Information. Insight. Influence. securityindustry.org

SIA OSDP Profile Drafts Information. Insight. Influence. securityindustry.org

SIA OSDP Profiles – Basic Reader [Description] A reader that supports basic current OSDP commands   [Standards] Reader to Panel communications using bi-directional RS-485 at 9600 to 115kb. OSDP v2.1.6 (OSDP 2.1.7) [Optional Features] Secure OSDP Bi-directional RS-485 communications. Keypad Entry Text Display Information. Insight. Influence. securityindustry.org

SIA OSDP Profiles – Federal Government Description [Description] A Peripheral Device (PD) that conforms to functions necessary to perform Federal Identity, Credentialing and Access Management (FICAM) applications. These requirements are informed by officially published GSA Approved Products List (APL) testing and certification guidance.   Please Note: The FICAM APL PACS testing and certification program is a comprehensive end-to-end process that is yet to be completely finalized. Conformance to either method in this OSDP profile does not guarantee acceptance to the FICAM APL. This can be achieved through various modes: [Transparent Mode] [Extended Packet Mode] Information. Insight. Influence. securityindustry.org

SIA OSDP Profiles – Federal Government: Standards and Options OSDP v2.1.6 (2.1.7) Reader to Panel communications using bi-directional RS-485 115kb or greater. NIST 800-73-3 FICAM PACS Master Test Procedures Section 1.3 FICAM APL-2 Certification Guidance ISO-7816-4 [Optional Features] Secure OSDP Bi-directional RS-485 communications. Keypad Entry Text Display Information. Insight. Influence. securityindustry.org

SIA OSDP Profiles – Biometric Verification [Description] A device that supports current OSDP commands for the verification of a biometric template. [Standards] Reader to Panel communications using bi-directional RS-485 at 9600 to 115kb. OSDP v2.1.6 (OSDP 2.1.7) [Optional Features] Secure OSDP Bi-directional RS-485 communications. Keypad Entry Text Display Information. Insight. Influence. securityindustry.org

Security Industry Association SNMP Standards Development Sub-Committee Initial Scope Review Information. Insight. Influence. securityindustry.org

Charter Goals Deliver a turnkey implementation method to ensure the standardized management of any physical security IP based device. Use industry standard, readily accepted and implemented to prevent proprietary forced usage requirements, allowing benefit to the customers who buy these devices. Platform agnostic approach to enable monitoring these devices. Easy to understand and implement. Promote the use of SIA as a repository and reference for all devices compliant with the standards. Information. Insight. Influence. securityindustry.org

IETF SNMP Standards Internet Engineering Task Force Founded in 1986 by US Government Researchers Evolved into a standards development function in 1993. Widely accepted industry standards body with regards to SNMP utilization and definition Information. Insight. Influence. securityindustry.org

Standard RFC/OID Implementation Guideline RFC to be implemented in its full capacity, not just in parts. All OID’s must be readable. Where possible, utilize no less than SNMP V2C SNMP V3 security is preferable to ensure the protection of data available. Any OID’s defined as writable by the SNMP standard shall be implemented as writable on all devices. Information. Insight. Influence. securityindustry.org

Proposed Usage - IETF RFC’s RFC 1213 – MIB for Network Management of TCP/IP Based Internets RFC 2863 – Interface Group MIB RFC 4022 – MIB for Transmission Control Protocol RFC 2790 – Host Resource MIB RFC 4293 – MIB for Internet Protocol RFC 2465 – MIB for IP Version 6 Information. Insight. Influence. securityindustry.org

The Role of IoT in Security Standards Steve Van Till CEO, Brivo Systems Chairman, SIA Standards steve.vantill@brivo.com

Four Megatrends Affecting Security Data IoT Mobile Social

Internet of Everything Internet of Things Internet of Everything Industrial Internet of Things

How does IoT change security? #GOOD #BAD More smart devices More data New standards Better analytics Early warnings More things to hack More privacy threats Compatibility risks Data overload Signal-to-noise

An anti-hero who can hack into the physical infrastructure #UGLY An anti-hero who can hack into the physical infrastructure to obtain and control information or to destroy such devices completely.

What jobs will IoT do for security? Sensing Controlling Identity

Source: How Smart, Connected Products Are Transforming Competition by Michael Porter and James E. Heppleman Harvard Business Review, November 2014

The Goal of IoT Standards To create interoperable products that can discover, connect, and interact directly with other nearby devices, systems, and services regardless of transport layer, device type, platform, operating system, or brand. - AllSeen Alliance

Who’s Creating IoT Standards?

SIA Standards in Context SNMP (MIB) Model: an industry profile for an extensible framework An ‘Internet’ (IP) standard (the I in IoT) Common heritage to (some) IoT initiatives As a MIB, has a role in many types of systems

SIA Standards in Context OSDP Model: industry-specific standard for industry-specific need Shifting from local/wired (RS-485) to IP Opportunity: broader use and an Internet (IP) standard?

SIA Standards Role in IoT Standards Development?

One Thing We Don’t Want To Do

Possible Roles & Responses Educate SIA members about IoT standards Educate IoT communities about SIA members Join IoT organizations Outreach to IoT players Contribute to IoT standards Create an industry-specific IoT framework

Thank You Thank You Steve Van Till Steve Van Till President & CEO Brivo Systems steve.vantill@brivo.com Thank You Steve Van Till President & CEO, Brivo Systems Chairman, SIA Standards steve.vantill@brivo.com