By Barend Keyser
The Wiegand interface, which rose to popularity in the 1980s, has long been accepted by the access control industry as the de facto wiring standard for interfacing between access controllers and various card or biometric readers.
As usual, the longer a technology is around, the more methods of exploiting its flaws will be found. Wiegand devices by their very nature tend to be unsupervised devices which can mean that they are the perfect attack targets for entry into secure areas – be it parliamentary buildings, airports, schools or other highly sensitive points.
The devices that are used for identifying the person attempting to attain access vary from extremely advanced (and expensive) retina, fingerprint or facial scanners through to proximity cards wielding the latest in secure storage and encrypted communication protocols. This information is then sent across insecure wires to a controller that also communicates using the latest in security.
Micro sensors that are put in place to ensure that the devices are not tampered with are ironically often disabled to make for easier servicing, do not have any method of feeding the alarm state back to a security centre, or only disable the device itself when active.
A Google search for the term ‘Hacking Wiegand Protocol’ will reveal many attacks that can be used against access control systems that employ this wiring system, including man-in-the-middle attacks whereby the CEO’s access control identification can be captured and replayed at a later point – this using a bottom-of-the-line and cheapest microcontroller with some fairly simple firmware.
There are various other issues that present themselves; including wiring length, number of wiring cores required to service the full interface, lack of encryption, overlap of card numbers and mostly unidirectional capabilities.
The access controllers or devices that use this wiring standard are not to blame for the on-going use and proliferation of this protocol as it has been used in the industry for so long that it has become ‘part of the furniture’ and accepted as the most common method for interconnectivity.
Tackling all of these challenges and allowing different devices and systems to communicate with each other seamlessly is a fairly complex task which has been taken on by the Security Industry Association (SIA). The protocol that has emerged is called OSDP (Open Supervised Device Protocol).
OSDP has been developed to communicate over two data lines and one earth line which makes it the perfect fit for RS-485 multi-drop communications, however it can also be extended to communicate over TCP/IP. Encryption has been built into the protocol, along with checksums for ensuring data integrity and monitoring capabilities to be able to tell when a device is damaged, offline or being tampered with.
As the access control industry starts to implement this protocol and the standard becomes more accepted there will be more and more devices that support OSDP and less that will implement Wiegand.
As a company, Saflec Systems has decided to start the migration process and has partnered with a number of companies, including Virdi (a popular biometrics provider) and HID to ensure that its solution is on the forefront of this OSDP revolution.
The new SDC-6xx controller range will support the OSDP protocol, and the new display reader soon to be released will also incorporate the protocol.
As the popular idiom goes – “a chain is only as strong as its weakest link”. It’s time to stop relying on this particular link.