Month: June 2020

Genetec Stratocast™ is a cloud-based video monitoring system that makes the adoption of network video security solutions easy and allows you to connect to your business wherever you go. Using the Microsoft Windows Azure cloud-computing platform, Stratocast eliminates the need for on-site servers. As a result, installation time is reduced and you can begin monitoring your premises quickly. Using video surveillance equipment such as IP (Internet Protocol) cameras or analog cameras, you can record video on your edge recording video unit or in the Stratocast cloud. If recording on your video unit, the video is recorded continuously, whereas if recording in the Stratocast cloud, you can choose to record either continuously or only when motion is detected. From your laptop, tablet, or smartphone, you can then watch live and recorded video that is safely stored in the cloud. In addition, through Genetec Federation™, Security Center users can view and control all Stratocast cameras from their local installation of security desk. The starting diagram illustrates how Stratocast works to keep you connected to your business, wherever you go. Security is crucial for us at every level of development and operations. Based on industry best practices, our engineers embed security standards into the development lifecycle and operations. This white paper focuses on the cloud architecture and the operational security of the platform as well as the security capabilities of the customer portal. The video and camera security of Stratocast are also discussed. Cloud architecture Stratocast is deployed on the Microsoft Azure cloud platform. This platform, with its industry-recognized security, securely stores data that our customers entrust us with. Microsoft Azure has been audited against SOC 1, SOC 2, and SOC 3 standards. Audits are conducted in accordance with SSAE 16 and ISAE 3402 standards. Certifications are regularly updated and can be provided. Stratocast and Azure are also compliant with ISO 27001:2013. The service architecture is built for high availability and scalability, allowing customers to enroll and record as many cameras as needed without impacting the service. There are no constraints limiting the maximum amount of data that can be stored in Azure, as data centers are provisioned with enough capacity to ensure that they meet growing demand. This architecture, coupled with the robustness of the underlying Microsoft Azure Cloud, allows Genetec to provide a 99.5% SLA. Security controls Stratocast and Azure adhere to a rigorous set of security controls that govern operations and support. Genetec and Microsoft deploy a combination of preventive, defensive, and reactive controls including the following mechanisms to help protect against an unauthorized developer and/or administrative activity: Tight access controls, including a mandatory two-factor authentication. Combinations of controls that enhance independent detection of malicious activity. Multiple levels of monitoring, logging, and reporting. Security reports are used to monitor access patterns and to proactively identify and mitigate potential threats. Microsoft administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made. Automatic patching of the operating systems and applications running in the cloud. Additionally, the Genetec and Microsoft teams conduct background verification checks of certain operations personnel and limit access to applications, systems, and network infrastructure based on the level of background verification. High availability Azure facilities are designed to run 24x7x365 and employ various measures to help protect operations from power failure, physical intrusion, and network outages. These datacenters comply with industry standards for physical security and availability. They are managed, monitored, and administered by Microsoft operations personnel. Redundancy Stratocast video is stored in triplicate, within the same datacenter, ensuring the redundancy of critical data and mitigating the impact of hardware failure. Control of data location Knowing and controlling the location of an organization’s data can be an important element of data privacy, compliance and governance. Customers can specify the geographic area where their recordings are stored. Through this approach, recordings are replicated within a defined region for redundancy but are not transmitted outside the customer’s desired geographic boundaries. Operational security As a trusted provider of security solutions for a considerable number of government agencies and high-profile public and private organizations worldwide, we take compliance with local regulations very seriously. This, of course, includes the laws pertaining to data security and protection of privacy in the regions where we sell our products and services. Additionally, to ensure that all customer data is stored and used in an appropriate and secure manner, Stratocast is certified with the ISO 27001:2013 information security standard. The ISO 27001 standard is a framework of policies and procedures including legal, physical, and technical controls that address cyber security risks. These policies and procedures are part of the Information Security Management System (ISMS) at Genetec, that has been audited and certified by the ISO organization. Below is an excerpt of some of the relevant portions of it. Secure development policy Genetec is conscious that security is something that has to be embedded in the development practices and not something that can be added after the fact. Consequently, the Stratocast software development lifecycle (SDL) includes specific activities, pertaining to cyber security, that have to be completed in order to release each new version of Stratocast. These activities are defined in the secure development policy and include – secure design review performed on a periodic basis, manual or automated security testing, and penetration testing performed by a 3rd party auditor. Incident management & disaster recovery I t can be challenging to react appropriately to a cyber security incident when it happens, if nothing has been prepared for it beforehand. To avoid this, we have instilled a well-established incident management plan describing appropriate responses. This includes among others – the criteria defining the severity of an incident, the roles and responsibilities of each stakeholder involved in the management of that incident, the incident lifecycle, and the service level objectives. In a similar fashion, it’s best practice to establish a disaster recovery plan in the event of external service outages. Stratocast has a well thought out plan that reduces any negative…

