When building a system to monitor and control openings and various peripheral devices that may be used in the security system, all elements from the head end software to the field locking devices at each opening must be taken into consideration. The goal of every system design is to create the most secure, reliable and serviceable system possible, while recognizing that cost is an important consideration. If a well thought out foundation is implemented with a clear understanding of the future systems goals, a balance can be met that takes all these factors into consideration producing a well functioning system for today and the future. 

The system design can be viewed in 5 general topics that comprise a fully functional access control security system. The discussion of the following groups is not meant to be all inclusive covering every nuance in the access control system environment. It recognizes that technology is changing and evolving, but the core areas discussed have been fairly well established in the access control security systems industry. 

Where does the software reside and how is it accessed. 
To broaden this topic we can begin to look at the question as a case of Managed Software vs. Browser Based Software. In the more traditional access control system, the software will be installed on a free standing server or virtual server. The software is then installed on an unlimited number of workstation. The access control security software can only be accessed from one on these machines with proper authorization. This constitutes the most secure managed software approach with no limits on system growth from a network standpoint. 

In a less secure, yet still managed login authorization, falls the browser based approach. Here the software usually is pre installed on a device called an appliance where the user can log on to the system via any computer equipped with browser software such as Internet Explorer, Firefox, or Google Chrome. This method creates the convenience of not having software to manage on a server and login to the security software is performed from basically anywhere you can access the internet. This convenience comes at the cost of a more limited system login control. This approach may create a roadblock to system growth if the appliance is not equipped with the ability to be networked with other similar appliance devices to create a centralized database.

In a combined approach the software is installed in a managed server environment with the client workstation software installed in the traditional managed approach. The software at this point would contain a feature that will allow a log in form a browser based environment but this ability can be limited as to who is granted the rights to use this log in feature. With this configuration there is software on a server that will be managed but the system access is completely customizable and there is no limits on system growth form a network standpoint. 

The physical access control system boards. 
To broaden this topic we can examine the nature of system control boards and their role in the Open Architecture Board Design vs Proprietary Board Design discussion. In the beginning of access control most systems were proprietary in their design. Many systems had their own designed credentials (access cards), readers, and system control boards. The software interface was also exclusive to the particular manufacturer. This approach began to soften as card readers and cards were standardized. This was driven, in part, by system users who didn’t want to have to carry a different card for every building they entered that had its own access control system. Even the Federal Government is involved in this discussion and has mandated the use of the newer smart card technologies at all Federal locations. This is major simplification of the card technology discussion and its history. The idea to be gained is that the proprietary nature of access control and the credentials it uses are fading from the access control world driven by end user demand. 

As with credentials, the access control system boards that are used are also moving to the open architecture standards. These boards along with the software are the heart of the access control system. When proprietary equipment is used within a project the end user becomes “locked in” to a particular brand. The consequences of this can be quite costly down the road. If an end user is forced to change their access control system for reasons beyond their control or they just desire to move to a better solution they must replace all the access control system boards to move to their new system. The solution to this is the open architecture approach. System boards built to this standard can be changed to another systems “language “with a firmware download. At this point all the equipment previously invested in can be re commissioned to work under the new access control software with minimal cost and the new vendor can continue to build on the system as needed. This process can be repeated whenever the end user finds reason to change their access control system all the while preserving their investment in access control system boards.

Physical locking hardware at openings and the requirements needed to function within the system. 
Electrical locking hardware may be the most overlooked aspect of the access control lockdown system, yet if it fails to perform, the system is rendered ineffective. It is perhaps at this portion of the access control lockdown system that the ideals of secure, reliable and serviceable are at their greatest test. To begin this discussion is to once again broaden the locking concept into a discussion of Fail Safe vs Fail Secure. Alt electrical locking hardware will be configured as either fail safe or fail secure depending on the requirements at a particular opening. Fail safe is the condition where the locking hardware will require power to maintain a locked state. In contrast fail secure is the condition where the locking hardware will require power to maintain an unlocked state. The selection of hardware to use at a given opening should be a result of code requirements for life safety, the desire for greatest security and the long term serviceability of the particular locking configuration. Inspections are made with regards to life safety and not security so any locking strategy must consider what effect that may have on securing an opening and recognizing the authority having jurisdiction will ultimately have the final say. 

At this point, it would be prudent to make some attempt to group like locking hardware so we can refine the discussion on the electrical hardware selection. Magnetic locks, electric strikes, and electrified hardware will suffice for the purpose of this general discussion. 

Magnetic locks are/ by default, fail safe and cannot function as a fail secure device. The remaining groups of hardware can be configured fail safe or fail secure depending on the particular requirements at a given opening. When considering the use of magnetic locks and the code requirements for installation they leave some serious questions in regards to the desire for the most secure system. The 2012 NFPA 101 Life Safety Code for “Access-Controlled Egress Door Assemblies” requires two forms of egress be installed at a controlled opening. Loss of power to the egress sensor should unlock the door and it must be tied to the fire or sprinkler alarm system and unlock when signaled from these systems. The important factor to garner from these requirements is that it is not only the loss of power to the magnetic lock that will leave an opening unsecure but any failure in a number of other egress devices or life safety systems will also cause the magnetic lock to “fail safe” and leave an opening unsecure. The purpose of the unlocking redundancy is the need to insure people can exit an opening at any sign of equipment malfunction or activation with no concern for the security of the building. 

