Thursday, December 18, 2008

City center monitoring - Runnymede

This brief article about city center monitoring interests me because it is a 'simple' yet pragmatic setup. Both IP cameras and analog cameras (going into VIP X1600 multi-channel encoders), recording Direct-to-iSCSI managed by the Bosch Video Recording Manager.

And as Chris Lazzari rightly points out, "...enables [Runnymede Borough Council] to expand their network and storage requirements easily". That last point is particularly important to me. Estimating how much storage you're going to need is as much a guessing game as predicting how many miles till your tank is empty. It is very nice to have an easy way to transparently add storage, or add cameras, or improve recording quality, certainly without stopping, resizing/reformatting stuff.

Click here for the original article.

Tuesday, December 16, 2008

Bunny tale - BVIP allegory

I had so much fun writing this. If you ever wanted someone to explain the whole of Bosch Video over IP to you just as though you're a 7 year-old being read to at bed-time, then please feel free to check it out. Funnily enough it covers just about everything, but without the usual dryness of coventional formal corporate literature. If it's not too late to have a little laugh while learning, hope you enjoy it as much as I did, and leave me a comment if it made you smile.
A Story.

Monday, December 15, 2008

DCRI - surveillance levels

In his work for the US Army Night Vision lab, John Johnson developed a standard which, when you look at it, seems so downright obvious it's amazing it took someone this long to come up with it, as is the case with many great but simple concepts.

John Johnson realized that this simple comment 'We want a video surveillance system so we can see what's going on' is as loaded as it gets. The problem lies in 'what you want to see' and 'what you want to take away from it'.

He broke down 'seeing' into 4 steps, abbreviated to DCRI. D for detection, C for classification, R for recognition and I for identification. Let's take a deeper look at those.

I have a nice thermal camera (yes, I saved up for it) pointing at a distant treeline. I see a glowing blob moving through the trees. After watching it for a second or two I convince myself I have DETECTED something moving. Don't know what yet.

The guards are alerted.

It moves closer and appears a little bigger. I can see it is walking upright - it is certainly taller than it is wide. I convince myself it is human. I CLASSIFY it as a human. Good or bad, man or woman, I have no clue. but a person it is.

The guards are dispatched, along with some big slobbering doggies.

As it comes closer, and I now switch from my thermal camera to something that can reveal finer detail, I realize it is not moving at a steady walking pace - instead it is making erratic moves, almost trying to avoid detection and occasionally crouching. With IR illumination, and especially if it is in the spectrum where there is no visible light whatsoever so the person does not know he is under surveillance, I catch a glimpse of the clothing. The clothes, rifle and overall demeanor are a total give away. I know it's not a good person. I RECOGNIZE it as an intruder.

The guards proceed to engage.

As I zoom in I catch the face and other tell-tale marks of who it is. I have IDENTIFIED it not only as a man, but if I can't put a name to him yet, with the printed image from my video management system, I soon will.

How does Bosch take this principle into our development of products? Unlike many active IR and thermal solutions out there that claim only distance when it comes to their night vision products, Bosch infrared imagers provide performance parameters based on the DCRI principles…so what? It means you can effectively specify cameras based on what YOU are trying to achieve. Hopefully this posting will help you think about what the system really needs to do, which should in turn drive the right selection of parts.

DCRI - equally valid during the day or night. Simple, but effective. Wish I'd thought of it.

Friday, December 12, 2008

In the dark

In the dark, a couple of wierd things happen besides not being able to see very much.

With conventional analog video or digital/IP video, the image certainly looks worse as contrast fades and AGC (Automatic Gain Control) kicks in, amplifying the weak signal but simultaneously, the noise and hurting the signal to noise ratio. I refer to this ants crawling all over the screen, but please stop me if I get too technical. Snow storms, or as one colleague puts it, the equivalent of the 'shhhhhh' sound in the audio world. The other thing is the shutter speed slows to let in more light, which naturally leads to blurring (especially noticeable with Megapixel cameras, but by no means exclusive to them). This is not noticeable in a static picture, but when you most need it, when a person or car goes by, you have to ask yourself was it a bird, a plane or some other extra-terrestrial object? The point is that for security and surveillance video it might still be 'good enough'. You might say 'I can see what I need to see', and quite rightly, no-one should argue as long as you're happy.

