As I said in my last post on TechSec (another monster of a blog post), the standards panel that closed the conference was an important discussion for the industry. Rob Zivney, VP of sales and marketing at Hirsch, and someone whoâ€™s been active with standards efforts for SIA, BACnet, and the federal government, convened a panel with some of the leading voices in the current push for standards in the security (specifically the IP-based security) industry.
With him were Jonas Andersson, chair of the ONVIF effort being led by Axis, Bosch, and Sony; Rob Hile, chair of the PSIA, a group of companies brought together by David Bunzel after the last TechSec; Roger Roehr, head of the government vertical at Software House (so active with FIPS 201/HSPD-12/NIST activities), and the chair of the Smart Card Alliances physical security committee; and Hunter Knight, generally known as the father of SIAâ€™s standards efforts, which have resulted in the OSIPS body of increasingly ANSI-recognized standards.
For some reason, I decided to transcribe the entire conversation they had, and youâ€™ll see it below. I was going to only give you the highlights, but I found there werenâ€™t that many lowlights. Itâ€™s over 5,000 words, but itâ€™s worth reading over the lunch break or something because there are some important points made about the future of the industry and where you might want to sink some of your dollars in working with these standards efforts, and what the benefit to you might be.
Rob Zivney: 2009 is a year of standards. Youâ€™re going to see a lot of new standards, where weâ€™ve been an industry without standards up until now. Weâ€™re going to see an unwanted abundance of standards, a plethora; youâ€™re going from nothing to a lot
Some of us have torn allegiances here. I personally am involved with SIA and BACnet.
And just to start things off: The private sector today has more than 600 organizations preparing standards, trade associations, SDOs, consortia; thereâ€™s no right or wrong way to do it. They all can achieve credibility in the marketplace. They will compete in some areas and they may cooperate in others
The first volley: After six years in development, BACnet just voted out of committee the first access control standard for our industry. The BACnet standard is recognized by ANSI, as well as being an ISO standard, itâ€™s downloadable this week. This is an open standard for no fees or royalties.
So, the first question for the panel: Why is your organization the best for developing standards, and what do you think of BACnet being out there first?
Jonas Andersson: The benefit of ONVIF â€“ Really there are three cornerstones: developing and standardizing on the interface level - we released the first specification in November, based on the architecture of Web services. The second cornerstone is interoperability, not only specification for standardization, but also a test specification, so weâ€™ll develop a test tool that weâ€™ll offer to all members to ensure compliance to the standard, and the web standards will provide code generation. The third cornerstone is that itâ€™s a global open organization, concentrating on processes for cooperating, the processes for conformance. The organization today consists of Axis, Bosch, Sony, Cisco, Panasonic, Samsung, and a number of other companies.
Hile: After hearing it for five years, a bunch of us just got together and decided to do something about it, to promote the interoperability of all IP-enabled security devices, not just video. We have active initiatives in CCTV, video analytics, an access control working group. Itâ€™s a bunch of industry leaders who got together; weâ€™re an open system, we came out with a specification that is open. Weâ€™ve got core members and associate members - we want to get something done. Weâ€™re tired of not having â€“ are we the best standard, no, but we have a very good specification, based on REST architecture, everything is going to the edge, seeing that with the TI chip, and REST is the best tool out there for edge-level integration. Is our specification the best?
I donâ€™t know, thatâ€™s open to industry interpretation.
Iâ€™ve got an interesting perspective on this. I came out of the DDC controls industry. Does anyone know what the original standard for DDC was? No? The original open standard for the DDC controls industry was pneumatics. It was air. Then all of a sudden everyone had their own protocol. I worked for Johnson Controls and then what later became Andover, I thought we had the best access control system because it worked with our HVAC system, but it was still proprietary. And it came down to cost, the end users were tired of the cost of all these disparate systems, and thatâ€™s exactly whatâ€™s happening in our industry, and now you look at the DDC controls industry, they have BACnet and they have Lon ware, so am I surprised to see BACnet here? No Iâ€™m not.
Itâ€™s not a stretch to see a day when every IP device, elevator control, lighting control, a smoke detector, are all geo-spatially aware that each other exists, not only to save money, but also to give us almost artificial intelligence, so we can be proactive instead of reactive.
