Posts Tagged cctv

NEC and Conduit Fills for Communications and Security Cabling

A question that comes up frequently for us when working on security projects with high density device counts is conduit fill.   That National Electrical Code typically wants to limit conduit fill to less than 40% of the capacity for cables in the raceway.  This is based upon the dimensions of the conductors and the potential for “jamming” or stressing the cable and potential thermal issues that could lead to electrical fires.  This is referenced to apply to power cabling for AC power conductors.

We all know (or should know) that metallic low voltage communications cabling (e.g. CAT6 network, dry contact devices, card readers, etc) can’t be run in the same conduit as AC power cabling, so what is the limitation for conduit fill for low voltage security cabling?

Whenever you are in doubt, you should always consult with the AHJ, but in reality the NEC basically doesn’t care and it will likely never be inspected.  The manufacturers of these cables may have some recommendations on maximum fill ratings to reduce the pulling tension to minimize stretching or damaging the cable, however.  There are other factors in play of course: cable type, conduit type, distance, number of bends, and pulling lubricant used.

In short, be conservative with conduit fill for long runs of delicate small gauge multi-conductor cables like 22AWG TSP or CAT6A that could be damaged.   But for vertical cores between floors that are typically very short runs, you can probably fill to 80% without any significant risk, as long as the cable is properly supported and there is sufficient room remaining to properly apply intumescent firestop sealant.

Posted in: Access Control, Security Consulting

Leave a Comment (0) →

More Cloud Woes for Security

Once again a cloud solution has been hacked, this time Verkada, a fairly new entry into the security arena.  Verkada offers a turnkey solution using proprietary hardware and hosted video management solutions for a monthly fee.  They aren’t unique to the industry, but they are the most recent to be hacked and be spotlighted in the news.

The key takeaway from the Bloomberg article is something we’ve been telling our clients for a while:  Cloud and SaaS solutions typically have a “super-admin” or overall management account access that lets the provider “see” all of their customer’s account and account information.  This varies of course depending upon the service provider and the service type, but in general if you don’t own the server, someone else does and has to manage and support the data coming into it and on it.

Madison County Jail seen through a Verkada camera.

“A group of hackers say they breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc., gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools.”

We strongly urge to our clients that sensitive data and physical controls should be hosted on premise, and don’t belong in the cloud.   This could be devastating for Verkada and other cloud based solutions that are dedicated 100% to SAAS (software as a service) solutions.   You can read the full article from Bloomberg here:

https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams?srnd=premium

 

Posted in: Company News

Leave a Comment (0) →

Products That Don’t Exist, But Should

While working with a client for a high end residence, he brought up the video door bell gadgets that are all over the internet and in every Lowes or Home Depot. The objective was to have a decorative camera that would recognize video motion and record video and sound for visitors at the doorstep.

There are quite a few of these products available on the market, and for the general consumer they are probably a good fit.   But for our client base, a high end residence will typically have an integrated security and access control system, including video cameras.   Products like Ring and SkyBell must be used with a contract service that stores the video in the cloud, and are typically accessed and viewed via a smartphone app and are proprietary in nature.   This means they don’t support standards like RTSP or ONVIF which would allow off the shelf network video recorders (NVR) to record the video on-site or remotely as part of a comprehensive monitoring service.

To make things worse, these cameras typically operate over WiFi, and do not have any kind of battery backup.   Unreliable wireless communications and unreliable power don’t make for good security.   But at the same time we don’t want to add some industrial looking door bell to the client’s residence.   So what residential products like this are available currently that we can connect to our own NVR?  Nothing.   Really…. nada, zip, zilch.   There are currently no low profile, decorative products commercially available that will support a hardwired video connection and operate as a standard doorbell camera.

Another option was a product with a security camera integrated into the porch light.  Kuna makes some great looking products that would fit most any residential style and decor.  Kuna Maximus Light w/Camera But again, these products lock you into a monthly cloud service contract with proprietary protocols that are not available to 3rd party NVRs.  The Kuna Maximus product almost fits the bill too, providing good looks with security lighting, 720P video and two-way voice communications, but it still requires WiFi and is proprietary.

Someone Please Build This:

Here’s a product idea for high end residential and ornate commercial environments that want additional security.   Take a product like the Kuna Maximus where you have a decorative security light with a built in camera, but instead make it with the following features:

  • Motion Triggered Lighting (two-level lighting for soft accent lighting and full power security lighting when motion is detected).
  • 2 Megapixel IP Camera with Night Vision, H.264 video codec.
  • Two way audio communications with built-in microphone and speaker.
  • Support for HTTP, ONVIF, RTSP, FTP, SMTP, DHCP, DDNS, and SNMP protocols.
  • 10/100 Ethernet via built in powerline adapter, plus 802.11ac Dual Band 2.4G/5G Wireless support

So here’s the thinking behind this.  Almost every residence has a porch light at the front door.  This device would replace the existing wall mounted porch light, using the exact same 2-wire 12o VAC power that already exists.  It operates as any other motion security light, either “off until motion sensed”, or “1/2 brightness until motion sensed and then full brightness”.  It takes any standard Edison bulb.   The good part comes in where we add the camera that can use WiFi (if you must) or the built-in powerline Ethernet interface, allowing you to connect it to your own home network using a powerline module plugged into the wall near your router and then via CAT5 to your router.   From there it can behave as any other network camera on your NVR, or it can operate standalone with video motion detection and send emails when triggered, or upload via FTP to a web server, or whatever.  The powerline Ethernet adapters allow us to avoid WiFi where we can, and use the existing power wiring, eliminating the need for additional CAT5 cabling to the light.  If video is centrally monitored, the remote operator could communicate via IP audio to the person in front of the camera using a video management server.

