This is the 20th article in the “Real Words or Buzzwords?” series about how real words become empty words and stifle technology progress, also published on SecurityInfoWatch.com.
By Ray Bernard, PSP, CHS-III
The arrival of serverless computing is just one of the many technology advancements occurring in the changing IoT landscape that physical security technology is a part of.
★ ★ ★ GET NOTIFIED! ★ ★ ★
SIGN UP to be notified by email the day a new Real Words or Buzzwords? article is posted!
Real Words or Buzzwords?
The Bi-Weekly Article Series
#1 Proof of the buzzword that killed tech advances in the security industry—but not other industries.
#2 Next Generation (NextGen): A sure way to tell hype from reality.
#3 Customer Centric: Why all security industry companies aren't customer centric.
#4 Best of Breed: What it should mean to companies and their customers.
#5 Open: An openness scale to rate platforms and systems
#6 Network-friendly: It's much more than network connectivity.
#7 Mobile first: Not what it sounds like.
#8 Enterprise Class (Part One): To qualify as Enterprise Class system today is world's beyond what it was yesterday.
#9 Enterprise Class (Part Two): Enterprise Class must be more than just a top-level label.
#10 Enterprise Class (Part Three): Enterprise Class must be 21st century technology.
#11 Intuitive: It’s about time that we had a real-world testable definition for “intuitive”.
#12 State of the Art: A perspective for right-setting our own thinking about technologies.
#13 True Cloud (Part One): Fully evaluating cloud product offerings.
#14 True Cloud (Part Two): Examining the characteristics of 'native-cloud' applications.
#15 True Cloud (Part Three): Due diligence in testing cloud systems.
#16 IP-based, IP-enabled, IP-capable, or IP-connectable?: A perspective for right-setting our own thinking about technologies.
#17 Five Nines: Many people equate high availability with good user experience, yet many more factors are critically important.
#18 Robust: Words like “robust” must be followed by design specifics to be meaningful.
#19 Serverless Computing – Part 1: Why "serverless computing" is critical for some cloud offerings.
#20 Serverless Computing – Part 2: Why full virtualization is the future of cloud computing.
#21 Situational Awareness – Part 1: What products provide situational awareness?
#22 Situational Awareness – Part 2: Why system designs are incomplete without situational awareness?
#23 Situational Awareness – Part 3: How mobile devices change the situational awareness landscape?
#24 Situational Awareness – Part 4: Why situational awareness is a must for security system maintenance and acceptable uptime.
#25 Situational Awareness – Part 5: We are now entering the era of smart buildings and facilities. We must design integrated security systems that are much smarter than those we have designed in the past.
#26 Situational Awareness – Part 6: Developing modern day situational awareness solutions requires moving beyond 20th century thinking.
#27 Situational Awareness – Part 7: Modern day incident response deserves the help that modern technology can provide but doesn’t yet. Filling this void is one of the great security industry opportunities of our time.
#28 Unicity: Security solutions providers can spur innovation by envisioning how the Unicity concept can extend and strengthen physical access into real-time presence management.
#29 The API Economy: Why The API Economy will have a significant impact on the physical security industry moving forward.
#30 Future-Proof: What does Future-Proof mean in an era of managed services, continuous delivery, and ever-accelerating technology advancement?
#33 Software-Defined: Cloud-computing technology, with its many software-defined elements, is bringing self-scaling real-time performance capabilities to physical security system technology.
#34 High-Performance: How the right use of "high-performance" can accelerate the adoption of truly high-performing emerging technologies.
#35 Erasure Coding: Why RAID drive arrays don’t work anymore for video storage, and why Erasure Coding does.
#36 Presence Control: Anyone responsible for access control management or smart building experience must understand and apply presence control.
#37 Internet+: The Internet has evolved into much more than the information superhighway it was originally conceived to be.
#38 Digital Twin: Though few in physical security are familiar with the concept, it holds enormous potential for the industry.
#39 Fog Computing: Though commonly misunderstood, the concept of fog computing has become critically important to physical security systems.
#40 Scale - Part 1: Although many security-industry thought leaders have advocated that we should be “learning from IT,” there is still insufficient emphasis on learning about IT practices, especially for large-scale deployments.
#41 Scale - Part 2: Why the industry has yet to fully grasp what the ‘Internet of Things’ means for scaling physical security devices and systems.
#42 Cyberspace - Part 1: Thought to be an outdated term by some, understanding ‘Cyberspace’ and how it differs from ‘Cyber’ is paramount for security practitioners.
#43 Cyber-Physical Systems - Part 1: We must understand what it means that electronic physical security systems are cyber-physical systems.
#44 Cyberspace - Part 2: Thought to be an outdated term by some, understanding ‘Cyberspace’ and how it differs from ‘Cyber’ is paramount for security practitioners.
#45 Artificial Intelligence, Machine Learning and Deep Learning: Examining the differences in these technologies and their respective benefits for the security industry.
#46 VDI – Virtual Desktop Infrastructure: At first glance, VDI doesn’t seem to have much application to a SOC deployment. But a closer look reveals why it is actually of critical importance.
#47 Hybrid Cloud: The definition of hybrid cloud has evolved, and it’s important to understand the implications for physical security system deployments.
#48 Legacy: How you define ‘legacy technology’ may determine whether you get to update or replace critical systems.
#49 H.264 - Part 1: Examining the terms involved in camera stream configuration settings and why they are important.
