Physical Security, IoT & The Role of Open Standards
Q&A with Per Björkdahl, ONVIF Chairman
Any Questions? Please type them in…
2
ONVIF is committed to providing and promoting open interfaces to the security industry for effective interoperability of IP-based physical security products.
The cornerstones of ONVIF are:Standardization of communication between IP-based physical security productsInteroperability regardless of brandOpenness to all companies and organizations
Liaison with International standardization IEC & ISOIEC TC79 WG12 Video (IEC 62676-2-3:2013IEC TC/) WG11 Access Control (IEC 60839-11-1)IEC TC9 WG46 CCTV in trains (IEC62580-2)ISO JTC1 HEVC (H.265)
About ONVIF
3
MISSIONTo provide and promote open Interfaces to the security industry for effective Interoperability.
VISIONAll Security Systems share one Interface.
ONVIF Mission & Vision
4
ONVIF Development: 2008 to present
2008/10ONVIF founded by Axis, Sony & Bosch, Core Specification 1.0
2009/05Release of test tool and conformance procedure
2009/07First conformant product launched
2009/10100 members200 products
2010/03Scope extended to Access control
2010/12Core specification 2.0 & Device Test Tool 1.02
2011/09300 members1000 products
2011/12Device Test Tool 11.1Profile S released
2012/08400 members2000 products
2013/041200 Profile S products
2013/12Profile C released
2014/04500 members2700 Profile S products
2014/07Profile G released
2014/12Profile Q release candidate
2015/03Client test tool released
2015/10500+ members5009 products
2015/07Profile A release candidate
2016/05≈ 490 members6´500 products
2011/12EN 50132-5-2IP Video Transmission ProtocolsBased on Webservices
2013/11 IEC 62676-2-3IP Video Transmission ProtocolsBased on Webservices
2011/02 IEC60839-11-31 EACS IP Transmission ProtocolsBased on Webservices
2016/07Profile Q released
2016/12Profile A planned release
5
Availability vs. protection Different threatscape than a PC Unmanaged devices Customers are not cyber mature IoT vendors are not cyber mature
Internet of Things – Cyber challenges
6
Security is vital to IoT“It is a process, not a product”
“Bruce Schneier”
7
IoT are easier to hardened compared PC
Out-of-the-box hardening Independent researchers Cyber awareness is increasing
IoT– Cyber challenges going forward
8
The message is loud and clear security products that can’t connect to an IP network disappear from the market sooner than later!
Two possible developmentsLimited utilization of standards•Isolated system silos from one manufacturer •Proprietary systems•Manufacturer lock in •Limited interoperabilityFull utilization of standards•True IoT •Openness, •Unlimited interoperability
the Role of Standards
9
True IoT is not possible without standardsStandards are not only technicalStandards are also ProceduresTogether they can achieve security
Let’s not take a leap backwardsSecurity by obscurity is not preferred
the Role of Standards
10
Security is a Permanent working group in ONVIFCertificate-based Client AuthenticationKeystoreTLS serverGeneral design goals
What is ONVIF doing about security
New Website! http://www.memoori.com/
Next Webinar: 12th Sept - “Demystifying the IoT in Smart Buildings”