In five years ‌ or less, many access control systems will be legend ‌ and the security issues could be legion.
Shut
System 18
December 2013/January 2014 | Homeland Security Today Magazine
CRITICAL INFRASTRUCTURE SECURITY
BY JERRY “DUTCH” FORSTATER, CONTRIBUTING WRITER
O
bsolescence through time is proceeding to shut down existing security systems from further product or technical support right before our very eyes. By 2015, the computerization of electronics will have increased the capacity of integrated circuits one million fold in just 30 years’ time. Electronic chips are already more than three million times lighter and 10,000 times cheaper than an equivalent device 30 years ago. But even with this substantial increase in miniaturization, memory management, memory capacity, cloud services and virtualization of the legacy personal computer (PC), the basic X86 processor is still the same old device of 40 years ago. This will pose serious and fundamental problems for access control and other security systems by 2018 because of this simple reality of life cycle and the consequent costs to continue interim software development until the next X86 version processor is developed. By 2018, more than 50 percent of all card access systems deployed today will have no support. Nor will replacement parts be available. Nor will the licensing model of Internet protocol (IP) cameras be the same as it is today. IP cameras, encoders and network video recorders/storage area networks (NVRs/SANs) will all be changed and may no longer be supported. And if that isn’t enough, the networks required to support these systems will evermore change, become evermore secure, evermore hardened and evermore apt for a failure to occur network-wide. In this same short time span, a paradigm shift in public safety technologies will occur. And little has been done — or is being done — to warn about these important changes. By 2018, 3-D satellite modeling, geo-located infrastructure, a quadrupling of available field sensors, identification credentialing, biometrics and physical security integration management will outpace our physical ability to manage alarms and incidents on a knowledge-based level the same way we do today.
Down Homeland Security Today Magazine | December 2013/January 2014
19
THE CONCEPT OF BIG BROTHER WATCHING US IS NOW ENTIRELY ELEMENTARY. WE’RE ACTUALLY INSTALLING SOPHISTICATED SENSORS, WHETHER THEY ARE VIDEO CAMERAS OR MONITORS, OF ENDLESS VARIETIES. AND THEY’RE ALL COMPUTERS. AND THE RELATIVE NUMBER OF THEM USING SOPHISTICATED TECHNOLOGIES HAS RISEN BY THE MILLIONS SINCE 1975.
“
Major access control systems manufacturers today are pitted against managing old data gathering panels, multiplexed electronics, legacy software, Weigand-based wiring, positive identification, digital communications and cyber constraints with mounting technical challenges. Many analog switch-based — and now vintage 2005-era digital closed-circuit TV systems — will also find themselves islands in a non-interoperable world, at least in part because of hardware, but more often because of rewriting of software code that prevents optimization. And it’s entirely due to software that’s designed for the legacy X86 microprocessor manufactured continuously since 1979. The X86 is the heart of most machines. The microprocessor pumps, regulates, synchronizes and generally acts like the conductor of a micro-miniature orchestra with 64 instruments, conducting up to 20 or more scores at once, at a speed that 20 years ago seemed a far-flung reality. If you’ve ever touched a computer — no matter what brand or model — this tiny machine no bigger than a silver dollar has intertwined its reputation into your soul. It’s known by many aliases, such as 286, 386, Pentium and the server’s X86 version — the Xeon. All the while, though, newer PCs and mobile devices still base the i3, i5, i7 and even 2006 Core Duo technology on the X86. The X86 is, essentially, the ‘79 vintage Ford Mustang of the industry. And it needs software to complement it — lots of it — and all coded as in the old days. While normally not written in DOS (its old “shell”) the shadow of this workhorse still resides inside — tamed but now restless from relentless improvement. By 2025, machine knowledge will exceed human knowledge. With life expectancy approaching almost 90 years by this time, it will mean an increase in the workforce and an increase in human transportation needs. This could mean an average three-fold increase in ridership on public transportation in less than 15 years.
It will also mean inherent security and safety risks, because by 2050, one in three people in the world will live in areas prone to natural or manmade disaster. Urbanization, migration and geo-politics will continuously influence public safety, corporate and homeland security’s systems capabilities to comprehensively manage rising oceanographic waters, severe temperatures, earthquakes, storm effects, nuclear disaster, fossil fuel damage, clean water and food shortages. The concept of Big Brother watching us is now entirely elementary. We’re actually installing sophisticated sensors, whether they are video cameras or monitors, of endless varieties. And they’re all computers. And the relative number of them using sophisticated technologies has risen by the millions since 1975. Yet, even with the X86 microprocessor that’s used in 80 percent of computers, production of the microprocessor leveled off for PCs by almost 5 percent in 2013 as a result of mobile devices. Meanwhile, pure IP platform video and/or sensor production has multiplied dramatically. It may well be that for each PC/server deployed, more than 10 times that number will be deployed as IP-based video cameras or microcomputer sensor devices with the capability to decipher critical scene or environmental data in its microprocessor without forwarding irrelevant, spurious “noise.”