Roger Roehr: The smart card alliance is an alliance of end users, integrators, and manufactures. Weâ€™re not a standards creating organization, weâ€™re in the enviable spot of going out and stealing other standards â€“ through our members we come up with existing standards that are already out there. There might be something thatâ€™s already written that you need, and trying to figure out which one you need, the alliance almost becomes the google of the standards. You say, â€˜Hey, I think that will fit?â€™
I think the BACnet standard is interesting and weâ€™ll be happy to steal from them.
Hunter Knight: OSIPS is a program that we started I think nine years/10 years ago, at the direction of the board of directors of SIA. They had done a lot of market studies and had end users complaining about the lack of interoperability, complaining about not being able to switch from one supplier to another. The association however, recognized the need to have an aggressive standards program, and created an open forum looking at NIST-defined systems integration, putting things together, and performance, predictable performance, metrics that you can apply to a standard for compliance. And this program was drafted and heatedly argued among the board at that time, funded, and has been a cornerstone of the SIA business plan going forward.
There was a lot or reluctance, if not intransigence, on the part of the membership to participate. There was almost no effective infrastructure to manage and provide venues. We just didnâ€™t have the talent to put a program of substance together. It took three or four years to get our sea legs, and what we did was focus on the end user community. We figured theyâ€™d come along if their customers mandated it. We worked several years to build trust, so that they didnâ€™t feel it was a sales scam, and weâ€™ve been successful in gaining that trust in the federal space. We havenâ€™t gotten tons of allegiances in the commercial space, but thatâ€™s harder to organize and quantify.
What have we done? Our task was to build a mechanism for all kinds of security technologies to talk to each other. And we had a lot of meetings, conferences, government round tables: What is it that we should be going set out to do? That round table decided they wanted to be able to talk to any other product, and to do that we need some kind of foundational level document that allows each thing to talk to each other - what does time look like? How does data look to each other? And it was hard to inventory all those requirements, so we started on several different standards and we thought weâ€™d learn enough to really define what the foundation should look like along the way, and weâ€™ve done a lot of work on a lot of standards: How identity management should be accomplished, how access control calculations should be done, what access point controllers should be done. Weâ€™ve looked at digital video - thatâ€™s one of the first standards we addressed - sensors, a lot of those different things. Today, the framework document is now an ASNI standard, the digital video interface standard is an ANSSI standard.
Zivney: I did say that BACnet was first in access control, but SIA was out with video first.
But Iâ€™ve got another question: Do standards insure interoperability
Roehr: The simple answer is no. What you have to realize is that standards are written by industry consensus, and if there isnâ€™t consensus, nothing gets written or multiple avenues get written. Look at HSPD-12: thereâ€™s two places where we see this issue come up â€“ they define both a part a and a part b, and the government just said weâ€™ll support them both, both type a and type b cards, which puts another requirement on manufactures that want to sell product to the federal government.
The second was biometrics, thereâ€™s the ANSI insights minutiae template and the pattern template, and the government said they didnâ€™t want to deal with pattern template, and that pretty much eliminated the go forward development of pattern templates for biometrics companies, and they did that through their own FIPS standard.
Andersson: Writing specifications does not ensure interoperability. It takes much more than that â€“ if youâ€™re familiar with web services, developed by the world wide web consortium, already a worldwide standard, and thatâ€™s wsdl, and thatâ€™s the full interface of the ONVIF specification, and then each manufacturer can use this for code generation, but also on the client side, you use this to automatically generate the code and automatically ensure you have interoperability â€“ furthermore, I would say thatâ€™s not even enough, itâ€™s just insuring that the interface is correct, but if you request the h.264, you have to make sure that you get that stream, so you need a test tool and a conformance process to ensure that interoperability.
Zivney: You mentioned REST earlier Rob, whatâ€™s that stand for?
Hile: REST represents â€“ you donâ€™t want me to get technical â€“ itâ€™s an architecture style thatâ€™s built around exchanging information in an open format, using tools that are readily available, and itâ€™s best for the edge integration. You donâ€™t need the skills and tools that you need for some other architecture styles out there.
