ONVIF Q&A: Latest profiles, cybersecurity and the Highways England project

Avatar photo


Author Bio ▼

Adam Bannister is a contributor to IFSEC Global, having been in the role of Editor from 2014 through to November 2019. Adam also had stints as a journalist at cybersecurity publication, The Daily Swig, and as Managing Editor at Dynamis Online Media Group.
September 14, 2017

Sign up to free email newsletters


The Video Surveillance Report 2022

ONVIF recently launched a new access control profile – a specification for standardising technologies from different vendors to promote integration and interoperability – and has another in the pipeline.

We asked Stuart Rawling, a member of the ONVIF steering committee, to tell us what the new profiles were all about.

Director of global business development at Pelco as well, Rawling also reflects on ONVIF’s raison d’etre, its cybersecurity work, keeping pace with the dizzying evolution of technology and the organisation’s standardisation work with Highways England.

IFSEC Global: Please tell us about the new profile you launched in July…

Stuart Rawling: Profile A is a sister profile to what we already had in the access control space. We have released Profile C, which enables device configuration, event and alarm management, and door access control. So you can configure those devices with all that information.

Profile A is a higher level system profile, more about granting and revoking credentials, changing privileges. And it has a functionality that better enables integration between access control and video management systems.

So it fits side by side with Profile C but provides that higher level with more functionality.

IFSEC Global: Is it worth explaining the purpose of these profiles for someone not familiar with them?

SR: A profile is a feature set pulled from an ONVIF core specification, which is a master document about standardising and interfacing different products from a variety of different vendors.

When the industry moved into the IT space, a lot of manufacturers came up with their own interfaces. ONVIF standardises those interfaces to make integration easier for all types of users, because you can have product interoperability from different vendors using the same interface.

From an integration perspective, installation is easier because you’re not having to download different drivers. Manufacturers follow a troubleshooting, testing and conformance process that enables that to be done up front, so the users only need to do the system configuration.

From the manufacturers’ perspective, interoperability investment is lower because they can use these standard interfaces to talk to multiple products. It allows them to instead invest resources into bringing more relevant features and iterations to the product line.

IG: Is it difficult to keep these standards up to date given the rapid pace of technological change?

SR: Yes, to some degree. You could say that standards in general tend to lag a little bit behind technology. But it all depends on how we approach it.

If you take our next profile, Profile T, which we’re working on now, that’s an iteration that takes into account the fact that technology has progressed since we released Profile S a number of years ago.

We write these standards to be somewhat technology-agnostic. For example, right now the big buzz is 4K, H.265 and things like that. While Profile T can support that, we’re not tied to that standard.

If some better codec comes out in the future we can still incorporate it into our ecosystem. Because one of the interfaces may be: What video formats does this device support? And the devices can negotiate in which format to transmit between each other.

IG: You recently did some work with Highways England?

SR: That’s a great end user story.

Highways England have a lot of legacy equipment from different vendors. The organisation is trying to standardise their deployment model for the long term so they can use a set standard in a way that allows them more flexibility.

We had a standard in the analogue days: PAL in the UK, so the video was very standardised. They are looking for that level of standardisation.

ONVIF has been working with them to develop something that can help large organisations migrate to a standardised approach but that also works for different stakeholders in the process.

It’s very similar to an initiative in the US called NTCIP [National Transportation Communications for ITS Protocol], the standard for traffic management used by the US Department of Transportation.

IG: Anything else you want to add about ONVIF?

SR: We tend to get a lot of press these days around the cybersecurity aspects of products, especially with the cybersecurity threats we’re reading about every single day. This was a recognised concern for ONVIF several years ago.

The manufacturers got together and as part of our core specification we wrote some security policies for manufacturers to follow, as well as providing a standardised interface for execution policies.

But of course, good security is a combination of technology and policy. So while manufacturers who have implemented this standard have the technology, we also rely on the end users and consultants to put in best practices in the deployment of that technology.

Subscribe to the IFSEC Insider weekly newsletters

Enjoy the latest fire and security news, updates and expert opinions sent straight to your inbox with IFSEC Insider's essential weekly newsletters. Subscribe today to make sure you're never left behind by the fast-evolving industry landscape.

Sign up now!

man reading a tablet, probably the IFSEC Global newsletter

Related Topics

Notify of
Inline Feedbacks
View all comments