*This research report is on pre-sale. Purchase now and save 10%. The estimated release date is February 7, 2020 (currently in draft peer reviews).
OSDP (Open Supervised Device Protocol) is a specification developed by the Security Industry Association (commonly referred to as “SIA”), and most recently voted to becomes a standard by the IEC. Intended to bring overdue improvements to securing, managing, and supervising access control devices, it’s designed to provide the market with a path toward interoperability between heterogeneous manufacturers within an end user environment.
While the benefits of OSDP appeal to both end users and manufacturers, the OSDP specification is written primarily with manufacturers in mind in the form of technical design consideration, data structures, syntax, commands, etc. In essence, the specification emulates guidance for manufacturers as to “how to build OSDP into a product”.
The objective of the specification is solely to define a protocol to perform communications between two devices. How applications handle invoking the protocol (or receiving any data associated with it) is out of scope. Collaboration between industry manufacturers was undertaken to define, develop, and produce the specification limited involvement from the end user community.
However, a core part of successful end user security programs is for them to determine what challenges they want to solve and if such solutions operate in a specific way that would enable the best-fit for their success in their unique environment. This would include not only capabilities but also a clear understanding of potential limitations.
As written, OSDP makes no apparent attempt to provide end users with this perspective. As a result, OSDP requires a great deal of knowledge and interpretation on an end user’s behalf.
This report represents a body of research that has deeply studied the specification, manufacturer and industry participant’s intent, and end user’s requirement. It’s designed to provide end users with insight to determine whether OSDP is a feasible path to meet the goals of their security program through a contextual understanding of the specification, its advantages and limitations, key considerations, and relevant points of reference to the evolution (and dependencies) of their security programs.
*Each report licenses includes an OSDP requirements tool (excel) that maps end-user recommended program improvements to OSDP specification commands which can then be used to define and assess specific vendor implementations.