Having standards does not ensure interoperability, until you have a standard thatâ€™s widely adopted, and thatâ€™s written around interoperability, itâ€™s not going to be successful.
Knight: I want to call the audienceâ€™s attention to my colleagues to the far right. They all represent very serious and intelligent and capable specialized interests, in areas that overlap, and what we have are two distinct solutions that both of them are pitching to us, and theyâ€™re both quality solutions, but what weâ€™re doing by virtue of the process is weâ€™re balkanizing the industry, ensuring the failure of standards to unify and achieve open system integration and predictable performance. It doesnâ€™t mean that what theyâ€™re doing is wrong, itâ€™s a good thing, but it speaks to the standards process in general. Theyâ€™re making great intellectual contributions, but weâ€™re doing it in a balkanized way, and so weâ€™re not getting the aggregate harmonization of these in the ASNI process that has very strict rules for consensus based development, no pay to play, public review, all those things that are fundamental to the development of standards that will actually work.
Another issue for a standard to actually work, both the consumer and the manufacturer have to be partners in the development of the standard, and this is my considered opinion. If itâ€™s just manufacturers agreeing to do something a certain way, thatâ€™s fine, but whether they can shove it down the customersâ€™ throat is kind of in doubt. You have to build a constituency behind the standard that brings everyone to the same table and they need to work on defining the use cases. But absent the motivation to utilize the standards and absent the open consensus based forum, I donâ€™t think you get standards that work. I think you get a balkanized development environment. Manufacturers will go that way, customers will go another way, and the next solution will come along and frustrate everybody and weâ€™ll wind up where access control is today.
Zivney: What are the market forces that are driving standards?
Hile: Itâ€™s all about the cost, itâ€™s about cost of ownership, cost of implementation. Itâ€™s about a system being obsolete because it wonâ€™t talk to anything else. Every tool they have is interoperable with something else, except they canâ€™t expand their camera system without going back to the original manufacturer, and thatâ€™s wrong. You might think Iâ€™m talking out of both sides of my mouth, because weâ€™re making a lot of money taking those disparate systems and making them talk, but Idâ€™ rather make my money making the customer happy with services, instead of making my money every time vendor a doesnâ€™t work with vendor b.
Zivney: The customer drove the demand for standards, but it took 10 years to get that first BACnet standard out, and this is not an easy process.
Knight: I saw an industry recognize that its customer base was angry at it, and they felt like, â€˜boy we better placate them because otherwise they might do harm to our revenues.â€™ But a more mature perspective about the value of standards is that it defines markets, makes it possible for folks outside the current market to come in and use the standards within that market. You can count on buying products in markets that are subject to open public based standards, so if youâ€™re a manufacturer of a product in this space, and participating in standards itâ€™s a good plan, because you will know what to do first, and your products can be more acceptable to people in your market, and more important, outside your market.
Iâ€™ve got an example for you: In the early to mid 80s, if you wanted to put a network in your business, it was a proprietary experience, and a network card cost $450 and the software cost three thousand dollars, and no one would talk to anyone, and it was frustrating. Today a network card costs $25 and it does everything under the sun. And now a lot of manufacturers arenâ€™t there, but the ones that are there are making a lot of money, and the business expanded for the manufacturers and the end users, and thatâ€™s why we should all be participating: faster solutions development, more competitive environment, so we get better products faster, and much more capability, and save money, yes.
Roehr: You hit the pin on the head - it is the customer at the end of the day who says, â€˜Hey, I want something thatâ€™s interoperable.â€™ After you get out of that, â€˜hey, Iâ€™m going to be a proprietary manufacturerâ€™ mode, one of the things thatâ€™s a big benefit is that you gain from the intellectual capital of everyone in the industry. You donâ€™t just have this myopic view of your world from where you sit, or what you learned at maybe one trade show a year. Youâ€™re actively engaged with your colleagues and your customers, and if you donâ€™t do that, youâ€™re going to fail. You find out and get the consensus of everyoneâ€™s good ideas. Iâ€™ve certainly come from a lot of standards meetings thinking one thing and leaving thinking another.
