Broken Promises: The Current State of PSIM
Physical security information management solutions have so far fallen short of expectations, but next-generation systems could change that
Physical security information management (PSIM) software promised to unite multiple safety and security technologies into a common alerting, response and management framework. While much progress has been made in making this promise a reality, many PSIM systems fail to deliver the breadth of coverage, ease and consistency of use, and range of functionality necessary to meet the demands of an increasingly automated physical security industry.
This article explores where PSIM technology is today, why it remains an essential tool, and how it falls short of the ideal. It then outlines how PSIM must evolve into a unified security management platform, and what organizations should demand as these more universal applications of PSIM begin to appear on the market.
PSIM software solutions came about in response to an obvious challenge. As physical security became increasingly driven by technology, each type of system, from a wide range of vendors, required its own user interface. Video management systems required a different type of expertise than did intrusion alarms. Access control functioned completely differently than fire and smoke alarms. Product vendors, wishing to lock customers into their technology, used these closed systems to prevent competition.
The headaches for safety and security professionals from these fractured environments are far from trivial. Incompatible systems introduce time delays, as separate systems must be manually correlated to gain a full picture of what is happening. Staff must be trained on multiple systems, or additional staff must be hired. When organizations merge, either duplicate systems must be maintained, or staff trained in one must either be retrained in the other or let go.
The promise of one central platform, with a single user interface for all essential safety and security functions, carries obvious benefits:
- One system for staff to deploy, manage and operate
- All essential alerts, alarms, real-time and forensic information accessed from a centralized application
- Simple integration for new or upgraded capabilities
- The ability to connect disparate events to gain fuller, immediate insight into rapidly changing events
- Lower costs resulting from systems and subsystems integration and reduced training expenses
But has PSIM lived up to its promise? In spite of its advances and obvious value, PSIM needs to evolve significantly before it becomes truly aligned with its goals. More technologies must be brought under its umbrella, covering products from a wider range of vendors, with more capabilities under active management. It also has to become something less – less complicated to use, as well as a smaller drain on limited financial, personnel and operational resources.
The Limitations of PSIM
On the surface, it appears that PSIM should be a runaway success. It addresses a significant problem by supporting a variety of products from a variety of vendors. Large systems integrators and end users have warmly embraced it. And, yet, overall sales have not been impressive. Why? The answers are as simple as they are frustrating.
First, very few PSIM systems work with everything an organization needs to manage the full breadth of its safety and security operations. Systems that work with video surveillance, access control, and intrusion alarms, but omit fire and smoke alarms or sound recognition or anything else, leave customers with incomplete coverage. Even worse, different PSIM systems do not necessarily support the same range of subsystems. This lack of consistency leaves customers with difficult decisions to make regarding what has to be left out of the centralized PSIM framework.
Many PSIM systems support only a small subset of the full capabilities of the subsystems they manage. These “missing” features must either be monitored separately or left out of regular operational management activities. Once again, the customer must decide what is most important and what cannot be centralized, given the current state of the technology.
The end result is frustration on the part of the purchaser — exactly the opposite of what PSIM is supposed to provide. Customers must still maintain separate systems.
Integrated security operations remain a work in progress, with potentially dangerous gaps in coverage, delays in response, and inappropriate levels of response. Overall functionality is constrained by the limitations of the PSIM system itself, rather than the system providing comprehensive coverage for current and future needs.
In the end, critical resources must be assigned to uncovered or duplicate tasks. Training costs increase because of duplicated systems. And people and facilities are placed at unnecessary risk.
Next-Generation PSIM: Unified Security Management
The key to a next-generation PSIM system is to redefine the goal of PSIM, shifting away from what can be included under a single operational framework and toward what must be included for truly universal, fully unified security management. This new system – call it PSIM Plus – has to encompass all safety and security hardware and software solutions, as well as other elements, such as HVAC and facilities management, that can affect safety and security operations.
A PSIM Plus system has to be truly comprehensive, with direct integration of the following elements:
- Access control
- Identity management
- IP telephony
- Tracking systems
- Sound recognition
- Facial recognition
- License plate recognition
- Unusual or unexpected behavior
- Facilities management
- Video surveillance
- Visitor management
- Mass notification
- Geospatial integration management
- Workflow process management
- Enterprise management
There must be one single user interface for managing information from all of these systems, and it must be intuitive in its design so that anyone who is a properly trained safety or security professional can use it with minimal training.
Equally important, a PSIM Plus system must support the full application programming interface (API) capabilities of the underlying systems and subsystems. If a PSIM Plus system is to be a truly integrated information management solution, nothing should be left out, although customers should have the option of not using features that they do not want.
Finally, a PSIM Plus system must support an open systems approach, so that hardware and software from as many vendors as possible can be brought into its centralized environment. Open systems also simplify the challenges of mergers and acquisitions, since disparate products can all be managed through the PSIM Plus framework. The industry is already moving in this direction, but much work remains to be done in this area.
The Need to Work Together
One of the major hindrances for any safety and security technology, not just PSIM, is the ongoing conflict between vendors who must compete against each other for limited customer budgets and customers who want solutions that operate seamlessly with each other. The open systems movement is an attempt within the industry to ensure that hardware and software from multiple vendors integrates transparently.
