Like the fax and the mobile telephone, card-based access control gained acceptance in the 1980s – and has since become an everyday staple of corporate life. Robert Chapman charts the technology's evolution, and explains the likely impact of recent innovations on its future development.
Swiping a card through a reader to gain access to a company's headquarters is now a perfectly acceptable feature of everyday corporate life. Over the years, we have all become familiar with the routine, and the advantages that it brings us in terms of increased security and safety.

However, where cards were once used exclusively for opening doors, and controlling who was allowed to go where (and when) in a given building, now they can be used for a whole host of functions. Recent developments in card technology allow for the card that gives you access at your workplace to be used for recording attendance, gaining access to your PC, as your identity card and even for cashless transactions at the vending machine.

The role of the multi-functional card, then, has evolved with developing technology. As ever, by pushing the 'technological envelope' we are now beginning to see dramatic gains in efficiency – as evidenced by more streamlined organisations and reduced numbers of staff.

Today, IT systems across the world are connected via high speed Local Area Networks (LANs) and Wide Area Networks (WANs), and there's an increasing expectation that non-core applications such as security and access control – once the sole domain of the security manager – should indeed share the corporate communications infrastructure. This model also extends to the capture and dissemination of data.

End users have come to expect raw data such as details on individual members of staff to be logged only once, and for this information to be inherited by all the company's systems. Organisations looking to eliminate inefficiency no longer find it acceptable to have to re-enter the same information into the personnel database, the access control system and the ID card system, etc – in particular when considering all the inherent inconsistencies that can occur during copying.

An opportunity for integration
The wide deployment and increasing standardisation of networking and database technology has given the designers of facilities information systems (including access control, photo ID, cashless vending and staff attendance recording systems, etc) the opportunity to integrate these applications into a lone, corporate-wide information system providing centralised administration for the end user.

In the past, integration has meant connecting the access control to the photo system, or the alarm set-up to the CCTV cameras. Now, though, organisations increasingly want to run these applications over their networks and administer them from their existing desktop PCs.

In general, the manufacturers and suppliers of security systems have been slow to design for enterprise-wide applications, preferring instead to produce closed solutions.

As such, although technological advances have produced a range of proximity and smart cards, fingerprint recognition readers and high-speed networks over the years, the fundamental layout of a typical access control system hasn't really altered a great deal since 1977, when CardKey launched the first of a new generation of card access systems.

In the 1970s and 1980s, a control panel – a microprocessor-based circuit board used to control access through a door, and housed in a metal box together with a power supply – would service two card readers and one or two doors. A number of these panels could be connected to a mini computer using low speed two or four-wire data link (often erroneously referred to as a network).

Access control system users have come to expect raw data such as details on individual members of staff to be logged only once, and for this information to be inherited by all the company’s systems

Today, a control panel may be connected to a PC running a Windows program with the capacity to accommodate four or even eight doors.

Time for a change
Why change? While it would be true to say that those elements make up a system that gave an acceptable level of performance, other commercial pressures are forcing us to adopt alternative system architectures. For example, one of the biggest property issues for today's commercial organisations is space. How do we fit ourselves, and all of the necessary accoutrements of modern commercial life, into the available workspace?

And how might developers maximise the lettable or usable space within a commercial building to maximise their profits?

A large access control installation will necessitate a significant amount of hardware to be accommodated within a given building's infrastructure. A typical installation will require that all of the door hardware (readers and locks, etc) systems plus dedicated cabling and metal enclosures for power supplies and controllers be situated as unobtrusively as possible. Once the computer network has been installed alongside the fire alarm systems, air conditioning, telephone network and intruder detection systems, few commercial premises have enough free 'closet space' left to mount access control enclosures.

It follows that door controller enclosures are typically installed in the ceiling void close to the door. This practice is fine, as long as there is room to do so. That said, with office space at a premium those ceiling voids are becoming much more shallow (particularly in new build projects).

