A standard for secure access control

Access & Identity Management Handbook 2021 Access Control & Identity Management

When one thinks about open standards in the access control industry, the Open Supervised Device Protocol (OSDP) always springs to mind, primarily because it is one of the few standards in the industry and because of its utility in securing access installations. While OSDP is not a standard in every installation, it is a viable and reliable replacement for Wiegand, which is not secure.

More than security, OSDP also provides more functionality and constantly monitors for intrusions. It makes use of two wires, which allows for multi-drop installation, supervised connections to indicate reader malfunctions, and scalability to connect more field devices. It also includes 128-bit encryption as standard. To read more about the benefits and functionality of the protocol, go to www.securityindustry.org/industry-standards/open-supervised-device-protocol/.

“The OSDP standard was developed by the Security Industry Association (SIA) and has been approved by the International Electrotechnical Commission (IEC) technical committee on alarm and electronic security systems as an international standard,” explains Ernest Mallett, sales lead for the Elvey Group. The latest version is listed as IEC 60839-11-5 and is available in the IEC Webstore (https://webstore.iec.ch/publication/33414).

The acceptance by the IEC is a big deal as it means that the standard is not simply a SIA standard, but a global one, says Barry Richardson, hardware director at Saflec Systems. OSDP is already on version 2.2, meaning it is a mature standard that has been through the initial learning curves protocols like this might have to experience in real-world scenarios. And, Richardson says, this version is a mirror of IEC 60839-11-5, published in June 2020.

Is it a user requirement?

While a standard might be a good idea, getting users to adapt and make the change to something like OSDP is not always smooth sailing. However, given the ongoing cybersecurity crises the world is experiencing, OSDP is becoming sought after in large installations.

Mallett says key organisations with high security requirements have already started to ask for OSDP in their access control systems. “This is driven by the many benefits, including security, as well as support for longer distances for cabling and lower cabling cost (OSDP cabling requires 4 cores while Wiegand requires 7 cores with signalling such as LED and beeper control). Many vendors now offer OSDP as a standard feature for their readers/panels.”

As an example, Mallett refers to HID Signo readers (which were recently launched, see www.securitysa.com/10121r). They have OSDP support without requiring any additional components/add-ons (in addition to Wiegand).

“As we work with larger listed companies and corporates, we find a higher level of education and security awareness around access control. Several are now demanding OSDP.”

The reality is security vulnerabilities are not the domain of banks or insurance companies. Mallett points out that Wiegand Sniff and card cloning will continue to be a reality until companies make the move to OSDP and improved cybersecurity in general for their access implementations. The cloning tools mentioned can be purchased for around R1000.

“We strongly urge manufacturers of products we integrate with to implement OSDP as it not only makes the integration easier, but also more secure,” adds Richardson. “While OSDP uses the same or reduces the number of wires to connect, it is not as simple as connecting up a Wiegand device as there are things like baud rates and address configurations that add a little complexity.”

There is also an issue with version control and the interoperability of products running on version 1 or version 2, explains Richardson, although the protocol is supposed to be backwards compatible. However, Mallett notes that this is changing now that the IEC has adopted OSDP as a standard. Nevertheless, testing your readers and controllers is still good practice to make sure everything works as required.

What are the real benefits?

Both Mallett and Richardson note that there are many benefits in choosing OSDP over Wiegand, some more pronounced and useful than others.

“OSDP runs on a shared multi-drop bus architecture,” explains Mallett. “This allows multiple readers to be connected with less cabling cost and effort compared with the Wiegand star topology that requires dedicated cable runs between the panel and each reader.

“Depending on the panel capabilities, a large number of readers (up to 32) can share a single bus. Sometimes this is not practical, so in most cases we see up to four readers sharing the same bus. Nevertheless, this is quite an improvement compared with Wiegand. However, irrespective of how many OSDP readers are connected to a bus, the door controller will still limit the amount it can connect to.”