Question from the audience: Have we looked around the world at what other countries and groups are doing?
Andersson: There are certainly standardization organizations doing work around the world, BACnet, SIA; you see organizations like Senelec in Europe that are on the same pace right now, not only with video but with other devices as well. We are also involved with organizations like JAFA in Japan, really trying to get a global overview, get these efforts aligned.
Zivney: Are we reaching out to the globe with these efforts or just an American base? Hunter?
Knight: Iâ€™ve been to China, for SIA, Iâ€™ve been to Brazil. We have other staff members whoâ€™ve been to other countries working with local industry associations around the world. We all look at everyone elseâ€™s technical standards as they are available. But the problem is more fundamental. The existence of standards in Europe vis a vis different standards in the U.S. creates market opportunities and difficulties, for each of the parties. And there are lots of politics. ANSI is the US representative to ISO. ANSI is therefore the top dog for standards in the United States, and when you look at the position of the United States vis a vis Europe, and the development of the protection of markets. For example in Europe they might want to develop a standard that freezes U.S. products out and at the same time eases European products into the U.S., so thereâ€™s all this internecine warfare going on out there.
You canâ€™t just hope that you get good standards. Itâ€™s a very tough problem. If you think itâ€™s hard to develop a standard in the U.S., try developing one worldwide.
Zivney: So, is SIA trying to develop a global standard or a US standard?
Knight: All SIA standards are right now ANSI standards, because that has to be our first step, but theyâ€™re all formatted and tagged to go to ISO; our focus is to have all ISO standards over time. But I canâ€™t minimize the challenges. The way to make it better is to get more of you folks to come up to DC and participate and give your opinions.
Roehr: Most of the standards I deal with are developed internationally, and weâ€™re starting to leverage them here in the United States, theyâ€™re either German or French and have been moved up through the ISO process and are being used in the United States.
Hile: Weâ€™ve talked to Senelec and the British Security Industry Association. Our philosophy is pretty simple. Weâ€™re not a SDO. Weâ€™d like to develop a specification and weâ€™d like SIA to take that specification and run it through its process and make sure it is an international standard.
Zivney: How do companies realize a return on investment for participating in this process? Can the new small guys participate in standards development? In many cases they donâ€™t have the money or the bandwidth to participate in these things. So, can the little guys participate with your groups and do you charge for participation?
Hile: Itâ€™s my personal opinion that the smaller manufactures stand the most to gain from interoperability. Most of the VMS players have already integrated with a lot of the big players, so the small guys are standing there looking at a brick wall, and they have no way of working with these VMS players unless they sell a lot of cameras and then can leverage the fact that they want a gateway or an API to their system. So, yeah, the little guys can participate and I think thereâ€™s tremendous return on investment for them.
The larger players, their return on investment is that they better do something or theyâ€™re going to get run over. Thatâ€™s probably not the best thing for the industry, but maybe it is, to get us out of the proprietary system that weâ€™re in.
As far as pay to play, we are open, we do have core memberships that are fee-based, based on SIA and what some of the other organizations do. But our specification is out, you can go to the internet and register for it. Itâ€™s an open comment specification. We want industry influence on the specification and we take that very seriously.
Zivney: Itâ€™s not unusual for standards development activities to have a cost associated with it, and therefore a fee associated with it, so I didnâ€™t mean that to be a negative. Jonas?
Andersson: In my opinion, companies can actually calculate how advantageous it will actually be to engage in a standard organization. If you look at the manufacturers of video devices, access control devices, for example, thereâ€™s a cost in developing the interface, but also a certain cost in ensuring that the interface is correct and testing and so on. But you can actually calculate how much that would cost and how much you would gain by joining a standard organization, or standardization effort in general, to actually reduce your development and testing costs.
Zivney: Can you clarify whether ONVIF includes a testing body to go along with it?
Andersson: Iâ€™ll get back to that. But Iâ€™d like to begin on the other thing first. Specifically if you look at VMS manufacturers, who have to develop support for hundreds of video interfaces today and test them, they can reduce that cost quite a lot. Even a small company will gain a lot by influencing standardization and reducing their development costs.
