This is the 57th article in the award-winning “Real Words or Buzzwords?” series about how real words become empty words and stifle technology progress, also published on SecurityInfoWatch.com.
By Ray Bernard, PSP, CHS-III
A continuing look at what it means to have a ‘True Cloud’ solution and its impact on today’s physical security technologies
★ ★ ★ GET NOTIFIED! ★ ★ ★
SIGN UP to be notified by email the day a new Real Words or Buzzwords? article is posted!
Real Words or Buzzwords?
The Award-Winning Article Series
#1 Proof of the buzzword that killed tech advances in the security industry—but not other industries.
#2 Next Generation (NextGen): A sure way to tell hype from reality.
#3 Customer Centric: Why all security industry companies aren't customer centric.
#4 Best of Breed: What it should mean to companies and their customers.
#5 Open: An openness scale to rate platforms and systems
#6 Network-friendly: It's much more than network connectivity.
#7 Mobile first: Not what it sounds like.
#8 Enterprise Class (Part One): To qualify as Enterprise Class system today is world's beyond what it was yesterday.
#9 Enterprise Class (Part Two): Enterprise Class must be more than just a top-level label.
#10 Enterprise Class (Part Three): Enterprise Class must be 21st century technology.
#11 Intuitive: It’s about time that we had a real-world testable definition for “intuitive”.
#12 State of the Art: A perspective for right-setting our own thinking about technologies.
#13 True Cloud (Part One): Fully evaluating cloud product offerings.
#14 True Cloud (Part Two): Examining the characteristics of 'native-cloud' applications.
#15 True Cloud (Part Three): Due diligence in testing cloud systems.
#16 IP-based, IP-enabled, IP-capable, or IP-connectable?: A perspective for right-setting our own thinking about technologies.
#17 Five Nines: Many people equate high availability with good user experience, yet many more factors are critically important.
#18 Robust: Words like “robust” must be followed by design specifics to be meaningful.
#19 Serverless Computing – Part 1: Why "serverless computing" is critical for some cloud offerings.
#20 Serverless Computing – Part 2: Why full virtualization is the future of cloud computing.
#21 Situational Awareness – Part 1: What products provide situational awareness?
#22 Situational Awareness – Part 2: Why system designs are incomplete without situational awareness?
#23 Situational Awareness – Part 3: How mobile devices change the situational awareness landscape?
#24 Situational Awareness – Part 4: Why situational awareness is a must for security system maintenance and acceptable uptime.
#25 Situational Awareness – Part 5: We are now entering the era of smart buildings and facilities. We must design integrated security systems that are much smarter than those we have designed in the past.
#26 Situational Awareness – Part 6: Developing modern day situational awareness solutions requires moving beyond 20th century thinking.
#27 Situational Awareness – Part 7: Modern day incident response deserves the help that modern technology can provide but doesn’t yet. Filling this void is one of the great security industry opportunities of our time.
#28 Unicity: Security solutions providers can spur innovation by envisioning how the Unicity concept can extend and strengthen physical access into real-time presence management.
#29 The API Economy: Why The API Economy will have a significant impact on the physical security industry moving forward.
#31 The Built Environment: In the 21st century, “the built environment” means so much more than it did just two decades ago.
#32 Hyper-Converged Infrastructure: Hyper-Converged Infrastructure has been a hot phrase in IT for several years, but do its promises hold true for the physical security industry?
#33 Software-Defined: Cloud-computing technology, with its many software-defined elements, is bringing self-scaling real-time performance capabilities to physical security system technology.
#34 High-Performance: How the right use of "high-performance" can accelerate the adoption of truly high-performing emerging technologies.
#35 Erasure Coding: Why RAID drive arrays don’t work anymore for video storage, and why Erasure Coding does.
#36 Presence Control: Anyone responsible for access control management or smart building experience must understand and apply presence control.
#37 Internet+: The Internet has evolved into much more than the information superhighway it was originally conceived to be.
#38 Digital Twin: Though few in physical security are familiar with the concept, it holds enormous potential for the industry.
#39 Fog Computing: Though commonly misunderstood, the concept of fog computing has become critically important to physical security systems.
#40 Scale - Part 1: Although many security-industry thought leaders have advocated that we should be “learning from IT,” there is still insufficient emphasis on learning about IT practices, especially for large-scale deployments.
#41 Scale - Part 2: Why the industry has yet to fully grasp what the ‘Internet of Things’ means for scaling physical security devices and systems.
#42 Cyberspace - Part 1: Thought to be an outdated term by some, understanding ‘Cyberspace’ and how it differs from ‘Cyber’ is paramount for security practitioners.
#43 Cyber-Physical Systems - Part 1: We must understand what it means that electronic physical security systems are cyber-physical systems.
