If the systems that form part of this grand scheme are vital to your operation then nothing should be done without a full risk analysis exercise being carried out and a disaster recovery plan being created and tested.
Any electronics can crash and bring your operation to a halt, or worse, damage other parties too. This does not have to be an unmanageable risk. Dont forget that air traffic control, military, and financial transaction systems worldwide rely on this technology. The systems are thoroughly reliable because they have been well designed with resilient power supplies, automatically re-routing communications links, data backup regimes, hot-standby processor units, top quality hardware and very competently written and exhaustively tested software. If you are not willing to invest in those things too then you may spend far more recovering from a major failure than would have been the extra expenditure at the outset. It will also be prudent to ensure that all of the sub-systems from which the integrated scheme is comprised can function fully independently as a fall-back position should the new intercommunication fail at any time.
The integration process can be carried stage by stage if desired, especially if it is to encompass existing disparate systems. Be very wary in the initial design process that decisions are not unwittingly made which lay foundations that will limit options for future developments. It is highly desirable at this stage to work with a specialist who genuinely knows the discipline. This may be from a particular manufacturer, although their advice will not be impartial as they would like to profit from a sale in return for their lengthy efforts. You may already be employing architects or consulting engineers as part of a larger development, but dont let them embrace this too by simply telling you that they have past experience. The corresponding experience of their past client will most likely not be quite as hassle-free as they would have you believe. That is because integration can be a very specialist area, so be prepared to pay for a specialist. Your aforementioned risk analysis will show you what happens if it all goes horribly wrong. So, you begin discussions with your specialist. He or she does not know that you have prepared yourself by reading this article, and is naturally impressed that you are so knowledgeable.
WHICH ROAD TO TAKE?
Do you satisfy your needs with a relatively low-tech hardwired solution? One advantage is that it can be implemented somehow on almost any existing system, and even if the interfaces must be custom-built it should be within the grasp of any engineer to maintain it. The necessary equipment will be cheap, although more boxes of it may be needed owing to the one-for-one method of wiring. Also, the transfer of messages can take up to a few seconds in some situations because of the relative slowness of the internal mechanisms. But this latter point may be immaterial in many applications, and the overwhelming advantage of being able to connect nearly anything to anything is only limited by the size of the cable and the simplicity of the messages.
If we consider a situation where the speed and complexity of the information that needs to be transferred, and the distance over which it must travel, rules out simple hard-wiring, then we move to systems where the talking and listening devices use a high speed stream of digital data to converse. Sounds simple doesnt it? Well it is, if you are dealing with the energy and plant management or process control industries who have for several years had agreement on the protocols to be used by all manufacturers of myriad devices, such as LonWorks by the Echelon Corporation. But the security industry has historically chosen to be very protective of its protocols, which seems to be an effort by manufacturers to lock customers into using their equipment exclusively by making the cost of changing supplier prohibitive and particularly disruptive to daily business operations. So while I climb down from my soapbox take a moment to reflect upon the consequences of choosing a unique supplier to provide the backbone of your integrated scheme. Indeed, it may be that this can only be done by also using their unique CCTV, access control, cashless vending and building management equipment, where each sub-system may not give you the particular performance that you want in that area. If thats a concession that you are willing to make for the sake of technological integrity then you have a viable solution. Of course, the benefit of this one-stop-shop is that any faults will be rectified by the supplier without the traditional buck-passing, but if they really fail to provide the level of service that your operation requires then do you have no option but to rip it all out and install something else? Their impeccable track record and commercial stability are vital and you will have to be prepared to pay a premium for that.
The latest fashion seems to be to implement a gateway which is a computer-based backbone that can communicate with a wide variety of manufacturers equipment. This is possible because the supplier of the gateway writes, or has already tried-and-tested, pieces of software that can communicate with the various devices that already exist on your site, or you are currently purchasing based on their performance characteristics and not, as above, based solely on unique protocol issues. The perceived disadvantage to this method of integration is the expected high cost which will be influenced by the amount of software that comes straight out of the library versus how much is bespoke. Another major issue is the establishment of a single point of responsibility. This is vital to the continued success of the integrated system as we have all heard anecdotes about several manufacturers all accusing each other of being the cause of a fault in a large system to which they have all contributed a part. The customer is left helpless with the ongoing costs of a malfunctioning system about which he is technically ignorant, and there is no end to the finger-pointing and quoting of contractual loopholes. This unhappy scenario can be avoided by asking the gateway provider to commission all cabling and sub-systems to their own satisfaction before taking overall responsibility for continued reliability of the integrated whole.
The higher we choose to climb up the notional mountain of technological sophistication, the greater care we must take not to fall, because the drop gets bigger and more deadly. We stack the odds of long-term survival in our favour by planning, training and investing the necessary money in the necessary equipment and support services. Many people have reached the peak safely and enjoyed the breathtaking views. You can follow in their footsteps if you need to.
Simon Lambert BSc (Hons) MASC is principal consultant at Lambert & Associates, an independent practice, and a member of the Association of Security Consultants. He can be contacted by email at firstname.lastname@example.org
© Simon D. Lambert 1999