Strengthening Surveillance Through Open Standards

Open platform ecosystems are on the rise in the security industry. Through entities such as the Open Security & Safety Alliance (OSSA^®), manufacturers, software developers, system integrators, SoC manufacturers and app developers are working together to solve common issues, enabling innovation and increasing market and business opportunities. This results in the formation of a virtually frictionless, platform-based Internet of Things (IoT) ecosystem where harmonized, open, and trustworthy devices allow for flexible and fit-for-purpose add-on innovation from third parties.

Since its inception in late 2018, OSSA has been clear about its aim to enable collaborative dissemination of technology. Individual technological advancements occur, but struggle with industry-wide data-uniformity and IoT device orchestration, and often provide an answer to only the most common or pressing customer problem sets. Additional fragmentation hinders the industry from further cross-firm collaboration. OSSA answers to all these issues by specifying harmony across devices, enabling flexible development of software across devices, a frictionless IoT infrastructure to unite demand and supply, and a joint approach for cybersecurity, privacy protection, and conditions for device performance.

The first activity by OSSA was to write a technology stack for video security devices, which envisions a device-agnostic operating system (OS) and specifies a supporting, platform-based IoT infrastructure, including an online app store. This tech stack was followed by two additional technical specifications to prescribe: various core technical camera system requirements to provide a basis of trust and for app interoperability across vendors, and a set of four standardized application programming interfaces (APIs) that collectively enable third-party software applications to run on brand-agnostic security cameras.

In parallel, OSSA member and platform company Security & Safety Things took the initiative to build the envisioned OS and corresponding IoT infrastructure, giving the OSSA philosophy wings and enabling the first camera manufacturers to start building camera models according to these open platform-based principles.

OSSA has been clear about its aim to enable collaborative dissemination of technology.

Addressing Cybersecurity for Open Platforms

A third specification, the OSSA Camera Cyber Security Specification, is the most recent direction available to OSSA members. This contains definitions and guidelines regarding mandatory and optional security determinations for cameras, and prescribes leading measures to mitigate cybersecurity threats and vulnerabilities.

Based loosely on an existing standard by the International Electrotechnical Commission (IEC), the OSSA spec hones in on the security market and transparently divides the roles and responsibilities between camera manufacturers, the operating system (OS) provider, and the system-on-chip (SoC) vendor.

The specification carefully evaluates which cybersecurity related functional requirements should be implemented—mandatorily—or could be implemented—optionally—and to which extent. For most of these cybersecurity related functional requirements, OSSA defines a responsible entity. This can be on single entity such as the operating system provider or the camera manufacturer, or it can be a shared responsibility by multiple entities.

The specification also proposes responsibility changes in the event of individual OS modifications by camera manufacturers. Since the device-agnostic operating system is designed to allow for component modifications by camera manufacturers to suit their individual needs, the specification contains cybersecurity responsibility agreements in case of such modifications.

The mandatory part of these guidelines will be used as input for a forthcoming OSSA certification framework in 2021.

Open Market Contributions from Around the Planet

In tandem with the IoT infrastructure specified by OSSA—that among other building blocks includes an online app store where third-party Android-based software applications for security cameras can be offered and purchased—manufacturers during the past year also designed, developed, and are bringing to market camera devices designed to reduce fragmentation and orchestrate harmony.

These devices (labelled: “Driven by OSSA”) represent the first unequivocal proof of truly open and future-proof camera devices that can be seamlessly used in combination with third-party software applications. The first commercially available products include:

• AndroVideo’s first “Driven by OSSA” Smart Edge fixed cameras, introduced in late 2020.
• The recently introduced Bosch MIC inteox 7100i and AUTODOME inteox 7000i offerings that operate on the Bosch INTEOX open camera platform. These new products are also marked “Driven by OSSA.”
• VIVOTEK introduced its first “Driven by OSSA” cameras as part of the company’s iNSIGHT series in late 2020.

From an OSSA viewpoint, it’s extremely rewarding and exciting to see the change and impact ‘open’ is already having on the way we approach security and surveillance moving into 2021. Together with market-movers working alongside each other to support and level-up client offerings, we can steadily achieve our shared vision to further strengthen, secure, and drive innovation across devices, software, platforms, and the industry. And we welcome others to join us in this important endeavour.

Gijs van den Heuvel (MSc) is the chair of marketing at the Open Security and Safety Alliance and alliance marketing expert at Bosch Security Systems.