What Is Needed To Make A Surveillance SOA?

Perhaps one of the more overused buzzwords of the last decade is “convergence.” While its origins lie in the foundational achievement of the convergence of networking and routing using a common Internet Protocol (IP), telecommunication companies and cable operators have brought this terminology mainstream to describe the passing of voice, data and digital media, such as video, over some common network infrastructure. This noble notion that convergence simply enables the passing of all types of data over a common system perhaps explains the loose and vague manner in which convergence is discussed within the security and surveillance industry. Often, people talk about convergence to represent the merger of physical security with the corporate IT network security. Others further condense the focus on the transition of surveillance video to IP networks. In short, “convergence” is ill-defined.

True convergence is more than just the coexistence of multiple media and content types on a shared network, or the migration of a technology to IP. Convergence demands that these multiple technologies are constructed as synergistic resources that are made interoperable through a prescribed communication protocol. From a software programming and integration perspective, this implies the construction of a service-oriented architecture (SOA) to achieve convergence. A convergent service-oriented strategy for the security industry – a Surveillance SOA – results in the ‘emergence’ of more streamlined interoperability alongside entirely new applications that leverage existing surveillance assets for security and non-security uses.

Where Do We Stand Today?

In the surveillance industry, much of our attention on convergence is drawn to the transition of video transmission to IP networks, including the market switchover to IP cameras. This focused attention is not a surprise; after all, we could say IP-based video has been the most over-anticipated, yet highly difficult transition that the security industry has been waiting for. Video is certainly an important technology migration, but it represents only one aspect of recognizing the full value of security system convergence.

While cameras may use standard methods to connect to a video management system (VMS), they are often utilized to simply pass video to that central location. The cameras themselves, each a platform performing the discrete service of generating frames of video, are not aware of each other, and typically require the VMS to bridge any communications. This, in turn, makes applications such as automated two-camera PTZ operation, camera stitching and camera handoff cumbersome and susceptible to re-inventions from one implementation to the next.

We need to stop thinking of convergence as adding one technology, such as video or access control, to a widely accepted network infrastructure. Instead, we need to look at convergence as how we optimally and generically make all those technologies available to each other and to the end user. This is where the concept of a Surveillance SOA comes in. A Surveillance SOA extends communication by and between each individual service on the network. Rather than relying on centralized applications like a VMS or physical security information management (PSIM) to handle multiple open application programming interfaces (APIs) of cameras, analytics software and access control systems, we can look to those systems themselves as more optimized service brokers for the end customer, who can then build their own applications to bridge security and non-security web services to accomplish new tasks.

What Is A SOA?

Somewhat of a misnomer, SOA is not just concerned with high-level architecture. SOA derives from a software engineering concept where applications and solutions are built from a set of interoperable components that speak together via a set of well-understood standards and enable many-to-many interactions among services. SOA also reflects a software development methodology to make all software operations on the network self-running services that can be published, discovered and used in a standard way. To that end, SOA extends beyond technology to include the policies and practices to deliver a framework by which the right services are readily available.

Role of Standards

Security interoperability standards is an obvious and often-discussed requirement for the security industry to move further down the path of convergence. Interestingly, the two most recognized standards movements, ONVIF and PSIA, are both taking a service-oriented mindset in the creation of their respective specifications and frameworks; ONVIF is adopting a Simple Object Access Protocol (SOAP) for the creation of security system web services, and PSIA is implementing a Representational State Transfer (REST) framework for services to exchange HTTP requests over an IP network. We should remind ourselves that there is more than just a “standards war” going on with competing specifications about how to transfer video and common message formats. Both these organizations are making significantly important strides towards creating a foundation for a service-oriented architecture for our industry, and thus enabling a simple way for each resource in a security system to rely on one another to request and respond to specific functions.

Adopting A Surveillance SOA

A Surveillance SOA, one that delivers a managed interface through which all devices, platforms or applications on a network can exist and communicate as compatible services, benefits our security industry. By lowering implementation costs, a Surveillance SOA enables more direct service-to-service communications and realizes the advantages of more open interaction with non-security applications. Specifically, we can look at the benefits as follows:

Interconnectivity: This represents the notion that standard components of a surveillance system, once registered, will automatically understand how to communicate and share data through published guidelines. This also implies a sense of “pluggability,” where the same system or function from different vendors could be interchanged in any system design while keeping the underlying service communication the same.

“Many-To-Many”: Each service on a network can be called upon to function by multiple other services, applications, or endpoints. This removes point-to-point integrations between system components (e.g., an alarm panel with access control, or an IP camera with a VMS). Additionally, it enables the individual components, each hosting one or more services, to invoke and broker functions on their own rather than relying on central proprietary policies managed by VMS or PSIM applications.

More Open Access: A solution to enable better remote access to video assets has been found in cloud-based services. However, a cloud-based approach to stream video may be no more than forcing the same video surveillance paradigm through remote servers. The success of such an operation hinges upon how easily it enables any person, from any device, at any time to access the visual insight they need to accomplish a task. A Surveillance SOA approach could enable a more flexible, lightweight manner to validate user credentials and establish a generic connection for any device and/or application in the hands of the user. A service-oriented approach would enable, say, a marketing professional to formulate a simple request and receive detailed, comprehensive feedback.

Better Interaction Among Video-Related Applications: Retail and casinos present numerous case studies for aggregating surveillance data with a variety of business systems to deliver high value solutions to monitor and continuously improve daily operations. The collaboration between video cameras, simple video analytics, point-of-sale (POS) systems, and loss prevention systems to deliver a common solution to employee theft at the POS is hampered by numerous point-to-point integrations between these systems. The emergence of a Surveillance SOA would make each of these systems nothing more than a shared service on a network, each with published function calls and data output formats. All the data exists for a retailer to better understand their business, and the ability to deliver immediate, real-time insights and understanding is facilitated by the services approach.

New Opportunities for Applications: Companies all over the world are looking for ways to leverage their heavy investment into video surveillance and its underlying network infrastructure across multiple business units. In other words, how can an enterprise of any size leverage a video surveillance system for more than just surveillance? There’s strong value in internally sharing assets such as visualizations available from security systems across the enterprise. Retailers can fine-tune merchandising efforts by having access to visualizations that show traffic over time in response to display positioning or product shifts within the store, and compare that resulting traffic data with transaction data from the POS to measure effectiveness. Casinos have the opportunity to continuously monitor congestion around restaurants – and even share that with its customers – to effectively distribute traffic, reduce wait times, and make for an overall better experience for its patrons. The ability to continuously monitor and share these visual insights requires a surveillance system that is set up to serve imagery and data visualizations in real-time to any authorized consumer, whether it be an internal staffing system, a digital signage system, or a mobile phone in the hands of an “on-the-floor” employee – or even a customer.

Convergence really implies that the physical security and IT worlds stand equally ready to integrate and interact. Despite the progress of industry standards and development of more service-oriented interfaces, we are not quite there yet. What we are looking for is our collective world of physical security to drive the ‘emergence’ of approaches and architectures that will enable converged applications for businesses to see and understand their operation beyond the context of security, and easily share those findings along with the underlying video and data across the enterprise.

Conceivably, video will be a significant component to realize the full rewards of security system convergence – it’s just that the technology needed to deliver this convergence is still being implemented. In the meanwhile, it’s time now to plan for the future by focusing on standards, interconnectivity and modularity to deliver service-oriented frameworks for security and surveillance.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

What Is Needed To Make A Surveillance SOA?

Security Magazine

2020 October

What Is Needed To Make A Surveillance SOA?

Related Articles

Report Abusive Comment