To get back to the test body, ONVIF will provide a conformance process, and the test tools to ensure that the manufactures have the quality interface.
Zivney: Does ONVIF charge?
Andersson: To join ONVIF itâ€™s from $1000 to get a hold of all of this, but just as Rob mentioned, the specification is of course available freely on the Internet. But to get all of these test specifications, the test tools and process, itâ€™s $1000 per year, and then there are higher levels to be more involved.
Zivney: Hunter, does SIA charge?
Knight: SIA makes no charge for participating in its standards program. You donâ€™t even have to be a member. You have to pay your own expenses. In any particular standards program you might have four meetings a year, two days, probably spend $1000 in meeting expenses, so youâ€™ve got some meeting expenses, and a critical person may or may not be missing from the group.
One of the things you asked Rob, was what about small companies. In 11 years of doing this, what I find is the greatest contributors, the most effective contributors, come from small companies, and they end up having an enormous influence on the evolution of standards, and why is that? Because they donâ€™t send a junior person, they send a CEO or provisionary for the organization to the meeting, and that brings in a wealth of talent that we donâ€™t normally see when a big company leads a charge of following chickens, or a couple big companies lead a group to go build some standards. It tends to be the big guys set the pace, and the rest of the guys chug along and just hang on.
At SIA, we find the small organizations have the greatest influence and the greatest contribution, and the voting process, because itâ€™s ANSI, is such that a big company canâ€™t overpower a little company, five big companies canâ€™t overpower five little companies, so itâ€™s a really democratic process, and itâ€™s fun to watch how ideas change and get manipulated because of the brilliance of some of the contributors.
Zivney: Iâ€™m going to ask a question. So, Jonas and Rob Hile can come to a SIA meeting, come participate on day one, without having to pre-register and pay money? And Iâ€™ll ask it the other way around, can Hunter show up at one of your meetings and participate without having to pre-register or pay money?
Knight: You can come, you just need to let us know so we can buy lunch for you. We tend to work a lot. Thereâ€™s no charge, you can come and participate. You get on the mailing list. You donâ€™t even need to come, just say youâ€™re interested and youâ€™ll get all the evolutionary documents and participate. But itâ€™s a thrilling process if you get in there and participate.
Zivney: How does it work the other way around?
Andersson: Well, at ONVIF, you have to be a member, but like Hunter talked about, we do have democracy. Itâ€™s one vote for one company, so itâ€™s important to get that democracy in there in these organizations so small companies can cooperate with the larger in developing these standards.
And you mentioned earlier that itâ€™s important for small companies to join and influence, and I agree on that, but often you need some larger manufactures to really get things going and implementing the standards on the market and providing product.
Hile: These are very good points that are being made up here.
To be a voting member of the PSIA you do have to join and there is a fee associated with that. We try to take a little simpler approach by putting our specification on the Internet so you donâ€™t have to travel to DC four times a year to get input into our specification. You donâ€™t have to travel. Iâ€™ll also add that our organization just got off the ground, and weâ€™ve been getting beat up because weâ€™ve had some closed meetings, and a lot of people are a little, â€˜what the heckâ€™s going on with this PSIA group and whatâ€™s been going on?â€™ Really, that just came down to financials. We didnâ€™t have enough money to rent a room. So we just basically begged, borrowed, and stole to get a small room so we could have core group meetings to get this thing off the ground.
However, we are a little more organized now, weâ€™ve got some cash, and we are going to have an open meeting at ISC West. All of my friends here can come, everybody out there can come, and weâ€™ll tell everybody whatâ€™s going on.
Zivney: Roger, youâ€™re involved in a lot of committee activity, who do you see mostly involved? Large guys, small guys?
Roehr: Most of the guys I see are large guys, just because of the travel expenses, and that. I do think itâ€™s a value for an organization no matter what size it is. To reiterate, the Smart Card Alliance is not an SDO, the product we primarily put out is a white paper. We are an alliance, we do run off of membership, so it is a corporate membership, and then any employee of that corporation can attend any of the council calls. We do not in general have in-person meetings; we generally do white paper development through conference calls and WebXs.
Zivney: And typically your white papers might even talk about how to use the standards of another body, right?
