12 Jan 2024

Editor Introduction

In the complex world of physical security systems, standards can enable disparate systems to be combined to function together as a cohesive whole. Standards help to ensure that all the “pieces” fit together to create a clear, unified picture. More broadly speaking, standards also play a role in ensuring best practices are deployed in a range of security-related situations.

We asked this week’s Expert Panel Roundtable: Which standards have had the greatest positive impact on physical security?


Ryan Gregory Axis Communications

The Software Bill of Materials (SBOM) standards mandated over the past year have enhanced visibility into software vulnerabilities and made physical security devices better defended than ever before. This visibility is critical – after all, you can’t fix something you don’t know is broken, and cybersecurity threats are more prevalent than ever. SBOM refers to a repository that helps identify in which network devices vulnerabilities exist, and also shows all the software components a vendor’s device relies on. The SBOM also provides the ability to review these software components before even purchasing a network device. Whether you’re setting up a device management system, hardening new devices, or looking into how the existing ones operate, it’s crucial to have actionable, real-time insights into vulnerabilities to proactively defend your network attack surface.

For video security systems, the adoption of H.264 led to significant improvements in the development and interoperability of IP-based security solutions. This video compression standard has ensured that different devices and software from various manufacturers work together seamlessly. This enabled compatibility was crucial to creating comprehensive security systems using components from different sources. Efficient video compression from both H.264 and H.265 continues to be vital for reducing the storage footprint and bandwidth requirements of high-resolution video. For systems with remote access or cloud storage infrastructure, it is essential. Specialised communication standards such as ONVIF have also been important when facilitating basic interoperability between network video devices. While image processing and API/SDKs developed by manufacturers can further improve image quality, reduce bandwidth, and enhance communication between components, industry standards guarantee a minimum level of interoperability. With today’s evolving cyber threats, it’s also important that more organisations adopt cybersecurity standards such as NIST’s FIPS 140-2 Level 3.

Marisa Randazzo Ontic Technologies

California recently passed its Senate Bill 553, requiring companies to establish their own workplace violence prevention standards. Companies in California must now keep records of all threats and incidents of workplace violence, as well as their responses to those threats and incidents. The passing of this Bill is a step in the right direction for corporate security and preventing workplace violence as it compels companies to keep track of their threat landscape and better protect their employees. The passing of this bill may also result in other states following suit. To help comply with the law, organisations will need to think about how to keep track of these incidents, which will be required by law in California starting in July 2024. Organisations that invest now in a centralised system of record will be well prepared to comply with the law by capturing all workplace threats and violent incidents and showing the work they have done to address each, including conducting investigations where required.

Daniel May Consort Architectural Hardware

Where physical security systems implement measures and protocols to protect people, assets and information, standards play a critical role in ensuring their effectiveness, reliability, and consistency – promoting best practices and benchmarking performance in the process. ISO 27001, for example, is recognised as the international standard that focuses on information security management systems, but its principles and framework can be applied to physical security also, and as such, it has helped to deliver a holistic approach to security management. For access control specifically, it’s crucial to identify the specific frameworks relevant to your region, systems and regulatory requirements, with regional or industry-specific standards, such as the British Standards Institution and its BS EN 60839 and BS EN 1209 classifications - to name a few - having driven continuous improvement across the industry. Similarly, the American National Standards Institute (ANSI) and the Builders Hardware Manufacturers Association (BHMA) have established several key standards such as the ANSI/BHMA A156 series, which addresses various types of hardware in the US. Finally, one of the most widely recognised and respected standards is the Physical Security Interoperability Alliance (PSIA) which provides comprehensive requirements for access control systems by focusing on interoperability, scalability and functionality.


Editor Summary

Systems built on open standards are inherently more scalable and adaptable to future changes. As new technologies and systems emerge, the ability to integrate them seamlessly becomes crucial. Standards provide a bridge between the old and the new, allowing organisations to evolve their systems without getting locked into proprietary solutions.

Quick poll
What is the most significant challenge facing smart building security today?