This product should already exist, and quite frankly I can’t believe it doesn’t.  It would probably cost less than $300 retail, and I’d not only be using them on every executive residence that I was responsible for, I’d have one on my own home too.   And if you really want to have some contract service to store video in the cloud, fine… just don’t make it the only option.

 

Posted in: Reviews

Leave a Comment (0) →

Facial Recognition for Access Control?

Several years ago,  I worked on a project prototype for a major group of sea ports that had an interest to use the state’s drivers license image database for facial recognition/verification of TWIC applicants and the eventual use for identity verification for critical card access points.  The main focus of the project was to ensure that the person applying for the TWIC card was indeed who they claimed to be, and not an imposter.   Neither the CCTV system nor the card access system had the built in software to do this, much less do it together, so we had to write the interface and the software to manage it.  It worked, but not as well as we would have liked.   We used a GPL’d algorithm for the facial recognition, which while good, would have some false positives and false negatives from time to time.   Ultimately to me, it served as a proof of concept.  It did work, and could be made as a serviceable monitoring and investigation tool for security.  (Later we used that same GPL software to create a tool that would scrounge through the card access database and crop the cardholder photos to a uniform size.  THAT worked really well.)

Years later, as far as I know there is still not an off-the-shelf system that provides a true facial recognition monitoring capability for access control violations.  This seems like something very straightforward to do, and as most companies or government branches have an actively maintained photo database of their cardholder personnel, and most often have video cameras monitoring locations where access control is used.

The biggest limitation we found was the quality of the CCTV images against the badge database photos.   Both were of rather poor quality, but if we used the software as just a pre-filtering tool for security operators, the margins of error were more tolerable.  The idea was to still have a security guard doing the verification, but not for every photo, just the ones the software couldn’t handle well.

Cardholder with back to camera.

Poor camera angle doesn’t allow for good facial recognition

With Megapixel IP cameras replacing low resolution analog cameras, the probability improves of having a photo with an acceptable number of unique data points to match against an image database with a high degree of confidence.  This means more information data points to compare, and fewer false positives and negatives.   There are still other considerations such as angle of view, proper lensing, lighting, face concealment/alteration issues, and image database accuracy.  And you must have most, if not all of these considerations to have a usable image.  As shown here, even if you have good lighting and resolution, if you don’t have a good angle and lensing, you will not have a usable image for facial recognition of the cardholder.

Currently, there are about a dozen corporations world wide that offer some type of facial recognition software.   Many of their larger customers are government agencies or the financial industry.  It is used in some border crossings, passport identification, and high profile monuments.   The FBI may be the most famous consumer of this technology, but it is not used in a widespread fashion as far as I know.  Naturally, this isn’t something that is widely advertised by these agencies.

Still, as such a highly technically savvy country as the USA supposedly is, I’ve often wondered why we don’t have facial recognition with a national database at all critical locations like border crossings, airports, bus stations, train stations, embassies, and hospitals.  I realize there’s a modest invasion of privacy, and nobody likes the thought of having “big brother” monitor your whereabouts, especially putting your name to your face in a specific location and time.   It’s kind of creepy.  But the other side of the coin is that if we maintain a central photographic database of active criminals and terrorists (which we do), then having feeds from certain cameras in certain high traffic locations might allow us to not only apprehend said criminals/terrorists in a timely manner, but even allow us to gain intelligence regarding their commuting patterns, associations, and personal habits.  This is beneficial information that can reduce crime and terrorism.

Keep in mind, the government already has a very large database of photos, probably including you, even if you don’t have a mug shot in the NCIC.  Facebook, Twitter, Instagram, LinkedIn, are all repositories available that most likely link your face with your name.   The FBI has said that by 2015, it plans to have 52 million photos in its NGI facial recognition database.   The FBI will include non-criminal information as well as criminal.  Where’d they get those?!    So, you may already be in the database, and maybe me too.  Obviously, some people will object to this idea, some even quite profusely.  But the genie is already out of the bottle.  Getting him stuffed back in is going to be difficult, if not impossible.

So the natural progression on this “big brother” concern just may be to license the database.   For a fee, allow vetted customers to have access to the database via an API to use this centralized database for government and limited private commercial purposes.  Want to know if your daughter or son is in the NGI database?  Maybe there’s a background check service company that can tell you.   But for financial institutions, or the port authority I mentioned in the beginning of this article, it would be a boon of intelligence data.   Not only would they have their own employees and contractors in their own database, they could also have access to a national database of “persons of interest” that could assist them in determining if a potential applicant is a criminal, or maybe even just a high risk.  That has the simultaneous possibility of reducing their own risks, and providing timely information to Homeland Security about a potential threats whereabouts and possible intentions.

Facial recognition of employees at work

Facial recognition in the workplace.

I think the future of this technology is already headed in this direction, and there may already be entities that are doing exactly what I’ve described, but I believe the technology will become more pervasive as some of the technological (and sociological) barriers are broken down.

Posted in: Access Control, Company News, Security Technology

Leave a Comment (0) →