But a second thing happens in the IP video world, the noise in the image makes the compression engine go wild, because (i) it thinks almost the entire image is moving (like a PTZ) and (ii) there is no stable part of the image which it can simplify through redundancy (like a person walking down a corridor). This makes the compression engine beg for more bandwidth in order to adequately represent the image and this puts a strain on the network and consumes more disk space (which is often half the cost of a CCTV system). If you do not feed the engine's appetite with more bandwidth, it will do the only thing it is allowed to do - oversimplify the video, either by making it horribly blocky or just unashamedly drop frames leading to jerky video. This is particularly evident in WANs and wireless networks, but I've even seen it on a LAN with one switch.

The third impact of low light is that machine vision, that gave us modern day video analytics, simply collapses in a blubbering heap. Near-zero contrast and noisy motion all over the image overload the analytics so that it can neither detect key objects nor track them. Video analytics just doesn't work in the dark.

In our experiments with active IR illumination, the improvement in the quality of the image is jaw-dropping. You have to see it to believe it. PowerPoints, video clips and brochures just don't cut it. It's like looking at a monochrome image in broad daylight, because, well, that's basically what the illuminator is giving you. We've watched bitrates slashed by 30-80% down from their peak values in the dark, just because the video is clean. Finally, and I don't quite know how to quantify this better, video analytics doesn't work in the dark, but it does in the light.

Of course you don't have to use active IR illuminators, you can use white light, which also acts as a deterrent. However IR consumes very little power and generates little to no pollution. Another option is thermal imaging, or passive IR. This comes at a very different price point but is excellent for long-range detection that 'something is out there'. You don't know what yet, but it warns you to take a closer look, possibly with a camera and lighting that reveals more detail.

So lights aren't just for better video, although that's a good enough reason when you do a side by side comparison. It affects network bandwidth, disk space consumption and whether or not your analytics dollars are going to deliver on their promise or find nothing, or maybe worse, swamp you in thousands of false alarms. Nasty, nasty ants.

Click here for a video clip

Sunday, December 7, 2008

Many Little Places...Far, far Away

Sometimes we all get a bit over-excited about our full-blown, nuclear-powered IP video solutions - the power, flexibility and sheer potential of this sledge-hammer. It is easy to overlook some ridiculously trivial ways to solve certain problems. For this reason, I wrote this little document that describes a few ways of solving the serious challenge of monitoring a large number of remote locations.

The scenario pulls together a number of classic challenges, not all of which will apply in every case, but some might. The locations might be far apart, possibly linked by a low bandwidth WAN. For economy or practicality of installation, the WAN might be wireless (RF, laser, microwave etc.), with intermittent up-time. The place might be in the middle of no-where, and might rely on solar power with somewhat fluctuating power. The environment maybe a little uncomfortable - not exactly your average IT rack where you otherwise may have installed a PC. It may be cold, dusty, even quite dirty. Humid or shaky. There my be limited space for equipment. There may be pressure to reduce the amount of light pollution in the area.

Out of 365 days you may only want see one of the cameras once to verify an alarm, otherwise you really don't care as long as it's reliably recorded, and you can export the video for use as evidence, obviously without having to physically go there. You may only need 1 to a small handful of cameras. Traveling to these sites might be a very expensive exercise, and so once installed you really never want to go there again. You may have a small fence with traditional intrusion detection, linked to a central monitoring station. You may be considering using video analytics to add an extra layer of detection, since you already have the cameras installed, and you figure they may as well serve a dual purpose so you get your money's worth.

Click here for Many Little Places...Far, Far Away. Enjoy.

Monday, October 20, 2008

It's a kind of magic

I came across Geoff Moore's blog posting "Is IP camera performance actually up to the job?" from a friend of mine. It is one of those commentaries from someone who understands what real people need, and expect from their video surveillance system. After slicing his way through people who over-sell by adding a dose of cold reality, he comments freely and objectively on the strengths and weaknesses of the FlexiDome analog cameras and then Dinion IP cameras. He remarks on low-light performance and I hope that Black Diamond IR illuminator additions from the Bosch Extreme portfolio will help these, and other cameras, perform better. Not only for image quality, but bit-rate reduction and much less error-prone video analytics.

Perhaps most interesting is his personal comments on the impact of low light on Megapixel cameras, which in turn affects usable framerates to avoid blurring. Since he covers so many aspects of technology and is very down to earth, I thoroughly recommend a quick read.