#44 Cyberspace - Part 2: Thought to be an outdated term by some, understanding ‘Cyberspace’ and how it differs from ‘Cyber’ is paramount for security practitioners.
#45 Artificial Intelligence, Machine Learning and Deep Learning: Examining the differences in these technologies and their respective benefits for the security industry.
#46 VDI – Virtual Desktop Infrastructure: At first glance, VDI doesn’t seem to have much application to a SOC deployment. But a closer look reveals why it is actually of critical importance.
#47 Hybrid Cloud: The definition of hybrid cloud has evolved, and it’s important to understand the implications for physical security system deployments.
#48 Legacy: How you define ‘legacy technology’ may determine whether you get to update or replace critical systems.
#49 H.264 - Part 1: Examining the terms involved in camera stream configuration settings and why they are important.
#50 H.264 - Part 2: A look at the different H.264 video frame types and how they relate to intended uses of video.
#51 H.264 - Part 3: Once seen as just a marketing term, ‘smart codecs’ have revolutionized video compression.
#52 Presence Technologies: The proliferation of IoT sensors and devices, plus the current impacts of the COVID-19 pandemic, have elevated the capabilities and the importance of presence technologies.
#53 Anonymization, Encryption and Governance: The exponential advance of information technologies requires an exponential advance in the application of data protection.
#54 Computer Vision: Why a good understanding of the computer vision concept is important for evaluating today’s security video analytics products.
#55 Exponential Technology Advancement: The next 10 years of security technology will bring more change than in the entire history of the industry to now.
#56 IoT and IoT Native: The next 10 years of security technology will bring more change than in the entire history of the industry to now.
#57 Cloud Native IoT: The next 10 years of security technology will bring more change than in the entire history of the industry to now.
#58 Bluetooth vs. Bluetooth LE: The next 10 years of security technology will bring more change than in the entire history of the industry to now.
More to come about every other week.
Cloud Native IoT means that IoT devices communicate securely with each other and the cloud, and that cloud applications make effective use of modern cloud architecture including the elements of serverless computing, so that they can provide uniformly high performance for any size IoT device deployment. This requires sound system design and cloud engineering work, about which a manufacturer or partner security service provider should be able to provide insightful discussions and good documentation to consultants and end user customers.
In the opening of his white paper, “How to Think Cloud Native”, Joe Beda, a principal engineer at VMware, says, “One important note: You don’t have to run in the cloud to be cloud native.” The subtitle of the paper is, “Bite-size thought pieces on the definition and development of cloud native capabilities.”
I highly recommend this paper to all physical security industry manufacturers because our industry tends to run five to 15 years behind the IT industry in the adoption of information technology and especially the people and process aspects – the IT practices – related to the full application and use of information technology. It’s the practice side of the picture that the industry is typically incomplete on, often to the detriment of industry customers – the end users and the service providers who support them.
Beda further writes, “These techniques can be applied incrementally as appropriate and should help smooth any transition to the cloud . . . The real value from cloud native goes far beyond the basket of technologies that are closely associated with it. To really understand where our industry is going, we need to examine where and how we can make companies, teams, and people more successful.”
Cloud native techniques – which are still evolving and advancing – have been well-proven at technology-centric, forward-looking companies whose names we all know, such as Google, Netflix and Facebook. These giants have dedicated large amounts of resources to their efforts, and their lessons learned in developing successful (in scale, customer experience, and profitability) cloud solutions are worth considering. In nine pages of mostly plain language, this is what Beda delves into.
It’s natural to think, “This can’t apply to us because we’re a small company, nowhere near the size of the tech giants.” However, Beda tells us, “Smaller, more flexible companies are also realizing value here. However, there are very few examples of this philosophy being applied outside of technology early adopters. We are still at the beginning of this journey when viewed across the wider IT world.” That wider IT world is where the security industry sits — at the beginning of the journey that is Cloud and IoT.
Companies like Microsoft, Facebook, Netflix and Google, who have thousands of software developers, organize themselves into many groups and teams for each product. For smaller companies —like those found in the physical security industry — groups and teams often translate into individuals with a variety of related roles and responsibilities, many of which are only occasionally called into action or are performed regularly but don’t take up much time. The point is that many of the same principles and practices used by the big companies are still applicable, just on a smaller scale.
The rest of this article is devoted to a few technical aspects of Cloud Native IoT that are meaningful to end user customers and security service providers, as well as manufacturers.
Cloud Native IoT
A native application is one that has been developed for use on a specific platform or device, and executes more quickly and efficiently because it makes maximum use of the capabilities built into (i.e. native to) that platform or device, and doesn’t require any extra layers of translation or interface to run there. Thus, we see the terms “native iOS app” and “native Android app” used to refer to mobile apps whose software code is written just for Apple’s iOS or Google’s Android operating system.
