SAFE CITIES & SMART CITIES : Security by design

The right to be secure is part of the Universal declaration of Human Rights in its article 3 :

“Everyone has the right to life, liberty and security of person.”

This notion is now bound to evolve as new threats on our lives come from the virtuality, although they impact us concretely. Not only do we need safe places to live, but also safe virtual environments to interact with. The missions of police and defense institutions are consequently due to follow and as much as possible anticipate the new threats and extend their reach to cyberdefense. That is summarized in three major new missions :

  • Protect citizen privacy
  • Protect city IT infrastructures
  • Protect public IT services

It has been made clear in the United States Department of Homeland Security (DHS) missions that securing Cyberspace must be achieved, exactly as preventing terrorism and enhancing global security on the geographical territory. Cyberspace is indeed a new territory that needs to be defined, delimited, supervised and protected.

In effect, another mission of DHS as stated by US Government is to secure and manage borders (physical borders), which has a direct equivalent in the cyberspace, although much more difficult to define and represent. Isn’t it however mandatory to crop one’s territory to protect it.

Without borders, can’t see intruders

If difficult for a country to crop its exact digital borders, specially when global access providers distributing internet access devices all around the globe (by satellites and even in baloons), the exercise shows easier for a city, by essence located in a single geographical spot.

Yet, globalization of computing resources and cloudification of the web makes it difficult to conceive an Information System that follows the physical urban model. It seems that we need to inject some wisdom in the foolish IT jungle to tailor it to the new age security needs and manage to solve the difficult equation of joining in the same theory a perfect physical security and a non questionable logical one.

There comes the need for a strong design model, a framework gathering the efforts of the brick and mortar community, physical security, crime prevention through environmental design, and the principles of cybersecurity, cryptography and identity management.

But there is more to define than just equivalent of physical boundaries and physical identity controls. Exact replicas of many other concepts which have proven essential to the physical world, are now essential as well in the cyberworld, and cops patrols at first. Hence it is not only a question of products but also and most notably a matter of processes and actors that need to be defined, created and operated in the cyberspace if we expect that place to be as safe as the real one.

Resilience is not an option

As the institutions call on technology to supervise us, as new networks, applications and systems are used to make us more secure, it appears an uttermost emergency that urban design incorporates the same resilient views as major internet companies. As being secure is being IT dependant, it is also being energy dependant.

Smart cities, like feodal cities will have to erect physical defenses, and they will additionally have to erect virtual ones. Primarily to protect their major systems, energy sources and vital resources, these virtual fences will also protect their own security systems.

Security and privacy by design

In the race for global security, every individual represents a resource, a client but also a threat, an internal threat. Security and privacy are at both ends of the wide spectrum of services that will trade impunity against identity to eliminate the risks attached to these threats. Acceptance of this reality will materialize in smart cities under the presence of multitude of sensors that will be part of the data ecosystem and help prevent malevolence.

These sensors will generate data regarding the location, the individual behavior, the group behavior, the environment. They will include more and more video and audio data which will be massively indexed and fusionned with contextual data. In this context, miniaturization of video sensors, meshed wifi networks and technology embedded urban furnitures will play an essential role. They will take part to the massive coverage of the smart city environment by data feeds that will pose a real challenging set of questions regarding their access rights and their usage. It can be foreseen that in the light of wide adoption of social networks, data access and usage restrictions will substantially evolve. Privacy and anonimity will tend to overlap while public information meaning will be extended to whatever information is not hidden and may be used by anybody. That will particularly be true for image as access to public video feeds multiplies.

If you can be there you can see there

Private is by essence restricted in access. On the other hand, public data sometimes carries a few subtilities. As wearable, fix and vehicule operated cameras spread over our environment, it will become evident that supervizing urban environment can and must be operated in cooperation with private companies and public organizations. While far more questionable for supervsion of private and sensitive sites, private supervision makes totally sense in public environments where by essence anybody may be. Once admitted, which is still not the case in France, private companies will be entitled to join in to the urban supervision ecosystem and will take an important part of a treasure still undiscovered. As a matter of fact, failure of intelligent video analytics in replacing purely the operator leads to a complete redesign of video surveillance processes where human interpretation is key to the overall utility of the system. DARPA has understood the issues at stake and reorients its video analytics projects from alarm to text description automated generation. No doubt, video is the richest media we have and that’s why we need brains to understand it.

Your comments much awaited !

Le vrai apport de la simulation

Au début, quand j’ai commencé à proposer des audits et des benchmarks pour des centres de vidéosurveillance, j’avais visité un large éventail de centres de contrôles, de tailles très variables, allant de plus de 7000 caméras à quelques 300 caméras. Je n’avais pas d’idée très précise sur ce qui pourrait servir à étalonner la valeur objective d’une installation ni son potentiel d’extension. La surveillance vidéo est un mélange fin d’ergonomie et de technologie. On gère l’urgence, synonyme de processus opérationnel rigoureux et de discipline.

J’ai visité des centres de contrôle essentiellement urbains (CSU) mais aussi des centres dédiés à des infrastructures sensibles. Une des questions qui revenait le plus souvent était la capacité à gérer davantage de caméras, de les visualiser, de les enregistrer. 

Initialement j’ai structuré mes audit en découpant le système d’information en trois composants principaux : les infrastructures réseau et serveurs, le logiciel d’analyse et d’exploitation, puis les capteurs incluant les caméras, les dispositifs de contrôle d’accès et de détection d’intrusion. J’ai fait une matrice croisée en intégrant en silos verticaux la sécurité des systèmes d’information, avec le contrôle d’accès logique et la détection d’intrusion réseau, la disponibilité intégrant la redondance et la haute disponibilité et enfin la performance et la qualité grâce aux indicateurs clefs, à la maintenabilité et à l’extensibilité.