Saturday, October 18, 2008

Online videos

Sometimes watching someone explain stuff is just so much easier than reading the manual. We're all human. There's a whole load of videos here, ranging from product features to contrasting night and daytime videos, with and without IR illumination, to how to setup video analytics and what to watch out for. If you want, click on the thumbnail to open open the video window and then download it to your machine so you can watch it later.

Wednesday, October 1, 2008

53% global market share

According to the 2008 IMS report on Video Content Analysis, in 2007 Bosch had more than 53% of the global market for Intelligent Cameras and Encoders. And for Bosch Video over IP, 2008 is seeing tremendous growth, fuelled primarily by VCA, Direct-to-iSCSI and Recording at the Edge.

To understand how Bosch has achieved this global leadership position it's important to know that Bosch IP cameras and encoders support three levels of VCA depending on the application. The first two levels are targeted for mass-market use and are consequently included with every device.

At the most fundamental level all compatible IP cameras and encoders support Tamper Detection. This is the ability for the device to detect that the image has globally changed (cameras moved) or has become uniform (sprayed, masked, hooded etc.).

At the second level, all compatible IP devices support Motion+. This enhanced-motion-detector is the ability for the device to detect that an object is moving in the scene. It is more than just motion detection which is typically based on pixel changes, because Motion+ can, for example, alarm when an object is moving left to right, but not right to left.

At the licensable third level, all compatible IP devices support Intelligent Video Analysis (IVA), or 'High-End Analytics'. As Bosch's flagship VCA offering, it reliably detects the most popular behaviors, including loitering, idle object, object removed, trip-wire, trajectories and color detection. It is tolerant against weather conditions, and can disriminate between object size, speed and direction to reduce the number of false alarms. It also includes a calibration tool to take perspective into account.

IMS recognizes Bosch as the global leader in the first 2 levels of analysis with over a 50% global market share, as they provide a key differentiator to our customers who want an IP camera or encoder with more intelligence built-in. IMS also recognizes Bosch as a global player in the 3rd level, high end analytics.

Bosch is clearly targeting the mass market and is set to achieve this because it manufactures its own IP camera and encoder hardware and develops its own VCA functionality. An IVA license typically only adds another 25% to the cost of the hardware device itself, a cost that is not per analytic feature - the single license covers all features.

One other factor will drive the accelerated growth of IVA at Bosch - the recent release of our Extreme IP cameras, especially with IR illuminators. For an acceptable image you can get away with a certain level of lighting, but for 24-hour intelligence without continuous false alarms caused by AGC, you need good lighting. And while white light is great, IR does have several advantages not least of which are lower power consumption and therefore lower running costs, but also the minimal impact to the environment because of the absence of light pollution.

Bosch customers have chosen premium Bosch Video over IP devices because they want a system that can grow without replacement. With the release of the licensable IVA v3.5, Bosch has experienced a surge in customers simply calling in to activate IVA on their existing IP cameras and encoders. With the large population of Bosch devices already deployed globally, we expect this trend to accelerate as people discover the added value of activating Bosch IVA in the hardware they already have installed - moving Intelligence to the Edge.

Bosch is proud to be acknowledged by IMS as the global market leader for low-end video analytics, and is watching as the population of already deployed devices is being licensed to run the high-end analytics.

Friday, September 19, 2008

4CIF - resolution or image size?

In a previous posting I commented on how people claim to be able to sell a 4CIF solution that uses the same amount of storage as someone else's 2CIF. This is only true if you are using an equal bitrate because of some differentiated compression technique, but if the technique is basically the same, say conventional MPEG-4 Part 2, then it's usually a price war that is forcing the low-bidders to cram video into an abnormally thin pipe, and end up with an awful picture caused by over-compression.

But there's something else I'd like to say. It's not life threatening but it sadly reflects a lack of understanding in our industry.

There is a way to improve your video (assuming you let the bitrate rise with it of course) - move from CIF, to 2CIF or even 4CIF. But what is CIF? It is the name given to the number of horizontal and vertical pixels (picture elements) in an image. For the purposes of this posting I'll stick with NTSC, which has 480 horizontal lines from top to bottom.

A CIF image is 352 pixels across by 240 down. 2CIF has double the information going across, i.e. 704 x 240, and this is useful because the human eye is more interested in left-right activity than up-down - so more information the better. 4CIF is as good as NTSC gets, a full 704 x480.