Cloud-native refers to an application that has been designed and built to take maximum advantage—based on the purpose of the application—of the key characteristics of cloud computing.
However, IoT has been one of the driving factors in the technological advancement of cloud computing since NIST first described it in 2011. Thus, the Cloud Native Computing Foundation (CNCF) now says that “cloud native applications are specifically designed to take advantage of innovations in cloud computing. They take advantage of modern-day cloud resources and scaling capabilities, which are important for cloud-managed IoT systems.CNCF also says that cloud native applications take advantage of innovations in cloud infrastructure (computing and networking hardware and software designs) driven by cloud computing.
Thus, today, cloud native applications today include apps that run in a cloud provider’s datacenter and also on cloud native platforms on-premise.
The term Cloud Native IoT refers to extensive use of serverless cloud computing resources to maximize the performance of cloud-based IoT systems, as well as to lower the cost of cloud computing for high device count IoT systems and their related analytics applications.
Under server-based cloud architecture, cloud application providers must manage the virtual server or virtual server cluster on which their applications are running. When a spike occurs in IoT device events to be processed and more processing power is needed, more virtual servers need to be spun up, which can take many minutes. That’s not an acceptable time frame for processing door forced open or intrusion alarm events. And it adds a disproportionately high cost for processing just a few events.
With serverless computing, parts of an application run in application containers. A container holds only those software code libraries required to run the application function being placed in it, as opposed to holding an entire server operating system. As a cloud resource, a container can be launched by the application automatically in a few microseconds and will run only as long as it needs to (seconds or minutes) and is then automatically shut down. The cloud service provider only pays for the time the function’s container was actually running. In cloud parlance, this is called Function as a Service (FaaS).
Such an event spike can happen for central station alarm monitoring centers and regional corporate Security Operations Centers when an earthquake occurs, and all the impacted buildings send in their sensor-based and video-based motion-detected alarms. This can render a traditional central station or SOC non-functional as alarms queues get full and valid alarms get lost amid the countless earthquake-caused nuisance alarms.
This is why, for example, Brivo uses containers for functions related to event handling. A new event arrival launches a new container, and regardless of how many events arrived, each event can be processed instantly. When a bunch of events all arrive at once, they get individually processed in parallel. The cloud infrastructure automatically expands the needed cloud resources, including application network bandwidth, so that nothing is delayed longer than its actual no-wait processing time.
This means, for example, that all access control panels at a site can send their activity to the cloud at the same time, and the cloud application never backs up. It means that a regional dashboard of events across many sites is always up to date, no matter how much activity goes on.
Cloud Native IoT means that the cloud application side of a cloud-managed system of on-premises equipment can perform much better than an on-premises system, because there is no such thing as a server’s CPU utilization maxing out. At the busiest times of day, any number of end users can use the cloud application to view events, run reports, and perform other system tasks – all with no delays. Pre-cloud, I’ve seen security applications which, around building opening and closing time or manufacturing plant shift changes, the company’s local software and SOC applications lag in reporting events and performing certain application functions.
Cloud Native IoT also means that robust device and system security controls are in place, such as strong data encryption, and digital certificate-based authentication between IoT devices and on-site appliances as well as with the cloud applications they communicate with.
System Integrations Impact
In earlier times, points of security systems integration could be bottlenecks and sometimes had reliability problems, but most of the time system integrations were not that significant in terms of the amount of data they handled. However, integration activity is changing both in frequency and amount of data exchanged, due to the arrival of AI-based video and IoT sensor-based analytics which have near-real-time sensitivity. Many of the analytics are providing new kinds of data valuable to security and to other functional areas of the business, requiring more types of information than before.
Since most organizations have transitioned many in-house applications to the cloud as well as having subscribed to commercial business cloud-based applications, cloud-based integrations are becoming the norm, especially in the current age of corporate digital transformation. Containerization for cloud application API functions can have a significant impact on security systems integration performance. This is not a significant factor now for most security systems, but it will be going forward.
In summary, Cloud Native IoT means that IoT devices communicate securely with each other and the cloud, and that cloud applications make effective use of modern cloud architecture including the elements of serverless computing, so that they can provide uniformly high performance for any size IoT device deployment. This requires sound system design and cloud engineering work, about which a manufacturer or partner security service provider should be able to provide insightful discussions and good documentation to consultants and end user customers.
A future article will follow up on Beda’s comment that “You don’t have to run in the cloud to be cloud native.” It will address challenges and opportunities for organizations with sizeable security system deployments, and options for transitioning to cloud-managed security systems.
For more information on key aspects of modern cloud and serverless computing as relates to the physical security industry, see the following Real Words or Buzzwords? articles:
- True Cloud – Part 1
- True Cloud – Part 2
- True Cloud – Part 3
- Serverless Computing – Part 1
- Serverless Computing – Part 2