Roehr: Yes, quite often it is about how to use the standard of another body. Or, in the case of the one weâ€™re working on right now, weâ€™re recommending to NIST that they use the standard of another body for their program.
Knight: One comment. I should point out that SIA doesnâ€™t always have face to face meetings, but since most of our technical design work is done around a conference table, I think weâ€™ve found that weâ€™re more efficient and get better work done in person. However, we do do the WebX, we do do the conference calls, we do circulate documents for comment. I donâ€™t want to make you think itâ€™s only face to face, but I really think you get the most effective work with a couple of days of face to face meetings.
Zivney: I promised Iâ€™d get to a question in the back here.
Question: (Paraphrasing, because itâ€™s mostly inaudible) How does a software company like us, which is small and just getting started in the industry, possibly participate in all of these organizations, and how are we supposed to compare the different organizations and try to get an opinion on which might be the best to work with?
Zivney: And Iâ€™d like to add to that question: Do you all have Web sites that make it easy to compare between each other, and if not what do you do?
Hile: Definitely a web site, PSIalliance.org. What weâ€™ve tried to do is we didnâ€™t want to reinvent the wheel. Weâ€™re not an SDO. We really just wanted to take some grassroots, come up with some interoperable specifications for the industry. We reached out to SIA, we reached out to ONVIF. Thereâ€™s some emails going around today, actually, to maybe try to merge the 2.0 specification. Itâ€™s not going to do us any good to all get up here and beat the crap out of each other. Itâ€™s not going to do the industry any good. Itâ€™s not going to do our customers any good. We all realize our customers are demanding standards. So I think youâ€™ll see a lot more cooperation.
Zivney: I think you might be able to say for TechSec, that this was the first time that the standards bodies came together in one group and actually started talking about some of that cooperation.
Knight: I actually have to take some exception to some of that. As an ANSI SDO, weâ€™re subject to some very rigorous rules, or otherwise weâ€™ll lose our charter. Weâ€™re not a pass-through organization. Thereâ€™s a very rigorous set of rules that we need to follow. Which are good rules. Open, public, consensus-based standards development. I look forward to a time when ONFIV and PSIA will make some technical submissions to SIA for consideration, we also do calls for comment.
I should point out thereâ€™s some news, itâ€™s not out there but itâ€™s new. Thereâ€™s actually some nitty little details that get blown out of proportion and theyâ€™re called bindings. And the group working on bindings has made some tactical changes about how itâ€™s been done, and weâ€™ve identified a binding call SOAP, a binding called SIP â€“ sounds kind of weird, like a beer commercial maybe â€“ and then a pair of bindings called RTP and RTSP, thatâ€™s for video, the one in the middle is for audio, and the first one is for non-streaming data. And theyâ€™re probably going to be the initial industry standards for bindings, setting up the communication path. Thereâ€™ll be a press release next week or something, but I can say that. I happen to be the chair of the committee that did that.
Thereâ€™s going to be some work to validate these initial selections, and the follow on with a bunch of calls for comment. But we canâ€™t just take a PSIA standard and they say, â€˜hey, here, pass this on to ANSI.â€™ It has to go into project and it has to go through the mill.
Iâ€™m sympathetic to people who have multiple products, and who have to participate in a lot of these things. Last year I spent $42,000 attending these meetings. So I understand the cost. But what I will tell you is that if you want to position your company at the front of the line for being able to reach out and get into other spaces and get into new markets, then youâ€™re foolish if you donâ€™t get in and participate in an open standards process.
Zivney: Iâ€™m going to take one more question here, and Iâ€™ll ask the panelists to answer it in writing and ask the panelists to submit it to the publications. What if you guys are all successful, can our industry comply with all of the standards? Are we looking at a new kind of crisis? We go from zero standards to too many to possibly comply with? What do we do?
Knight: I can tell you what the federal government is going to do. Public law Number 4, which is an amendment to some other thing, creates a requirement on the part of the federal government, using federal money, that they must go out and buy things using consensus-based open standards, as a basis for the acquisition of products. By the way this is one of the reasons we focused on them early in trying to build a consensus.
