Real words or buzzwords?: Future-Proof

Aug. 7, 2018
What does 'future-proof' mean in an era of managed services, continuous delivery and ever-accelerating tech advancement?

Editor’s note: This is the 30th article in the “Real Words or Buzzwords?” series from SecurityInfoWatch contributor Ray Bernard about how real words can become empty words and stifle technology progress.

In general, regarding a manufactured product, the term "future-proof" refers to the ability of something to continue to be of beneficial use well into the future. It does not become obsolete or need replacement. Obsolescence can be caused by factors intrinsic to the product itself, or by external factors.

When it comes to electronic security systems, the label “future-proof” was originally applied to systems that were expandable to meet a customer’s future needs. One example is a 16-door access control system that could be upgraded to 32 or 64 doors, or to a larger number of card holders, without having to replace the original 16-door system’s equipment. That was the first usage of the term “future-proof” in the security industry – that a rip and replace upgrade was not required simply to expand the size or capacity of the system.

The original Schlage Electronics proprietary proximity card access control systems were considered future-proof because they were durable and had a decades-long operational life when installed per the manufacturer’s instructions. The technology was wildly successful but had a technical limitation. Only so many unique cards could be manufactured. Thus, the product became obsolete in the sense that its success brought them to the point where new systems could no longer be manufactured and sold, even though 20-year-old systems were still operating as intended.

In the 20th century, security products typically had a life cycle of 10 years or longer. They were standalone systems made for single buildings. Many customers expected that somewhere between five and 10 years after a system’s purchase, they would replace the systems with a new and improved product. That set the roughly five-year pattern for end user security tradeshow attendance. It was a small industry back then. The 1987 International Security Conference (ISC) had 75 vendor booths.

The Arrival of Networks

However, in the last 15 years of the 20th century, Ethernet networking arrived, along with personal computers, software and upgradable device firmware. Standalone security systems started being replaced by multi-building networked systems. After the year-2000 (Y2K problem) corporate network upgrades, enterprise networked security systems arrived. Company-wide rip and replace of security systems was no longer desirable or financially feasible. The cost and disruption could rarely be justified by the incremental security product improvements.

Thus, leading security industry manufacturers, especially Bosch Security, strove to maintain new product compatibility with existing installed products. To this day, Bosch can credibly brag on security tradeshow floors that the advanced systems now on display are compatible with nearly all its installed security products.

As the security industry continued to adopt information technology, the use of the “future-proof” label started to include the idea that software feature development would continue year after year, so that the future functional needs of customers would be supported. Major and minor software upgrades and new product introductions were timed for release at the ASIS International and ISC West annual conferences.

21st Century Death of the Lengthy Product Life Cycle

In the digital world we now live in, many device functions are virtualized. Multi-purpose devices such as smartphones are commonplace, and devices can be upgraded electronically making them increasingly more useful. Product manufacturing life cycles are getting shorter, even though the operational life of products remains the same or is now longer, due to technology improvement.

For example, in 2010 my company specified a certain make and model of camera by Axis Communications for specific outdoor uses. It was the first network camera that could operate at 12 frames per second (fps) at its full five-megapixel resolution. Competing five-megapixel cameras could only serve up 3 or 5 fps. The following year, when it was time to deploy the same design of video system at other sites, that model Axis camera was no longer available. It had been replaced by a newer model that had more features and cost $300 less. The original cameras are still working well and have a total useful life exceeding 10 years. The original camera model was manufactured for only two years. It was made obsolete for manufacturing by technology advancement, which made possible a better camera at a lower manufacturing cost. Axis has continued introducing new and better products at an amazing rate, thanks to its innovative mindset and the ever-increasing pace of technology advancement.

Cloud Clobbers Product Life Cycle

In the world of business information systems, cloud-based systems are largely replacing on-premises client/server-based systems. In the cloud both software and hardware evolve and advance, with no on-premises impact. In the cloud world, products (applications or web service functions) are services available via subscription. There may be a product life cycle for the laptop, tablet, phone or other device through which the cloud application is used, but there isn’t an equivalent product life cycle for the cloud application or web service. Customers expect it to be updated continuously beyond the foreseeable future.

The cloud “product life cycle” is continuous. Technically speaking it has practically a zero-length product cycle and at the same time an infinite length because change never stops from the consumer’s perspective. The life of the cloud service will likely outlast the life of the consumer.