#50 H.264 - Part 2: A look at the different H.264 video frame types and how they relate to intended uses of video.
More to come about every other week.
I’m repeating the definition of cloud computing by Kunjan Dalal, founder and CEO of AuroSys Solutions LLC, that I presented at the start of the first Serverless Computing article, because it properly frames the most important aspect of serverless computing: virtualization. Dalal stated:
“Cloud computing is an internet based technology model that allows users to instantly access, manage and deploy large shared, virtual computing resources.”
What Does Virtual Mean?
Thanks to the evolution of computing, the word “virtual” is now being used in a way that has never been able to be used before. Prior to computers as we know them, “virtual” was defined this way according to the English Oxford Living Dictionaries:
- almost or nearly as described, but not completely or according to strict definition.
synonyms: effective, in effect, near, near enough, essential, practical, to all intents and purposes
Virtual computing originally referred to using software to mimic the functions of computing hardware (a “virtual” machine). A computer operating system and its applications wouldn’t “know” they were running on software instead of running directly on computing hardware. At first, running an operating system and applications in a virtual machine wasn’t as fast as running it directly on the hardware, and also had a very few limitations, being that the virtual machine actually wasn’t hardware.
However, as computing hardware became faster and faster, and because computer chipsets were then given special features to specifically support high-speed virtual machine computing, something happened that has drastically and permanently changed the world of computing:
Virtual computers became better than the computers they originally imitated.
Thus, the virtual devices in our smartphones, like cameras, light meters, movie screens, GPS navigators and so on, are more popular than the original devices. The virtual versions cost less, are more convenient, and can go with us anywhere. They have “virtues” that their original counterparts could never possess. The idea that virtual can be better goes far beyond the original meaning of the word “virtual”.
So, it should be no surprise that the Google graph of word usage for “virtual”, for the past two hundred years, shows a huge spike in the past two decades. This is because now, most uses of the word virtual refer to virtual computing.
The Reasons for Serverless Computing
Virtualization separates functionality from the physical constraints imposed by the machine or device that originally provided that functionality. Thus, the functionality becomes more useful, more available, more sharable, more powerful, more flexible, more scalable and perhaps more importantly – more affordable at scale. Being more affordable at scale is just the opposite of non-virtual machines. Virtual machines can be created, run, managed and deleted electronically, and of course physical machines can’t be. Yes, there are physical machines underlying the virtual machines, but the complexities of computing have moved out of the physical machines and into the virtual machines—where for the first time they can be managed at scale.
Computing is evolving towards Internet scale.
To do that, computing must leave behind the server form factor, which was imposed on it because the predominant computer machine has, until very recently, been the server. Servers made data centers and Internet computing possible, but to scale up for enterprise needs and the Internet—virtual machines were required. Virtual servers further accelerated the expansion of the Internet and the World Wide Web. Now—they are holding it back. Hence the rise of serverless computing, which removes unneeded server-design constraints from virtual computing resources.
But the evolution of cloud data center computing isn’t likely to stop there. Computing hardware itself no longer needs to conform to the traditional server form factor—because virtual computing doesn’t need it. What virtual computing does need is high-performance pools of computing, storage, and networking resources. But there is no requirement for those to be packaged up in the traditional server form factor.
Now that legacy constraints are being removed from the computing hardware base underlying cloud computing, computing and networking is poised to evolve even more dramatically.
Implications for Physical Security
Unfortunately, the full spectrum of security threats is enabled by the computing and networking advances that are generally available. Physical security threats are IT-enabled, and what we used to call the “blended threat” (physical plus IT) is no longer an exception, it’s a permanent situation of increasingly enabled threat actors. This means that electronic security systems, including cloud offerings, must (a) keep pace with the general advances in computing technology, and (b) use information technology capabilities to more effectively enable physical security technology end users to the maximum extent possible.
This has implications for those of us working on the forefront of physical security industry technology. Wait a minute—isn’t that most security industry companies? Or if it isn’t, shouldn’t it be?
The arrival of serverless computing is just one of the many technology advancements occurring in the changing IoT landscape that physical security technology is a part of. Unfortunately, we’re not yet the best part of it, or even one of the better parts of it. Especially regarding cybersecurity. But we could be, and there is no reason not to be. For that to happen, physical security industry companies must do two things:
- Rapidly get current in their understanding of information technology, including cloud computing.
- Fully adopt IT practices relating to the development, deployment and management of security products and system.
For many industry companies, this means getting active (or more active) in the work of the Security Industry Association (SIA) committees and working groups for standards and education. SIA is a much more advanced organization that it was just five years ago, and it needs to accelerate that forward progress even more—which requires very active participation by security industry companies.
Consultants and integrators must keep looking closely at the technological maturity of security industry companies, and their participation in advancing industry initiatives. The learning and knowledge sharing that occurs puts participating companies in the strongest position to advance their own products and services.
Given the emergence of as-a-service offerings, which is the inevitable technology trend, consultant and integrator knowledge of industry companies is especially critical. There is no other way to assure we can identify the best technologies and services that match the risk mitigation needs and technical infrastructure requirements of customers, who are counting on us to do just that.
Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities (www.go-rbcs.com). He is the author of the Elsevier book Security Technology Convergence Insights available on Amazon. Mr. Bernard is a Subject Matter Expert Faculty of the Security Executive Council (SEC) and an active member of the ASIS International member councils for Physical Security and IT Security.