In most cases, Richardson adds, the speed difference would not make a noticeable difference. “The standard does however make provision for transmitting biometric templates back and forth as well as sending text messages that can be displayed. Not only can this not be done on Wiegand, but if it could, a small 256-Byte template would take four seconds to transmit over typical Wiegand speeds.”

Slow but steady adoption

While more installations today still rely on Wiegand for communications between the reader and controller, the move to OSDP is growing. Richardson says Saflec Systems has standardised on OSDP, but still provides compatibility with older equipment to ensure it can provide whatever its customers require.

“Saflec Systems is ensuring that all of our latest hardware, software and third-party integration supports OSDP and encryption technologies all the way from the database to the identification device. We have also released a converter board that even allows old Wiegand devices to be converted into OSDP.”

Elvey is a distributor for HID products (among others) and Mallet agrees that the move to OSDP is ongoing. “HID is a pioneer in promoting OSDP for its obvious benefits. It is supported in products such as iCLASS SE/multiCLASS SE readers (using the BLE/OSDP optional module), HID Signo readers (integrated in every reader), HID Mercury controllers and HID Aero controllers. In addition, we remain supporters of some of the local access control manufactures that are yet to introduce OSDP.”


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Pentagon appointed as Milestone distributor
Elvey Security Technologies News & Events Surveillance
Milestone Systems appointed Pentagon Distribution (an Elvey Group company within the Hudaco Group of Companies) as a distributor. XProtect’s open architecture means no lock-in and the ability to customise the connected video solution that will accomplish the job.

From the editor's desk: A sad but exciting goodbye
Technews Publishing News & Events
      Welcome to the final monthly issue of SMART Security Solutions. This is the last issue of the year and the last monthly issue we will print. We are witnessing digitisation across all industries, and ...

Gallagher Security releases Command Centre v9
Gallagher News & Events Access Control & Identity Management Integrated Solutions
Richer features, greater integrations, with the release of Gallagher Security’s Command Centre v9 security site management software designed to integrate seamlessly with various systems and hardware.

Paxton’s Net2 secures medicinal cannabis facility
Paxton Access Control & Identity Management Healthcare (Industry) Videos
Paxton’s Net2 access control has been installed at Highlands Grow, a fully licensed industrial-scale cultivator, producing cannabis for medicinal and recreational use.

Lock down your access control with Alcatraz AI
C3 Shared Services Healthcare (Industry) Access Control & Identity Management AI & Data Analytics
Alcatraz AI, represented in South Africa by C3 Shared Services, changes access control by harnessing the power of artificial intelligence and analytics at the edge, where facial recognition becomes the essential credential autonomously.

All aspects of data protection
Technews Publishing Editor's Choice Information Security Infrastructure AI & Data Analytics
SMART Security Solutions spoke to Kate Mollett, Senior Director, Commvault Africa, about the company and its evolution from a backup specialist to a full data protection specialist, as well as the latest announcements from the company.

Effective access control
Flow Systems Access Control & Identity Management Products & Solutions
Flow Systems has introduced its new Extra Heavy Duty Industrial Rising Vehicle Barrier, which provides a high level of protection. It is a traditional-looking control barrier with the benefits of high-level physical protection.

Newport Aquarium replaces traditional locks and keys
Paxton Access Control & Identity Management Entertainment and Hospitality (Industry)
Newport Aquarium wanted to replace its old security system with an easy-to-use and high-security access control solution to keep the animals, visitors, and staff safe. The solution was Net2, a PC-based access control system that offers centralised administration.

Securing easy access
Suprema neaMetrics Access Control & Identity Management
Securing access to hospitals and healthcare institutions presents a unique set of challenges, because these facilities operate 24/7, have highly ‘open’ access in public areas and require a strict level of security.

Reliable mass notification
Access Control & Identity Management
The use of voice alarm and voice evacuation systems within the healthcare industry ensures a safer and more reassuring environment in the event of an emergency.