From bad to worse Few want change. It’s like the mechanic who says fixing it will cause more problems. Well, if that’s the case, then it’s probably time for a complete overhaul. The following are a few case studies that illustrate the extant problem of technology “sunsets.” As recently as 2010, a nuclear power plant was recording 30,000 false alarms per month, with a tendency to lock up its 1987 computer when a history query was performed. Its memory — the size
Critical System Security Components Still Using 1970’s Technologies Others
>80%
X86 Based Processors
Others
>80%
Access Devices Using Wiegand Communication Protocol
Source: G. I. Forstater©, 2013
Go online today for exclusive online content and eNewsletters
Homeland Security Today Magazine | December 2013/January 2014
21
Escalation of Assets Replacement Model (EARM)
Existing Assets
Life Cycle Asset Analysis Classification
Redefined Assets
New Aquisition
New Life Cycle
Forward Compatible
No EOL in Near Future Existing System Assets
Redefined System Assets
Legacy In-But-Out EOL < 4 Years
Terminal
EOL > 3 Years Ago
X
Terminal
EOL > 10 Years Ago Source: G. I. Forstater©, 2013
of a large microwave with LP record-type spinning platters — was so old it was considered an eBay collectable in 2000. There’s the police department that had two-dozen digital video recorders all lacking time synchronization, making evidentiary chain of custody evidence questionable. Consider the government agency with thousands of card holders who basically didn’t exist anymore, and whose administrative access control system will be a thing of the past in a matter of years. Moreover, the manufacturer is “declining” any usable or sensible migration paths, abandoning them with no life raft … or preserver.
22
December 2013/January 2014 | Homeland Security Today Magazine
Finally, when trying to incorporate a myriad of technologies, there’s the airport that loaded the latest patch and security update for its switches, but failed to realize the update was not coded correctly and lost particular settings that were necessary for operation, bringing the system to a slow grind. Contrast these obstacles with what the near future has in store. By 2020, small “drone” probes — flying video cameras — will economically and silently patrol critical infrastructure, pre programmed for the inside of buildings, corridors, offices and mechanical spaces. They may even sense fire, water, temperature,
Go online today for exclusive online content and eNewsletters
WITH THE ADVENT OF NEWER, MORE RELIABLE AND IMPROVED SENSORS AND THE NEED TO MANAGE SUSTAINABLE SECURITY OR PUBLIC SAFETY SYSTEMS, THE NEXT FIVE YEARS IS THE RIGHT TIME TO EXERCISE THE PLANNING OF A SUSTAINABLE MIGRATION PATH — WHATEVER THE MICROPROCESSOR, CHIP OR COMPUTER’S NEW NAME OR NAMESAKE. smoke, people, pests and obstacles. They’ll be launched at each location from a “home base” where they’re charged and receive maintenance and upgrades. They’ll even diagnose their own health and replace their own batteries. They’ll be a force multiplier if ever there was one. Virtual alarm rooms will also appear more frequently. These rooms will envelop operators and provide a uniform video structure that is seemingly endless, with true visual perspective. Seamless and up to 100 inches tall, the wraparound polymer screens will be able to dimensionally show the corporate enterprise or cityscape as virtual video. It’ll provide a fly-by-wire approach to virtualization, incorporating commands through verbal and nonverbal communication with the computer. Most important, the computer will now be the analytical tool used to determine alarms and processing of information. Now imagine a neural network of computers — actually cameras with the power of computers 1,000 times more powerful than those on Apollo 11, the first manned spacecraft to land on the moon — all connected to a stream filter that not only connects the dots, but learns from us and then teaches us. Massachusetts-based Worcester Polytechnic Institute’s Database Systems Research Group (DSRG) is investigating how these technologies can prepare us for stream filtering information. Elke Rundensteiner, a DSRG professor, said “We’ve got to filter down through the fire hose of data” to “scale to big data streams and on the other hand not miss any critical nugget.” Will we be able to fix legacy problems, incorporate more technically diverse applications and drink from the fire hose of data while still relying on older microprocessor designs?
Analysis With the advent of newer, more reliable and improved sensors and the need to manage sustainable security or public safety systems, the next five years is the right time to exercise the planning of a sustainable migration path — whatever the microprocessor, chip or computer’s new name or namesake. Important decisions need to be made about evaluating support and funding of existing systems or software before acquiring new technology. Any legacy system greater than 15 years old needs to be identified as to whether it’s nearing its end of life and will terminate in the immediate future. End of life for a potentially terminated system could also exist for anything that has not received direct original equipment manufacturer support for three years or longer. These are the two most significant decisions with costly continued support issues. The next two decisions involve supported and forward-compatible systems — systems that have an end of life greater than four years from now or no determination for end of life. Investing additional money into technology for these systems makes the most sense. But be forewarned: Even new acquisitions can have a downside when manufacturers merge, are acquired by larger corporate
Go online today for exclusive online content and eNewsletters
Recently completed Philadelphia Delaware Valley Intelligence Center.
takeovers or lose the strategic edge due to market climate. In many instances, high technology investments have faltered due to support or manufacturers’ corporate disintegration. When can we expect new operating systems and software to be developed? When the labor required to produce the hardware with all the sensor, input, output, communications and security codes and tightly embed them into easily programmable and expandable chips — is close to zero. Perhaps a consortium that has the money, willpower and desire to use artificial intelligence will provide the next design. It will be sometime before computers design new circuits, “grow” silicon and nanotube circuits, assemble the components and program themselves. It’s in the nation’s fundamental interest to develop this next processor and programming masterwork in the United States. This will provide us with manufacturing preeminence, stiff security and encryption code development with the intrinsic ability to incorporate a sensor-driven world onto our own — saving lives, reducing crime and helping us prepare to maintain our technology leadership into the 21st century. HST Jerry “Dutch” Forstater is CEO, COO and chief engineer of Professional Systems Engineering LLC, which he founded in 1986 and which is nationally known for its expertise in design and engineering of integrated systems for complex critical infrastructure projects. He is board member of the International Association of Professional Security Consultants (IAPSC) and secretary of the Philadelphia chapter of ASIS International.
u Learn more on this subject at www.HSToday.us
Homeland Security Today Magazine | December 2013/January 2014
23
PHOTO BY ALLEN STOCK, CDI/KIMBALL ARCHITECTS
“