Guest OpEd By Stewart Dewar, Senstar Product Manager

When tasked with selecting equipment to protect a site, security professionals typically choose the technologies with which they have familiarity and confidence.

This makes perfect sense – no one wants to risk using unproven technology when security is on the line.

That being said, new technologies shouldn’t be discounted, especially if they meet performance requirements and offer distinct benefits.

A good example of this is security devices that use wireless communication.

Many traditionally hard-wired devices are now available in wireless versions, including network cameras, access control devices and intrusion detection sensors.

Going wireless dramatically simplifies installation and lowers costs, as technicians no longer need to physically run copper or fiber cable to each device.

Some devices may also be battery or solar-powered, leading to further savings.

However, questions remain about the reliability and vulnerability to hacking of these new devices, especially given people’s experiences with consumer-focused technologies like WiFi or Bluetooth.

For security professionals, the key is understanding that not all wireless technology is the same and that there are solutions designed specifically for security applications.

Radio Frequencies and Protocols Matter

Devices can use different radio frequencies and communication protocols, and these design choices impact the security of the wireless link.

Most security devices use radio spectrum in the Industrial, Scientific and Medical (ISM) bands, which includes the popular 2.4 and 5 GHz bands (used by WiFi, but also by other more specialized protocols).

In North America, the 915 MHz band is also available (other jurisdictions use nearby frequencies).

When making sense of product capabilities, security professionals should keep the following guidelines in mind:

Security devices should never use WiFi.

• While WiFi can employ strong encryption, whitelists and other protections, the risk to critical systems is simply too high.

  • WiFi-based devices are vulnerable to network congestion, RF interference, hacking, Internet of Things (IoT) malware, and misconfiguration.

  • With this in mind, WiFi’s convenience and user benefits make it hard to avoid and it certainly deserves its place in non-security, non-critical applications.

• Devices using the 915 MHz band typically support longer transmission distances than ones using higher frequencies, mostly due to lower RF attenuation (higher frequency signals are more susceptible to absorption and scattering caused by rain, snow, and foliage).

  • In addition, FCC regulations allow for more powerful transmitters in 915 MHz based devices.

  • For applications on the perimeter or in remote building locations, the maximum communication range needs to be taken into account.

• Unlike WiFi, low-power RF technologies like IEEE 802.15.4 (popularized by the Zigbee IoT protocol) are designed to work in RF congested environments and are optimized for secure machine-to-machine (M2M) communication.

  • For low-bandwidth applications like intrusion detection or access control, this set of technologies holds great future potential and its reliability is already field-proven.

(A simplified intrusion detection solution for sliding and swinging gates, the FlexZone Wireless Gate Sensor detects attempts to open, cut, climb or otherwise break through sliding and swinging gates and complements the coverage of the FlexZone fence-mounted sensor. Courtesy of Senstar and YouTube. Posted on Mar 1, 2016.)

Reliability, Resiliency and Vulnerability

Like their wired counterparts, the connectivity of wireless devices must be monitored by the security system.

Communication loss should immediately be reported as a supervision alarm.

This also means that the communication links must be reliable enough that operators view a communications loss as a potential threat and do not disregard it immediately as a false alarm.

Consider the following scenarios that could negatively affect communications:

Device malfunction or loss

• Wireless equipment must support frequent and periodic check-ins, within tens of seconds.

• If the link has been compromised to the point where alarm messages cannot be sent/received, or if bidirectional communications cannot be guaranteed, the system should indicate the device is offline.

RF jamming

• There is nothing to prevent a third-party from overwhelming the radio signal used by a device.

• However, the effectiveness of this type of attack is short-lived on a properly designed device, as an interference alarm will be raised almost immediately.

• If the jamming signal is strong enough to prevent all communication, the equipment should still be declared offline based on the check-in results.

One relatively new technology, mesh networks, shows great potential in security applications.

In a mesh network, each device acts as a node within a dynamic self-organizing, self-healing topology.

This architecture is particularly useful for systems that use large numbers of discrete sensors located in close proximity to each other.

For example, low-power intelligent fence lighting can use a mesh network for communication between fixtures.

Mesh networks provide two key benefits:

First, if a node malfunctions or is physically damaged, the system adapts and remains functional.

Second, the network mesh extends the coverage distance, as the furthest sensor can relay its messages to the central security network via the other nodes.

(Senstar LM100 is the world’s first hybrid perimeter intrusion detection and intelligent lighting system. Combining high performance LED lighting with accelerometer-based sensors, the LM100 deters potential intruders by detecting and illuminating them at the fence line. Courtesy of Senstar Corporation and YouTube. Posted on Sep 26, 2017.)

Resistance to Advanced Attacks

Physical damage and RF jamming are the two most basic attacks against wireless devices and are easily addressed.

The next question is how well can a wireless security device fare against a sophisticated hacking attempt?

First, let’s look at encryption.

AES encryption is used today in financial transactions worldwide and is considered highly secure when correctly implemented.

When used on a security device like a fence sensor, breaking the encryption would require far greater resources than virtually any other conceivable type of attack.

In addition, with the exception of network cameras that use open standards, the protocols used in intrusion detection and access control devices are typically proprietary and their short over-the-air time makes demodulation via commercial radio sniffing devices extremely difficult.

As the encryption is virtually unbreakable, would-be attackers would likely try other disruptive approaches:

Replay attack 

• This attack involves recording and replaying encrypted radio traffic that is not understood in an attempt to confuse or break the system.

• This attack can be thwarted by including sequence checking in the underlying protocol.

Device swapping or cloning

• Device swapping consists of someone attempting to use similar equipment running on the same radio channel to trick the system into reporting the status of the shadow device instead.

