cnl software white paper - driving enterprise psim through true soa

www.cnlsoftware.com

CNL Software White PaperDriving Enterprise PSIM through True SOA:

Service Oriented Architecture in PSIM Event ProcessingMay 2012

May 2012 Confidential © 2012 CNL Software

Driving Enterprise PSIM Through Service Oriented Architecture

Table of Contents

The Challenge ...........................................................................................................................3

What is Service Oriented Architecture? ....................................................................................3

How Does SOA Help PSIM? .......................................................................................................3

Solid SOA by Design ..................................................................................................................6

Cost Effectiveness and TCO Reduction Through SOA .................................................................7

Small Scale Deployment ............................................................................................................................... 7

Medium to Enterprise Deployments ............................................................................................................ 7

Are all PSIM Solutions Based on SOA? ......................................................................................9



The Challenge

In the physical security arena, information and the speed at which it is delivered is key. It is this guiding principal that sees the huge growth in global PSIM deployments. Where information is key, access to information is vital, and nowhere is this more pronounced than in security. During critical events, it is essential that operators have fast and reliable access to relevant security assets, and pertinent information. Failure to deliver this information is not an option.

In any PSIM deployment, the day-to-day information load is relatively minimal. The challenge is the response to a sudden surge in this load, caused by a critical event or disaster scenario, comprised of multiple events happening at the same time. It is in these scenarios that a PSIM solution will need to provide the highest level of assurance that all information required will be available when needed. In addition, the solution will need to remain highly responsive, providing essential intelligence and data analysis, to enable security operators to react and respond immediately.

What is Service Oriented Architecture?

Service Oriented Architecture (SOA) simply put is a series of methodologies adopted to create separate software modules which, while interoperable, are independent to one another. This is referred to as ‘Loose Coupling’ and is essential to an enterprise level SOA based solution.

Each service within a SOA deployment should have a single functional responsibility; such as reporting, authentication or communications. It is this separation of functional units that drives the benefits of SOA. Loose coupled services allow developers to increase flexibility across networks and infrastructure boundaries, expanding capacity, distributing load and removing bottlenecks.

Secured published ‘Endpoints’, share the functionality of each service across the deployment, and with linked systems such as accounting or reporting. This enables greater PSIM integration with business systems and processes.

How Does SOA Help PSIM?

SOA enables a PSIM application to process event data in real-time, as well as update operators and security personnel with the information they need both in the control room and in the field.

The use of independent stateless services provided by SOA brings new levels of availability, performance and capacity, while also improving disaster recovery of the PSIM solution. These are built into the application architecture, so are intrinsic before considerations are made at the platform or infrastructure level. This same stateless nature reduces the cost of growth, maintenance, and future HA/DR concerns, reducing the overall Total Cost of Ownership (TCO) of a PSIM deployment.



Delivering Value With Service Oriented Architecture (SOA)The availability of data and the response to it and are essential to a successful security operation. Information should be available to operators in real-time. However, as deployments and security operations grow, too much information can lead to information overload. This dramatically reduces the effectiveness of security resources.

Diagram 1: Decision accuracy v. Information load

The follow up to an incident needs to be tightly aligned to standard operating procedure (SOP) while remaining unobstructed, allowing delivery of mission critical information and analysis to security personnel, without the need for manual intervention. Security operators need to react as soon as possible to events and the slightest delay can seriously impact the outcomes. Waiting for a PSIM system to catch-up is not an option.

Identifying four key areas that form the PSIM event pipeline, and addressing each individually, refining and optimizing the way a PSIM behaves in each area, providing complete situational awareness, in the fastest possible time.

These are;1. Event collection2. Event filtration3. Intelligent Analysis4. Alarm/Response Generation

Diagram 2: PSIM event pipeline

InformationOverload

Information Load

Deci

sion

Accu

racy

Event Collection Event Filtration Event Processing Alarm Generation

CAPTURE RESPONDANALYZEFILTER



Implementing SOA in a PSIM ensures each of these vital steps within the event pipeline is separated into individual elements as a part of the greater software solution. Each service is concerned only with that step in the pipeline, and as such is developed and refined to excel in that function, unimpeded by other areas of the system.

Subsequently, each area is independently scalable, allowing PSIM solutions to scale only where additional capacity is required. This dramatically increases the cost effectiveness of upgrades required by growth in the security deployment.

In this SOA environment, each of the services is a completely stateless entity. This means multiples of each service can be added to a deployment to support operational requirements. For example, where High Availability & Disaster Recovery (HA/DR) is needed, it can be added without having to upgrade the whole solution. Services can be added or removed from a deployment, even dynamically, allowing for 100% uptime during maintenance or dynamic increases in resource availability during those critical ‘Burst’ demands on the systems seen during major incidents.

Diagram 3: Simple IPSecurityCenter SOA structure

Clients

Workflow Services

Alarm Services

Event Services

Edge Devices



Solid SOA by Design

A PSIM vendor who adopts true SOA understands that each service needs to be optimized for performance in its area of functional responsibility within the larger system. This is not however, where the only benefits of SOA end. A PSIM event pipeline is only as good as the weakest link in the chain, so it is essential to apply the same innovation and attention to detail in the links between its services.

Events throughout a true SOA PSIM deployment should traverse services in its architecture via messaging queues. These queues ensure that the first message delivered to a service, is the first message processed. Most software developers simply select a queuing technology, and apply it throughout their solution. All messaging technologies are not equal.

Some are geared for speed, some for reliability, and some for flexibility. A well architected SOA solution should utilize the most appropriate technology at each communication boundary, making best use of each to allow the solution to process events smarter, faster and unobstructed.