Given the current Covid-19 pandemic, thermal cameras are receiving increasingly more interest. It is a natural idea to utilize a thermal camera to detect elevated body temperatures. Right now, the Internet is full of information on the subject (including brand new companies), but it’s difficult to understand what is real, what is wishful thinking and what is exaggeration. At Eagle Eye Networks we have purchased a number of thermal cameras and have run a series of tests to determine what is practical with today’s technology. This document details some of the testing we have done and some of our conclusions. We do not claim that our testing is comprehensive or perfect, but we hope, that in sharing it, we can help. This document focuses on the application of thermal cameras to read human body temperature. However, it is important to note, that before the Covid-19 pandemic, thermal cameras, at least as it relates to video surveillance, were primarily used for detecting perimeter breaches. This use case does not require the same level of precision that a thermal camera detecting an elevated body temperature requires. Therefore, typical general-purpose thermal cameras in the market have an accuracy of +/- 5 degrees Fahrenheit, which is not accurate enough to detect elevated body temperatures. It’s also important to note that elevated temperature screening is not screening for coronavirus or for any other illness. In fact, some people who have a virus or illness may not have an elevated body temperature. Additionally, the majority of thermal cameras are not approved for medical use or approved by the FDA, but they may be well suited to provide an initial reading to allow appropriate personnel to perform follow up evaluation and potential diagnosis. Executive summary Thermal cameras can be used to detect elevated temperatures in humans under the right conditions. Creating those conditions can be challenging, but it’s not impossible or impractical. Our experience in testing has shown that the preferred solution includes cooperative subjects and limits measurement to a small number of people simultaneously. Given appropriate conditions we have tested cameras and found they consistently report temperatures within +/- 0.7 degrees Fahrenheit of measurements taken with a traditional thermometer. System components There are various systems in the market place; however, most cameras that are connected to a traditional surveillance system include these: Camera – Thermal and Visible Spectrum. Thermal Calibration Unit (blackbody). Recording System/ Video Management System. Local Display Device (optional). Cameras Some of the more advanced thermal cameras are effectively two cameras in a single housing, these are known by several different names – dual spectrum and bi-spectrum are the most common names. The image below (Figure 1) is a dual spectrum camera from Sunell that was designed to resemble a panda bear. This was originally deployed in Chinese schools where children would look at it as they entered. Each camera produces a video stream, the visible spectrum camera works like most typical surveillance cameras. The thermal camera produces an image that is a visual representation of the different temperatures it has detected. These images can be either in grayscale or in color. Most cameras have several visual choices for how to represent the thermal data. The images above (Figure 2) are from a dual spectrum thermal camera connected to the Eagle Eye Cloud VMS. This is a traditional video surveillance dual spectrum thermal camera, not a camera used to detect elevated body temperatures. There are a few things to note about the images. One is that the field of view is different. The visible camera can capture a wider field of view than the thermal camera. The visible camera has two vehicles in the field of view while the thermal camera only has one. The visible camera captures the street at the top of the image, while the thermal camera does not. The difference in camera field of view is quite common. Also, the thermal camera has a much lower resolution. The figures appear more ‘blocky.’ Thermal cameras today are generally much lower resolution than visible spectrum cameras.   Thermal calibration unit A thermal calibration unit, sometimes referred to as a blackbody, is a device that maintains a specific temperature and does not reflect any energy from the surroundings. It is used as a constant point of reference for the thermal camera. Not all thermal cameras require a calibration unit, but many can make use of them if they are present. A calibration unit requires electrical power, but is not wired to the camera or the VMS/ recorder. It is manually set at a prescribed temperature, and the thermal cameras are configured based on that temperature. Thermal calibration units are typically used when more precise temperature readings are required such as in elevated temperature screening. Some suppliers include a thermal calibration unit with the sale of the camera, but most do not. Calibration units are generally not present for most cameras connected to a video surveillance system. Many security industry personnel are not familiar with thermal calibration units or their use. Recording system/ video management system The cameras are generally connected to a recorder. For this discussion we utilized the Eagle Eye Cloud VMS with its enhancements for support of elevated temperature screening. The cameras are connected to an Eagle Eye Bridge. As shown above (figure 2), The Eagle Eye VMS records both the visible spectrum camera as well as the thermal camera. Additionally, Eagle Eye VMS captures the temperature measurement data that the camera generates. This means that the temperature is associated with specific to me, so searches can be performed based on the temperature, time or person. Notifications can be generated if the temperature is outside of a specified range. In other words, if the temperature is too high, a notification can be made. The notifications can be delivered via various methods, but the most common is via email. Typical notifications will have an image of the person, the temperature detected, as well as name and location of the camera that…