What we have described here are a number of different image sizes, exactly like computer monitors used to be IBM's 1987 VGA (640x480) or SVGA (800x600) right up to QXGA (2048x1536). Notice I haven't used the word resolution yet. But isn't VGA a resolution? No, it's an image size.

We can better define resolution as pixels per inch (ppi), just like printer resolutions are often measured in dots per inch (dpi). And it is this tie in to distances in the real world, the monitor, that is of fundamental importance.

If we had a monitor that measures 704x480 and we put it into quad mode, then a CIF image in one quarter of the screen will look identical to a 4CIF image right next to it in another corner. The only difference is that the 4CIF image consumes up to 4 times the bandwidth to carry the detail we cannot see until we digitally zoom in (typically on recorded video). So now imagine standing in front of a PC video management system, showing 16 cameras in a 4x4 array. If the monitor is a modest 1024x768, and even if all the screen was used to show video (which is not the case), then each image has 256x192, which means you will not see any difference between CIF and 4CIF until you make one camera window much larger.

So, if you have a fixed size camera window, then as you increase your image size (CIF, 2CIF etc.) your resolution increases (there are more pixels per inch on the screen) and clarity increases, so there is clearly a close relationship. However if you increase your image size (CIF, 2CIF etc.) but you also increase the size of the camera window, your resolution will not change and the clarity stays exactly the same.

Resolution is influenced by image size, but not only by image size. They are related but not the same thing. It is the same lack of understanding that causes people to be clueless when scanning in 5x7 photos at extremely high resolutions (say 8MB per photo), and being confused as to why it looks identical on a computer monitor as a 100kB version of the same photo. It is because computer monitors are generally limited to resolutions of about 72-96 ppi so anything higher is simply not visible. Another good example is home digital cameras which are now in the 8-10MP range, yet, unless you zoom in or print out at poster-size, the image actually looks identical on a PC monitor as a humble 3MP camera. All you're doing is taking up more hard drive.

There you go - 4CIF is an image size, not a resolution.

Saturday, September 6, 2008

Intelligent video analysis at the edge

In Sam Pfeifle's recent Security Systems News article ( "Milestone aggregates analytics" he quotes Milestone Systems' Chief Marketing and Sales Officer, Eric Fullerton:

"It's a myth," he [Eric] said, referring to the trend toward putting analytics on the edge, on cameras or encoders, "to think that you're going to reduce what you send back over the Ethernet. You're going to need to have the full recording." But, he said, those analytics are great for creating metadata and tagging video as it's streamed back.

Eric is spot on. People are going to stream video to a centralized recording system, regardless of whether it is an NVR or Direct-to-iSCSI, in which case there is no way you are going to send alarm video only. The only exception to this is if you're Recording at the Edge, as in the case of Bosch's encoders with embedded storage. In this scenario video is never transmitted across the network to be recorded, so analytics at the edge does not affect this either way. If you consider a telecoms operator with 5,000 cell towers, with the need for analytics and recording at each location, then analytics at the edge becomes very attractive, with the benefit of the edge sending the actual alarm to some centralized point for processing.

Eric is also completely right about the critical value of metadata, which is information that adds value to the video. And edge devices have the responsibility of creating and sending this metadata, which is precisely what the Bosch encoders and IP cameras do. Data like 'A red object stayed in this area of the image for 3s, then moved to this other area for 30s'. The secret behind unlocking the power of this metadata is not only in aggregating them to provide better false alarms, but also in being able to do forensic searches. Such searches are always done on recorded video, and by definition are done after the fact. They allow you to mine months of video searching for whatever you want, even if you never thought of setting up the rule months ago. For example, 'tell me everytime someone parked in front of the main gate in the last 4 weeks'. Bosch has developed such a tool, called Forensic Search which is a licensable part of Archive Player. I personally find this feature to be invaluable because it allows me to record a day of video from a real camera with real and typical events I want to detect, and then to test whether my rules work. I get instant results because I don't have to wait for the events to happen in real time.

I agree that metadata is critical, which is why all Bosch devices stream copious amounts of it, because, more often than not, you don't know what you're looking for until it's happened and then you're busy looking for a needle in a haystack because your rules weren't set up before.

