Time to finally break away from the Wiegand format?

Time to finally break away from the Wiegand format?

Time to finally break away from the Wiegand format?

By Barend Keyser

The Wiegand interface, which rose to popularity in the 1980s, has long been accepted by the access control industry as the de facto wiring standard for interfacing between access controllers and various card or biometric readers.

As usual, the longer a technology is around, the more methods of exploiting its flaws will be found. Wiegand devices by their very nature tend to be unsupervised devices which can mean that they are the perfect attack targets for entry into secure areas – be it parliamentary buildings, airports, schools or other highly sensitive points.

The devices that are used for identifying the person attempting to attain access vary from extremely advanced (and expensive) retina, fingerprint or facial scanners through to proximity cards wielding the latest in secure storage and encrypted communication protocols. This information is then sent across insecure wires to a controller that also communicates using the latest in security.

Micro sensors that are put in place to ensure that the devices are not tampered with are ironically often disabled to make for easier servicing, do not have any method of feeding the alarm state back to a security centre, or only disable the device itself when active.

A Google search for the term ‘Hacking Wiegand Protocol’ will reveal many attacks that can be used against access control systems that employ this wiring system, including man-in-the-middle attacks whereby the CEO’s access control identification can be captured and replayed at a later point – this using a bottom-of-the-line and cheapest microcontroller with some fairly simple firmware.

There are various other issues that present themselves; including wiring length, number of wiring cores required to service the full interface, lack of encryption, overlap of card numbers and mostly unidirectional capabilities.

The access controllers or devices that use this wiring standard are not to blame for the on-going use and proliferation of this protocol as it has been used in the industry for so long that it has become ‘part of the furniture’ and accepted as the most common method for interconnectivity.

Tackling all of these challenges and allowing different devices and systems to communicate with each other seamlessly is a fairly complex task which has been taken on by the Security Industry Association (SIA). The protocol that has emerged is called OSDP (Open Supervised Device Protocol).

OSDP has been developed to communicate over two data lines and one earth line which makes it the perfect fit for RS-485 multi-drop communications, however it can also be extended to communicate over TCP/IP. Encryption has been built into the protocol, along with checksums for ensuring data integrity and monitoring capabilities to be able to tell when a device is damaged, offline or being tampered with.

As the access control industry starts to implement this protocol and the standard becomes more accepted there will be more and more devices that support OSDP and less that will implement Wiegand.

As a company, Saflec Systems has decided to start the migration process and has partnered with a number of companies, including Virdi (a popular biometrics provider) and HID to ensure that its solution is on the forefront of this OSDP revolution.

The new SDC-6xx controller range will support the OSDP protocol, and the new display reader soon to be released will also incorporate the protocol.

As the popular idiom goes – “a chain is only as strong as its weakest link”. It’s time to stop relying on this particular link.

Get to know Saflec Systems’ SDC-650 Multiple Door Controller

Get to know Saflec Systems’ SDC-650 Multiple Door Controller
Safsys SDC-650 Door Controller

With 15 years of experience in developing access control solutions, Saflec Systems never stops innovating. If you want proof, you don’t need to look much further than our SDC-650 door controller. The SDC-650 replaces the SDC-550 and brings with it a host of new features and functionalities.

The SDC-650 can control up to eight doors and you can link up to 16 SDC door controllers using a protected RS-485 network. Your PC can connect to it using RS-232, the built-in Ethernet connector or through the RS-485 network via another controller.

What’s new?

Some of the SDC-650’s most noticeable features include:

  • On-board TCP/IP and RS-232 connectivity.
  • Micro SD for increased capacities, allowing you to store 1 000 000 tags, 250 000 tags holders, more than 6 million access logs and 3 million system logs, and 256 powerful offline event/action combinations.
  • Dedicated Fire and Tamper inputs.
  • OLED control module for easy setup and local diagnostics.
  • OSDP secure channel compatibility.
Saflec Systems SDC-650 Mulitple Door Controller

An innovative, solid and powerful door controller

Of particular interest to installers is the configuration panel. With its OLED screen, and five control buttons, you can easily change pages or move to another field when configuring the controller. It also has a screen-saving mode; tapping any button will bring the screen to life and allow you to configure the device.

 

Communication with other controllers takes place via a robust, multi-drop RS-485 communications network. Each controller on the network must be assigned a unique address for identification and communications, but this is easily programmed thanks to the aforementioned OLED control module. 

 

The unit comes with a 12Vdc 5A power supply and a battery backup of 7Ah, all mounted in a lockable case, making this a sturdy but flexible piece of hardware.

SDC-650 Sample Configuration Diagram

Saflec Systems SDC-650 Mulitple Door Controller Flow Diagram
For more information about the SDC-650 door controller or any of our access control and identification products, get in touch with one of our sales representatives or email sales@safsys.co.za. They’ll be able to answer any questions you may have and help you to design your ideal security system.