• Properly designed equipment will limit access to whitelisted equipment via unique identifiers embedded into the physical hardware components during manufacturing.

• Another, albeit difficult variation on this attack, is cloning a device to use the same identifier.

• In this case, two simultaneous radio broadcasts using the same identifier would result in RF interference alarms being generated.

(FlexZone is a cable-based fence-mounted system that detects and locates any attempt to cut, climb or otherwise break through the fence. FlexZone adapts to a wide variety of fence types and is ideal for sites of all sizes. Courtesy of Senstar Corporation and YouTube. Posted on May 27, 2016.)

Doing More with Less

Security professionals, by trade, should be cautious when using new technology to secure sites.

At the same time, new technology is a driving force behind better security and enables organizations to “do more with less”.

Wireless security devices, when designed and deployed correctly, can maintain the highest levels of security while reducing installation and operating costs.

To help decide if a given wireless security device or system is suitable for a site, ask the vendors tough questions regarding its reliability, resiliency and potential vulnerabilities.

Senstar Takes Triple Honors in the 2018 ‘ASTORS’ Homeland Security Awards Program

Senstar Corporation

• Best Fencing Solution

• Senstar LM100

 

 

• Best Perimeter Protection System

• Senstar LM100

 

 

• • • Best IP Video Surveillance Solution

• Senstar Thin Client

 

The Annual ‘ASTORS’ Awards Program is specifically designed to honor distinguished government and vendor solutions that deliver enhanced value, benefit and intelligence to end users in a variety of government, homeland security and public safety vertical markets.

Over 130 distinguished guests representing National, State and Local Governments, and Industry Leading Corporate Firms, gathered from across North America, Europe and the Middle East to be honored among their peers in their respective fields which included:

• The Department of Homeland Security
• The Federal Protective Service (FPS)
• Argonne National Laboratory
• The Department of Homeland Security
• The Department of Justice
• The Security Exchange Commission Office of Personnel Management
• U.S. Customs and Border Protection
• Viasat, Hanwha Techwin, Lenel, Konica Minolta Business Solutions, Verint, Canon U.S.A., BriefCam, Pivot3, Milestone Systems, Allied Universal, Ameristar Perimeter Security and More!

The Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program highlighting the most cutting-edge and forward-thinking security solutions coming onto the market today, to ensure our readers have the information they need to stay ahead of the competition, and keep our Nation safe – one facility, street, and city at a time.

The 2018 ‘ASTORS’ Homeland Security Awards Program was Proudly Sponsored by ATI Systems, Attivo Networks, Automatic Systems, Desktop Alert, and Royal Holdings Technologies.

Nominations are now being accepted for the 2019 ‘ASTORS’ Homeland Security Awards at https://americansecuritytoday.com/ast-awards/.

Comprehensive List of Categories Include:

Access Control/ Identification	Personal/Protective Equipment	Law Enforcement Counter Terrorism
Perimeter Barrier/ Deterrent System	Interagency Interdiction Operation	Cloud Computing/Storage Solution
Facial/IRIS Recognition	Body Worn Video Product	Cyber Security
Video Surveillance/VMS	Mobile Technology	Anti-Malware
Audio Analytics	Disaster Preparedness	ID Management
Thermal/Infrared Camera	Mass Notification System	Fire & Safety
Metal/Weapon Detection	Rescue Operations	Critical Infrastructure
License Plate Recognition	Detection Products	And Many Others!

Don’t see a Direct Hit for your Product, Agency or Organization?

Submit your category recommendation for consideration to Michael Madsen, AST Publisher at: mmadsen@americansecuritytoday.com.

2018 Champions Edition

See the 2018 ‘ASTORS’ Champions Edition – ‘Best Products of 2018 ‘ Year in Review’ for in-depth coverage of the outstanding products and services of firms receiving American Security Today’s 2018‘ASTORS’ Homeland Security Awards.’

Nominations for the AST 2019 ‘ASTORS’ Homeland Security Awards Program will officially open as of January 1st, 2019 at americansecuritytoday.com.

Enter Early to Maximize Media Coverage of your Products and Services at Kickoff, and Get the Recognition Your Organization Deserves!

And be sure to Register Early for the 2019 ‘ASTORS’ Awards Presentation Luncheon at ISC East 2019 to ensure your place at this limited- space event!

Why the 2018 ‘ASTORS’ Homeland Security Awards Program?

American Security Today’s comprehensive Annual Homeland Security Awards Program is organized to recognize the most distinguished vendors of physical, IT, port security, law enforcement, and first responders, in acknowledgment of their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.’

Why American Security Today?

American Security Today is uniquely focused on the broader Homeland Security & Public Safety marketplace with over 70,000 readers at the Federal, State and local levels of government as well as firms allied to government.

The old traditional security marketplace has been covered by a host of security publications that have changed little over many years.

American Security Today brings forward a fresh compelling look and read with our customized digital publications that provides our readers with solutions to their challenges.

Our Editorial staff provides a full plate of topics for our AST monthly digital editions, AST Website and AST Daily News Alerts.

The editorial calendar and AST’s high drawing website features 23 different Technology and Marketing Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities and Emergency Response among others.

These sectors are part of the new integration, where these major applications communicate with one another in a variety of solutions to protect our cities and critical infrastructure.

AST has Expanded readership into vital Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants & Dams, Bridges & Tunnels, and other Potential targets of terrorism.

Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting & Concert Stadiums, our Nation’s Schools & Universities, and Commercial Business Destinations – enticing targets for extremist or lone wolf attacks due to the large number of persons and resources clustered together.