Does the term “future-proof” have any meaning in this kind of situation?

Cyber-Physical Systems

The nature of future-proofing for security industry products is being changed dramatically by the infusion of information technology and its many technology trends, including virtualization, miniaturization, lower-power, mobility, cloud connectivity, big data, artificial intelligence and machine learning. In the previous century, with physical products whose feature sets and capabilities were fixed, future-proofing meant establishing a set of product attributes that guaranteed the long-term usefulness of the product. In the 21st century, formerly physical products have been virtualized so that the physical form factors are in most cases replaced (such as the virtual phone keypad) or miniaturized (like the tiny 10-megapixel phone camera lens), and often also made mobile.

Physical products are virtualized to the maximum extent possible, resulting in what are called cyber-physical systems. According to the National Science Foundation (NSF), “The term ‘cyber-physical systems’ refers to the tight conjoining of and coordination between computational and physical resources. The NSF envisions that the cyber-physical systems of tomorrow will far exceed those of today in terms of adaptability, autonomy, efficiency, functionality, reliability, safety, and usability.”

The NSF’s Cyber-Physical Systems Program page further states, “Research advances in cyber-physical systems promise to transform our world with systems that respond more quickly (e.g., autonomous collision avoidance), are more precise (e.g., robotic surgery and nano-tolerance manufacturing), work in dangerous or inaccessible environments (e.g., autonomous systems for search and rescue, firefighting, and exploration), provide large-scale, distributed coordination (e.g., automated traffic control), are highly efficient (e.g., zero-net energy buildings), augment human capabilities, and enhance societal wellbeing (e.g., assistive technologies and ubiquitous healthcare monitoring and delivery).”

Cyber-physical systems can be mobile like a smartphone, or stationery like the smart electrical grid. The Department of Electrical Engineering and Computer Sciences (EESC) at UC Berkeley provides a concept map for cyber-physical systems, originally developed by NIST in 2012, converted to a picture by Prof. Edward A. Lee of UC Berkeley, with continued development by various contributors to the UC Berkeley initiative. Looking at the concept map, you can see a lot of terminology that is currently being used in discussing updated and emerging physical security industry products.

We are already seeing cyber-physical systems for outdoor event security that create a virtual fence around protected areas and people, with real-time presence control features (the term access control doesn’t really apply).

As it turns out, the advancement of technology has made the term “future-proof” not only more relevant to, but also critically important for, all physical security industry products.

The New Definition of Future-Proof

Today, a physical security industry product or system is future-proof when (a) its feature set – including cybersecurity features – can be synchronized in real-time or near-real-time with its manufacturer’s product advancements; (b) it supports standards-based and emerging protocols for Internet and local connectivity and interoperability; (c) it has an open and secure API that can be utilized by other products and systems, and its API improvements don’t break previous API capabilities except where required for cybersecurity purposes; and (d) its manufacturer is committed to ongoing innovation consistent with user- and partner-community feedback.

Note that it is acceptable for relatively inexpensive and easily-replaceable products to become obsolete by way of a significantly better alternative. Such products don’t have a future-proof requirement. It is not acceptable for deeply or widely integrated products and systems to require complete replacement. Today’s emerging products are designed to be part of an evolvable technology infrastructure and that requires the future-proof attributes defined above.

About the Author:

Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities (www.go-rbcs.com). In 2018 IFSEC Global listed Ray as #12 in the world’s top 30 Security Thought Leaders. He is the author of the Elsevier book Security Technology Convergence Insights available on Amazon. Mr. Bernard is a Subject Matter Expert Faculty of the Security Executive Council (SEC) and an active member of the ASIS International member councils for Physical Security and IT Security. Follow Ray on Twitter: @RayBernardRBCS.

About the Author

Ray Bernard, PSP, CHS-III

Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (www.go-rbcs.com), a firm that provides security consulting services for public and private facilities. He has been a frequent contributor to Security Business, SecurityInfoWatch and STE magazine for decades. He is the author of the Elsevier book Security Technology Convergence Insights, available on Amazon. Mr. Bernard is an active member of the ASIS member councils for Physical Security and IT Security, and is a member of the Subject Matter Expert Faculty of the Security Executive Council (www.SecurityExecutiveCouncil.com).

Follow him on LinkedIn: www.linkedin.com/in/raybernard

Follow him on Twitter: @RayBernardRBCS.