So what does the future hold? While an increasing number of architects and developers are keener than ever before to reduce the amount of 'wasted' space available for services in their buildings, tenants and occupiers are being somewhat more discerning about the high standard of services they expect in their building(s). It's time for the security sector to meet the challenge and provide access control solutions for the end user that are smaller, smarter, faster and boast a lower cost of ownership.

Efficient monitoring and control
The desire must be for systems that will allow us to interact with other applications at the corporate level while providing an efficient means of monitoring and controlling disparate items of equipment such as card access readers, sensors and actuators at the building level.

To meet those objectives, one solution is to select Ethernet and TCP/IP as the protocol for connecting to – and running applications across – the organisation's network, and Controller Area Network (CAN) for monitoring and controlling devices within the building.

Originally developed by the German company Robert Bosch for use in the automotive industry, CAN provides a cost-effective communications bus for automotive electronics as an alternative to expensive and cumbersome wiring looms. CAN has been adopted by ISO as an open communication standard for intelligent devices, and is now increasingly being used in industrial control and building automation systems.

The desire must be for systems that will allow us to interact with other applications at the corporate level while providing a means of monitoring and controlling disparate items of equipment such as card readers, sensors and actuators at the building l

In all cases, the major requirements are cost-effectiveness, the ability to function in a difficult electrical environment, high-speed communications and ease of installation.

The benefits of CAN for the end user are tangible. For instance, the CAN network is up to 100 times faster than traditional access solutions. A CAN-based system can process a card transaction in four thousandths of a second (in contrast to the industry norm of a quarter of a second). This faster communication allows a higher degree of system flexibility, such that even the largest of projects may be undertaken with greater efficiency.

The CAN protocol also allows any device on the network to talk to any other device. All CAN devices have a degree of local intelligence, with all messages being received by all devices on the network. In this way, the detection of a fire alarm by an input device can cause all or selected access readers on the network to release doors – even if the controlling PC isn't connected. Should a number of devices attempt to access the network simultaneously, all messages are prioritised so that the highest priority message will always take precedence over other data.

The application of true networking technology such as CAN to access control has many advantages over legacy technology:

  • the application of 'plug-and-play' technology ensures that devices can be installed onto a CAN network without any special programming and with the minimum of fuss;
  • different devices (door access readers, attendance terminals and alarm monitors) all share the CAN network, thus requiring less hard- ware and bespoke cabling to fulfil a project;
  • less power is taken by a CAN-based device – the 'green effect' compared to an equivalent legacy device enabling one power supply to support a number of doors in a typical access control system;
  • fewer cables required to terminate (a typical full-featured eight-door legacy system requires something in the region of 392 cable ends to be terminated, compared to 160 if the installer were using CAN).

It follows that all of these features would allow your access control system installation to be undertaken far more quickly. For the end user that's crucial, as the overall cost of ownership for a true network-based system will be reduced in comparison to equivalent legacy solutions.

Looking to the future
It's clear that we are going to see more integration between an organisation's communications network, telephone system and IT infrastructure, while the division between security systems such as CCTV, intruder monitoring and access control will become increasingly blurred. With this in mind, we'll all need to bear in mind several points when developing the access systems of tomorrow.

First, field devices such as access readers, alarm inputs and enunciators need to be small for ease of mounting, and should be able to share a common communications and power bus. Second, the access control database and software should be able to run on the corporate network infrastructure without having to install bespoke communications and dedicated PC workstations. Third, applications will need to be integrated, bringing together such functions as access control, alarm monitoring, attendance recording, guard tour, visitor management, cashless vending and CCTV.

The third level of integration will provide the greatest efficiency gains, as it allows for once stand-alone applications to share data and work together. For instance, by integrating the CCTV, access control and intruder alarm system onto the same network, a lone security officer could oversee a number of locations from his or her desktop PC. The access control system could check for approved members of staff, resetting or activating alarms depending on whether the site is occupied or has been vacated. Images from cameras transmitted over the corporate Intranet or Internet can be used for the visual verification of alarms.

Source

SMT

Postscript

Robert Chapman is managing director of Borer Data Systems