Un audit typique incluait une analyse rigoureuse de la bande passante, de la puissance CPU et de l’espace de stockage nécessaire grâce à une boite à outil et une méthodologie rigoureuse, débouchant sur une analyse critique du système en trois points. Cependant j’ai trouvé assez délicat d’évaluer la capacité d’extension d’une installation et de faire des projections sur la possibilité de gérer des centaines de caméras supplémentaires avec les implications complexes en termes de postes de contrôles, de réseau et de stockage, nonobstant la complexité même de l’ajout de centaines de caméras sur le système global. Ca, c’était avant.Xstream Generator

Récemment, j’ai en effet découvert un nouvel outil qui m’a rappelé mes années passées dans la division simulateurs de Thomson CSF (Thales) ou nous produisions du code pour le poste instructeur des simulateurs de l’avion Airbus A320. Cet outil innovant s’appelle XSTREAM GENERATOR. Il a la capacité d’enregistrer un flux vidéo sur une caméra IP et de le rejouer exactement comme la caméra, de sorte qu’il simule la caméra. Et il peut simuler plusieurs centaines de caméras sur un simple PC, avec pour seules limitations la bande passante de la carte réseau, la RAM et le CPU de la machine.

L’outil XSG est de plus compatible avec le profil S défini par le groupe de travail Onvif et peut aussi être utilisé comme un moyen de certifier la compatibilité d’une caméra avec ce profil.

Il est maintenant possible de constituer une bibliothèque d’échantillons de vidéo issus de toutes les marques de caméras et de les utiliser pour simuler ces caméras sur le réseau.

J’ai trouvé particulièrement utile, grâce à XSG de mesurer la capacité de montée en charge d’un logiciel de vidéosurveillance sans avoir à posséder et installer toutes les caméras sur le réseau. J’ai aussi trouvé très intéressant de faire de même avec le système de stockage et même in fine avec le centre de contrôle lui-même.

Pour ceux d’entre nous qui sont concernés par la question de la formation, ils trouveront aussi avec XSG un outil pour constituer une bibliothèque de séquences vidéo issues de caméras compatibles Onvif et susceptibles d’être utilisées pour constituer un scenario plausible.

Finalement, il y a tellement d’avantages à utiliser XSG que j’ai décidé de l’utiliser comme base de nouvelles prestations de conseil, basées sur la simulation.

Et vous, quelles prestations de conseil proposez-vous  ?

0 caméras
nouvelles caméras
0 Megabits/s
Bande passante réseau
0Gigaoctets par jour
Espace de stockage
0Mhz CPU
CPU

The true value of simulation

When I decided to do audits and benchmarks of existing cctv operation centers, I had seen quite a large variety of installations and had no clue about how to assess an installation value and its potential for improvment and extension.
CCTV operation is a fine blend of ergonomy and technology. It’s emergency handling, synonym of rigorous operational processes and discipline. I have visited COCs operating more than 7000 cameras, smaller ones handling 300, most of them dealing with urban surveillance but sometimes also critical infrastructures.
One of the questions that came repeatedly in the spot was about the ability to manage more cameras, to view them, to store them.
At the beginning I structured my audit by slicing the IT system in three main components : infrastructure including servers and network, software including analytics, storage and operation, and sensors including access control, cameras and alarm devices.
I did a matrix view integrating vertical silos for Information System Security with IM, IAM, IDS, Availability with redundancy and fail-over, and Performance and Quality with key performance indicators, and eventually maintainability and scalability.
The typical audit would include a thorough analysis of the bandwidth, the CPU and the storage space required using a toolbox and a rigorous methodology, followed by a three axis analysis of the system.
I found it quite difficult though to evaluate the scaling capacity of an installation and do projections on the ability to handle several hundreds more cameras, with complex implications in terms of operator stations, network and storage, notwithstanding the complex implications of camera multiplication on the overall system. That was before.
Xstream GeneratorRecently, I discovered a new product that remembered me of my early years of R&D at Thales simulators division, when we designed software for the A320 simulators. This very innovative software is called Xstream Generator. It has the capacity to grab a video stream from a camera and to replay it exactly like the camera, to the extent that it actually simulates the camera. With exceptional scaling capacities, this software is able to simulate hundreds of cameras on a PC, solely limited by network card bandwidth, RAM and CPU.
For the beauty of it, XSG is actually compliant with the S profile from the Onvif workgroup and can be used as a compliance tester on any IP camera. It is now possible to create full libraries of video stream samples from many different brands of cameras and encoders and use them to emulate/simulate these devices on the network.
I found it extremely helpful to be able, with XSG, to benchmark the scalability of a VMS without actually having to hold and plug hundreds of cameras.
I found it equally useful to do the same with storage and eventually with the CCTV control room.
For those of you whose concern is training, you will also find particularly useful to be able to choose in a library of video footages taken from Onvif compliant cameras, the ones that can be used to form a consistent training scenario.
All in all, there are so many uses of XSG that I decided to use it for providing new consulting propositions based on simulation.

And you, what kind of audit consulting do you provide ?

You may want to check this page about XSG
0cameras
new cameras
0 Megabits/s
Network Bandwidth
0Terabytes per day
Storage space
0% CPU
Processing power

Personalinteractor fait peau neuve

Bonjour,

Merci de votre intérêt pour l’activité de conseil de Personal Interactor.

Ce blog constitue la suite du blog personalinteractor.com qu’il prolonge et complète.

Abonnez-vous à notre newsletter pour être tenu au courant régulièrement  de nos activités et des nos analyse du marché de la technologie et de la sécurité.