  INTRODUCTION Scope and purpose of this white paper The scope of this white paper is the security for embedded electronic systems and IoT systems, which are generally based on programmable microcontrollers. Examples are electronic consumer and industrial devices, IoT sensors, medical devices. The purpose is to stress the fact that although security countermeasures are necessary to protect embedded systems and IoT systems, they are unfortunately not sufficient to avoid surface attacks. Embedded systems and IoT systems are more and more exposed to a wider range of new security threats, and this trend will very probably accelerate. To prevent damages from security attacks, companies are taking measures to protect their assets, including more specifically their software IP. Unfortunately, in ecosystems where the supply chain is getting more complex, it is frequent that the ones deciding the security levels are not the ones that will be accountable for their choices. Even when security measures have been duly selected and implemented, facts are showing that there are still some underlying vulnerabilities. On average, security experts will break security of more than 80% of implementations during their evaluation phase, for multiple reasons: Security attacks are getting easier to set-up, even by players who have limited technical skills and could use tools available on the web. It costs just a few dollars to launch massive DDoS attacks capable of generating up to 300Gb/s. Security countermeasures have their own limitations, and having an overreliance on those countermeasures could lead to potential hidden security risks. Security implementation matters. Technical challenges in implementing security could potentially lead to vulnerabilities exploited by hackers. A good approach is to do a formal security evaluation with security experts. However, before taking this path, it will be efficient and cost effective to have a second view with a deeper dive into security. In most cases, it will highlight some vulnerabilities and will provide useful guidelines to improve the resistance of embedded systems against security attacks. In this whitepaper, we will: Describe the most frequently used security countermeasures. Review the limitations of these countermeasures and explain why a deeper dive is recommended. Share the views from our security experts. The benefit of this deeper dive is to reduce exposure to security attacks without having to reconsider the whole security approach. Security principles Basic principles It is widely accepted that security must rely on 3 basic principles: Security by design (and not after the facts). End to end security (at OT and IT levels). Security all along the product life. The last one is equally important compared to the first two. We observe that several electronic industries are getting conscious about the security by design and end to end security, and are not considering the importance of security all along the product life. For instance, having a secure mechanism for firmware update over the air (OTA) will prevent a lot of security breaches. Deeper dive I t would be great if a simple application of those basic principles will be enough to counter any potential security attack. Facts are showing that even by applying those principles, there are still remaining vulnerabilities exploited by hackers. Embedded systems are all different and have their own specificities; on the other side, security requirements vary considerably depending on market, applications or risk management policies. Considering that security must be scalable, and that no security scheme fits all, we recommend a deeper dive into security to ensure that the security schemes have been implemented in adequation with the system architecture. A strong security scheme which has not been properly implemented is simply useless. We will explain in this white paper the reasons why these basic security principles are necessary and not sufficient. Disclaimer The information in this white paper provides general information and guidance about cybersecurity; it is not intended as legal advice nor should you consider it as such. WHY DOES A DEEPER DIVE INTO SECURITY MAKE SENSE? Security attacks on embedded systems are getting more frequent There are several reasons that could explain why embedded and IoT systems are getting more vulnerable to security attacks: Systems complexity Embedded and IoT systems are becoming more and more complex due to rich, broad and diverse ecosystems which could be interconnected with each other’s. IoT ecosystems are an illustration of this trend; they include a wider range of technologies like sensors, gateways, networks, clouds with many different standards and limited regulations on security. Limited capacities in devices Many embedded and IoT systems are based on programmable microcontrollers with limitations in processing power and memory storage. Several security countermeasures have not been designed based on those limitations. As a result, they require compromising between security and performance, and most of the time the decision is in favor of the last one. Human errors are always possible The development of new technologies is accelerating, and we do not have enough background of previous threats to know enough about failures in protection. This is leading to an increase of human errors in life of a product – at the design stage, at manufacturing stage and during the implementation of security. Time to market and costs Generally, manufacturers shorten the launch time of products, putting higher priorities on volume of sales, and not always considering fundamental security best practices such as security by design. Security is often seen as an additional cost; this is why, in order to reduce costs, manufacturing companies are also limiting or ignoring security features in their devices. The result would be equipment that can never provide adequate protection. Any countermeasure has its own limitations Deciding a security strategy often means making compromises between risk, cost and time – the easier approach is to rely on legacy security mechanisms proposed by silicon and IP vendors, network providers or other third parties in the value chain. The issue with this approach is that there is no ‘one size fits all’ security solution that can protect any embedded system. The characteristics of each system is different and should be considered…