Therefore SIA made the decision to work only on ANSI standards, because those standards would have the force of law, in some sense, for the federal acquisitions of products. Now I donâ€™t think thatâ€™s going to be a day or night thing, I think it will be gradual. But thatâ€™s there, so anybody in the federal government that wants to go out and buy something that doesnâ€™t conform to those standards is going to find that their boss has to go to the secretary of commerce and explain why he didnâ€™t follow the rules. Thatâ€™s an annual requirement in the federal government.
How effective that will be? Itâ€™s been effective in other industries, but weâ€™ll see. Because those standards are now coming out of SIA, and we did that because it creates value for our members, because the work that they did on standards has a better defined pay off. thereâ€™s a big market segment thatâ€™s out there thatâ€™s going to create value.
Roehr: As a smart card alliance, weâ€™re not an SDO, so what we see is that standards are out there, and if you have a wide variety of standards, it does allow you to choose the standard that will work for your implementation. I talked a little bit about what the federal government did with their PIV effort, and they accepted multiple standards and encompassed more than one and then chose a path in some other places. I think at the end of the day, the good thing about standards is that itâ€™s a consensus of a lot of smart people, and thereâ€™s a lot of thought that goes into that, and itâ€™s not something thatâ€™s just someoneâ€™s off the cuff thought. You have a pretty good chance of getting something that gets you down the road to interoperability, and has some pretty good thought behind it as to how to implement your solution.
Andersson: I donâ€™t think you should exaggerate that youâ€™ll get several standards. Itâ€™s just as Rob said earlier, thereâ€™s been a lot of communication between organizations here, between SIA, and ONVIF, and PSIA, and as Hunter mentioned earlier, you need to formalize this specification, as it should rightfully be called, into a more formalized standard before you can start using them. And this is quite early days for standards, even though thereâ€™s been quite a lot of work being done by SIA for a long time, and getting all the companies involved, and now thereâ€™s more and more discussion between organizations and weâ€™ll wait and see if there are several standards.
Hile: No, I agree. Itâ€™s interesting. I keep hearing this over and over again, and, Rob, I think itâ€™s just an excuse: â€˜Oh, my God, weâ€™ve got all these specifications and standards now!â€™ We had none. We had none a couple years ago. And now weâ€™ve got four people sitting up here, four groups that are passionate about standards. Okay, so we get our specification approved, and itâ€™s based on REST for its architecture. And you (turning toward Jonas) get your specification published and itâ€™s based on web services. We have another one thatâ€™s based on SOAP. Okay, weâ€™ve got three! Iâ€™m damned excited about that! I had none!
When you look at all of those specifications and architecture styles, you can specifically see those architecture styles. If youâ€™re doing host-level integration between two disparate computer networks, SOAP might be the best choice. If Iâ€™m doing edge-level integration, I might want to use web services or REST. So youâ€™re going to have a lot of tools. Donâ€™t get wrapped up in if you have a lot of standards itâ€™s a bad thing. A lot of industries thereâ€™s two or three, and you use those tools when you get to specific integration challenges. And as an integrator Iâ€™m really, really happy about that. And I think the manufacturers will be, too, because theyâ€™ll have choices, theyâ€™ll be able to take their features and benefits of their system and theyâ€™ll be able to design it around an architecture style that fits their features and benefits best.
Roehr: I think the marketâ€™s going to drive it at the end. If you look at the IT community, thereâ€™s 802.3 and 802.5, token ring and Ethernet, youâ€™d be really challenged to see anyone using 802.5. The market said, â€˜hey, we like this standard better than that.â€™ Multiple standards can be out there, but the marketâ€™s going to decide.
Zivney: I think the lesson here is, if you are a manufacturer or an end user making a selection, a specifier, one thing that comes across with all the buzzwords and acronyms, the numbers, youâ€™ve got to do your homework on these things. Youâ€™ve got to understand what these standards bodies are building on and the new ones theyâ€™re introducing, and itâ€™s all part of the IT progress of the IP technology that weâ€™re basing our industry and products on.
So, Iâ€™ll end this with an old saying, which you can see here, â€œThe nice thing about standards is that there are so many to choose from.â€
Thank you all for coming.