It is essential that each queue is wrapped with intelligence to ensure that no event is lost, every event is processed, analysed and logged as necessary to provide the best security response in real-time. These wrapped ‘Intelligent Queues’ rely on the messaging system that underlines its SOA implementation, thus ensuring every event and message ends up in the right place at the right time.

Even bad messages are collected, stored and logged, within ‘Poisoned Message Queues’, allowing for the analysis and reporting of bad messages within a system. In any system that does not provide this functionality operations would be brought to a standstill as services failed to cope with the corrupted, or ‘Poisoned’, messages. This also brings about an increase in security, as any messages that do not conform to precisely the structure and content expected are isolated and stored, therefore unable to have any performance effect on the overall PSIM solution.

Event Services

Alarm Services

Workflow Services

Clients Clients

Local Event Services

Local Alarm Services

Local Event Services

Local Alarm Services

CENTRAL BRANCH

BRANCH 1 BRANCH 2

Diagram 4: Wider IPSecurityCenter SOA deployment

Clients



Cost Effectiveness and TCO Reduction Through SOA

SOA not only offers a more robust solution, but also a more cost-effective one. Whether at the small scale, or enterprise level, the benefits of SOA to the Total Cost of Ownership (TCO) of a PSIM deployment can be realized. These benefits reduce the cost of solutions for both integrators and End Users alike.

The key benefit here is that each service can be deployed on hardware tailored to suit its needs. This significantly reduces the cost of hardware as over-specified, under utilized hardware becomes a thing of the past. Excess capacity, can optionally be utilized by instances of other services, to realize the full return of investment on hardware and infrastructure.

Small Scale DeploymentEach service in a SOA should be kept as light as possible, minimizing resource overhead against performance. A good PSIM vendor should be constantly refining the performance and resource consumption of its event and alarm handling services in order to reduce the footprint on expensive underlying hardware infrastructure.

SOA offers small security operations the ability to minimize infrastructure requirements by deploying multiple services on the same hardware. Depending on customer requirements this can be deployed on as little as a single server.

As the requirements grow, SOA allows the infrastructure to grow proportionally with it, moving out services to their own dedicated hardware, as demand on the system dictates. This separate hardware need only satisfy the specification requirements for the specific service being loaded onto it, rather than requiring multiple expensive core servers for each growth cycle, as is so typical with most non SOA PSIM deployments.

Medium to Enterprise DeploymentsIn larger deployments where capacity goes beyond individual units, the cost of scaling is significantly reduced with SOA. Where some deployments require additional core servers to extend capacity, SOA only requires additional service nodes where additional provision is required.

Additional nodes are tailored to requirement, investing only in the necessary hardware to provide the capacity needed. Of course in security, planning is always for a major event, not the day-to-day operation of a system, and this is where SOA really shines in the large deployment scenario. Multiple services can be deployed within each hardware region, and dynamically activated, increasing capacity in functional areas of the software to suit demand as it occurs.



Diagram 4: Wider IPSecurityCenter SOA deployment

Fig 1. High throughput, low analysis Fig 2. Low throughput, deep analysis

Fig 3. Resilient alarm processing Fig 4. High capacity redundant system

Clients

Event Services 1 Event Services 2

Clients

Event Services 1

Clients

Event Services 1 Event Services 2

Alarm Service 2Alarm Service 1

Clients

Alarm Service 1 Event Services 1

Alarm Service 2 Event Services 2

Alarm Service 2

Alarm Service 1Alarm Service

Alarm Service... Event Services...



Are all PSIM Solutions Based on SOA?

Many PSIM providers claim to have developed their solutions utilizing SOA. Despite this, few have brought to realization the benefits of SOA to their customer’s solutions. Simply developing software as separate modules, and publishing them as ‘Services’ does not necessarily mean that the developer’s architecture is truly service oriented.

In a true SOA product, services are independent, capable of operation without dependency. Services are scalable, additional services can be added to a system, providing immediate increase in capacity, processing power and/or redundancy.

Without a SOA, a PSIM system will not provide sufficient capacity at each stage of the PSIM event pipeline cause huge spikes in demand for processing capacity. Simply put, the system will most likely become unstable during times of high stress, ironically just when there is the greatest need for a PSIM solution.

www.cnlsoftware.com

Copyright © 2012 CNL Software. All rights reserved. IPSecurityCenter is a trademark of CNL Software. All other trademarks and registered trademarks are the property of their respective owners.

Contact UsCNL Software USA

11715 Fox Road, Suite 400-190Indianapolis, IN 46236 USA

Tel: +1.317.522.0313

CNL Software UKCNL House, Lower Guildford Road

Knaphill, Surrey, GU21 2EP, UKTel: +44 (0)1483 480088

Email : [email protected]

MW

P/50

2/05

12

About CNL Software

CNL Software is a world leader and global provider of Physical Security Information Management (PSIM) software, designed for complete Integrated Situation Management. Our award winning PSIM technology is deployed to secure major cities, critical infrastructure and global commerce. CNL’s software sits at the heart of some of the largest, most complex and ground-breaking security integration projects in the world. Our work with leading organizations is helping to shape the future of security by offering thought leadership on key issues such as asset protection, energy reduction, process compliance and business advantage in converged physical environments.

About IPSecurityCenterTM

IPSecurityCenter is the ultimate PSIM software based integration and management platform. It connects and manages disparate building and security technologies such as video surveillance, life critical systems, radar, analytics, HVAC, PIDS, GPS tracking and GIS mapping. Through aggregating intelligence from these systems, it allows organizations to react faster and more precisely to incidents. IPSecurityCenter provides operators with real-time Situational Awareness through a Common Operating Picture (COP) and following an alert, alarm or event presents step by step process guidance, ensuring complete compliance to security policies.

cnl software white paper - driving enterprise psim through true soa

Technology