Electric strikes can be configured as fail safe or fail secure and can accommodate a variety of styles of non electrified hardware. Electric strikes should not be used on a fire rated opening as they have been deemed to not meet positive latching requirements needed at fire rated openings. These devices are designed to be mounted on the frame of an opening, or in cases where one side of a double door opening is rendered stationary. At times this brings to question the life safety requirements of locking down one side of a double door and the authority having jurisdiction will make that final determination. An area of question also arises when electric strikes are mounted on a center mullion between double doors. If the mullion is a fixed mullion there is no real area for debate. When the mullion is of a removable style the strike will have to be disconnected to remove the mullion. It may not be desirable to have any part of the security system taken apart and re-assembled as this may lead to system failures or potential warranty issues. This is more of an end user decision, but one that should be noted before electrical hardware selection for this type of opening is made. 

Electrified hardware can be configured fail safe or fail secure. Most typical hardware styles, exit devices, cylindrical locks and mortise locks can be electrified. Electrified hardware used on fire rated openings as it complies with the positive latching requirements and can be configured fail safe to comply with life safety codes. They are also a good choice in the removable mullion scenario, as no hardware has to be removed in the event the mullion needs to be removed thus leaving the security system intact as it was originally installed. They are also the most aesthetically pleasing as they don’t offer any exposed electrified parts to be tampered with. The only exception to this would be the use of an armored door cord for wire transfer in cases where the wire transfer cannot be concealed. The electrified hardware is also the best choice when electrifying an opening with surface or concealed vertical rod exit devices. With the use of these devices, the mechanical free egress and the manual key override remain intact. The security of two point latch at the top and bottom will also remain intact. The latest trend in electrified exit devices is the development of the motor driven device as opposed to the older solenoid driven devices. The newer motor driven devices do not require a high in rush of current which has been a factor in their use in the past.

Communication methods within the system design. 
The focus of this discussion is the communication downstream from the head end server or appliance as well as communication from downstream going back upstream to the head end source. The first fundamental question is the existence of a network infrastructure or will the access control system be direct wired from server to system controller. In the early developments of access control, systems were all direct wired. Today some systems have abandoned this capability and a now rely exclusively on the existence of a network environment to function. The ability of a system to offer both can provide the ability to create a hardwired backup communication line in the event of network failure. This hardwired communication line extends from the regional server and will maintain the ability to transmit global lockdown or any other instructions to all devices downstream of the server. When designing a lockdown system this becomes a very desirable feature. It requires the use of enterprise class software and a regional server configuration but can play an important part in the overall reliability of the lockdown system. In the event of server failure each system communication controller should be able to store the last set of system design instructions and continue to communicate downstream. All devices downstream of the system communication board should continue to function as last instructed. 

Concerning wireless communication, the system should be able to incorporate the wireless technology available from the major lock manufacturers. These locks may be considered for use in instances of less critical security. While battery life, signal reception and response time has greatly improved on openings that are critical in the lockdown strategy we prefer a hardwire solution at this time. 

System access credentials and how they are used. 
Credentials are used to allow interaction with the access control system. These credentials can be cards, fobs, codes, or biometrics. Some or all of these credentials can be used within the same access control system. Cards and fobs are basically the same just in a different package. Cards are the most versatile as the can be magnetic stripe, proximity or smart technology. You can also get printable cards. Examples of biometrics would be fingerprint readers, palm readers and facial scanners. 

To develop this discussion, we need to look at the actual technology that is used on cards today and how readers with the ability to receive pin codes can be used in the access control lockdown system development. The development of card technology has moved from the magnetic stripe generation, through proximity technology into smart card technology. Smart cards are much more secure than their predecessor and posses the ability to work with multiple systems providing a “one card system” the government has mandated for its use. With the different costs being negligible between access only smart cards to that of magnetic stripe or proximity cards there is very little reason to use older technology. For users that have older transactional systems that still use the magnetic stripe, smart cards can be purchased that have a magnetic stripe so the one card concept can be achieved. When the older systems finally upgrade, the smart card user is already prepared. One question that should be discussed prior to smart card implementation is card memory. Because smart cards actually store applications on the card, depending on their projected use, there may need to be discussion on what size card to buy. The very basic card will handle all the access control needs it’s just a matter of how you may want to approach future needs. 

With the discussion of cards there should be a basic understanding of the reader technology that these cards interact with. Multi technology readers that will read magnetic strip, proximity, smart or even NFC (near field communication) the newest technology that eliminates cards altogether, is now available. These readers can be used for systems that are transitioning into the smart card era or looking to the future. 

For new systems that are starting out with smart cards there are readers that do not work with older technology as well. Multi technology or smart only readers are both available with pin pad capabilities. Being able to offer first response teams the ability to enter a building during a hostile situation with a pin number or a card, while suspending access to regular cardholders during the emergency event at all or selected exterior doors, has been a successful idea. A complete audit trail should be maintained on all methods of entry with the ability to make any adjustments to access privileges coming through system administrators.