These efforts need to continue and expand. Many, if not most, large-scale customers operate in heterogeneous environments and resist single-provider, walled-off solutions. In many cases, there is no alternative to purchasing products from multiple sources, since different vendors may have an industry specialization that is critical within a tightly focused, narrowly defined market. For example, federal and military requirements might be different from state and local government needs. Government agencies will have different priorities than multinational corporations. Energy production, with geographically dispersed facilities, has different needs than manufacturing, warehousing or distribution organizations.
Vendors committed to open systems ensure that all of these pieces of the puzzle connect to create a more valuable whole.
Once customers are confident that they have the flexibility and freedom to implement the features and functionality that are most important to them, they will also embrace the unified security management model. In short, working together while competing is in the safety and security technology industry’s own best interest. The more it happens, the greater the opportunities will be for everyone.
How to Purchase a Next-Generation PSIM System
Enterprise organizations and government agencies seeking a next-generation PSIM system need to be clear about what they demand.
As stated above, it begins with a system that delivers coverage for the widest possible range of systems and subsystems. It must have a single intuitive user interface. It must also provide the level of process standardization for assigning, resolving and archiving tasks that other enterprise-grade solutions routinely contain, including forensic capabilities for detailed reporting and process improvement.
A PSIM Plus system must adhere to open systems standards, built from the ground up to receive and present data, video, sound clips, etc. from any subsystem’s API. It must easily incorporate new types of technology easily and transparently. Little usability touches matter, too. For example, icons that scale as users zoom in and out from a map or diagram mean that critical information is never obscured from the operator’s field of view.
Clear, uncluttered dashboard and display options help ensure that essential information can be read and interpreted quickly and accurately. Combined with detailed facility, location and object matching, operators gain the ability to understand not just that something has happened, but where and how other parts of the facility might be affected. Alerts and alarms must deliver the right information, when and where it is needed, whether to workstations within a security operations center or smartphones and tablets in the field, through direct access to the PSIM Plus software, or through email and text alerts.
The system needs to provide a basic level of functionality, with the ability to easily add other capabilities later. That way, customers only have to purchase what they immediately need or can currently adopt, with future expansion in mind. In addition, software plug-ins can bring in critical data from other sources that might not normally be considered part of safety and security operations, but clearly provide additional value for protection of people and facilities. These include:
- Active directory
- Real-time system location
- Timed and linked events
- External web or cloud-hosted content
- Corporate IT biometric, two-factor and challenge logon
- Personnel records and ID management
- Visitor management
- Geographical information systems (GIS)
- Video wall management
Multiple Methods of Delivery/Deployment
Some customers prefer a plug-and-play approach to technology. For these organizations, preconfigured servers or appliances are attractive. However, other entities prefer to install, configure and harden software on their own equipment. A PSIM Plus system should encompass both of these models. In addition, the system should be capable of operating in security operations centers, in addition to gathering data and delivering alerts across remote or geographically dispersed environments. The next-generation PSIM should also support software-as-a-service or cloud-based deployments, when such models prove practical for this market.
It is no longer enough simply to capture and present data. The PSIM Plus system must also help users understand what to do with that data – quickly, transparently and efficiently. Workflow management is essential to this process and should cover the following:
- What to do when an alert/alarm event occurs
- Who should respond and what systems are affected
- How to determine that the situation has been resolved
These components must be automated, with full assignment, completion and task duration logging, as part of regular performance review and system improvement efforts. Preset templates can handle most basic applications, with drag-and-drop editing for modifying or creating new rule sets. As with the overall monitoring process, building rule sets should be intuitive and not require actual coding skill, although that option should be available for more complex tasks.
As with any enterprise-level, scalable solution, a PSIM Plus system must rely upon encrypted communications and robust storage protection for itself, its systems and its subsystems. Administrative rights, user permissions/authentications and user/group profiles should provide additional levels of segregation of duty, so that only authorized personnel have access to specific levels of information.
A PSIM system that does not provide universal coverage of all aspects of physical security automation is only a partial solution, at best. As powerful as the current PSIM products on the market may be, they all fall short of the ideal. Whether because of limited functionality from subsystem APIs, proprietary single-vendor strategies, or any of a wide range of other limitations, the idea of a universal, truly unified security management platform is just now starting to become a reality.
The key to creating the next-generation PSIM system is customer demand. The criteria for anyone choosing an integrated security management platform are simple:
- Use an open standards approach to work with as wide a range of hardware and software subsystems as possible.
- Provide full functionality for those subsystems’ native APIs.
- Use a consistent user interface across the enterprise, so that safety and security professionals only have to learn one system, regardless of how many subsystems are providing data to the unified solution.
- Make the system simple to deploy and cost-effective to manage, with a modular approach that ensures customers can purchase only what they currently need.
- Demand that the system be available using a variety of delivery methods, with alerting and response capabilities driven by smartphone and tablet, as well as laptop and workstation.
Ensuring safety and security is increasingly a data-driven process. Next-generation PSIM is a critical part of making that process practical and efficient. Careful selection of the right solution for an organization will be the key differentiator in how fast and how well staff will be able to handle increasingly complex day-to-day protection demands.
David Daxenbichler is president and CEO of Network Harbor (www.networkharbor.com). He can be reached at email@example.com.