Finally a comment on pricing, or as Milestone's Channel Marketing Manager Mark Wilson alludes to, value. Yes, prices will continue to drop while accuracy increases. For unit costs to drop sustainably I suspect the number of deployments will either have to rise or the cost of sale will have to drop. It's these reality dynamics that have brought Bosch to the point of delivering embedded intelligent video analysis in all our encoders and IP cameras, with a functionality set and price point that is targeted at the mass market - the everyday applications like watching for people loitering, smoking on fire exits, leaving shopping carts or boxes by doors, people but not small animals crossing a 5 mile perimeter fence line or cars parking next to it.

Although I agree analytics could live anywhere, there is a strong argument for keeping 'everyday analytics' at the edge, including metadata generation, bandwidth minimization via recording at the edge and the sheer economies of scale of dividing the workload among many tiny edge devices, not to mention the elimination of the single central point of failure.

Tuesday, July 1, 2008

The spare 5th tire

No more sitting around doing nothing.

There are all kinds of ways to achieve system reliability, or more precisely system resilience against some kind of failure. They usually involve some kind of redundancy rather like having that 'spare 5th wheel' for your 4-wheel car. When it comes to NVRs the classic approach to resilience is to have say 4 NVRs in constant use, and keep a 5th sitting idle hidden away somewhere, unused but eagerly awaiting the single command to spring into action, to take over the recording responsibility from one of the other 4 that has just been detected to have failed for some reason. This kind of automatic failover is well-known as "n+1 failover" and is in widespread use today. In the car analogy, n=4 and the '+1' is my spare in the trunk.

Upon inspection, n+1, though completely effective, is not very efficient. I have to pay for one NVR to sit around all day doing nothing except aging and worse, slowly going out of warranty without seeing any action - it is my insurance policy where my monthly payments go into a dark hole. But in the real world I do not have a team of 4 employees working hard, and one sitting twiddling his thumbs waiting months for one of the 4 to fall sick and not turn up for work without notice. Instead all 5 work hard, and if one fails then the remaining 4 do their level best to pick up the slack. I do not have 1 power station powered up and ready, waiting for one of the other 4 to fail - all 5 run at below maximum output so that if one fails then the remaining ones again pick up the slack.

What is that called? n+0 failover? Load balancing? And how can that concept be applied to IP video centralized recording like NVRs offer?

IT offers such a technique through virtualized storage - the concept of taking a number of physical storage systems, in this case iSCSI disk arrays, and making them appear as if it were a single pool of shared storage. When this virtualized storage is managed, as is the case with Bosch's Video Recording Manager software, then all the physical iSCSI disk arrays are used equally - all the IP cameras are load-balanced across all the available physical storage. All the physical units are actively being used - you won't find one unit sitting idle waiting to spring into action and save the world. Now when a physical disk array fails, or becomes temporarily inaccessible (since they are network devices and may be located anywhere on the network and all networks need maintenance), the managing software simply sees the total pool of available storage as having shrunk slightly and instantly instructs the remaining physical units to pick up the slack. Recording does not stop - it continues and the remaining units just have to work a little harder to keep up.

Naturally if you do not want a system to degrade in performance (e.g. retention time) upon a component failure, such as a disk array, then you have to build in redundancy. You need to make sure that the remaining physical units are not running maxed out under normal conditions, else they will not be able to pick up the slack. If I have 5 ambulances in continuous 24x7 use, then I cannot survive a breakdown. However if each of the 5 is running at under 80% utilization then I have a chance. So maybe with 5 iSCSI disk arrays I achieve 38 days of video retention, and on one failure that temporarily drops 20% to the 30 days that I consider to be an acceptable minimum. Because the 5th disk array is not sitting idle, you improve your Return on Assets, by utilizing everything you own, to deliver more value (38 days) than you expected.

A final difference is that with n+1, you need a spare for every failure you anticipate. If you need to survive 2 concurrent failures, then you need 2 spare NVRs. In large or highly critical systems that is very realistic (think of the RAID 6 analogy, or NetApp's RAID 4 DP). However with this concept of n+0, as long as redundant capacity exists throughout the remaining system, any number of failures can occur, at any time - the remaining units just have to pedal faster.

Bosch's Video Recording Manager is not just about resilience. It is about squeezing the most out of everything you have and n+1 just doesn't do that. The simple concept of sharing the load is as valuable to fault tolerance as it is to not wasting storage just because you over-allocated space to a cluster of cameras that turned out to consume storage slower than another cluster. Bosch's Video Recording Manager pools all the available and active storage and allocates it appropriately to cameras on-demand.

One day n+1 failover will go out of fashion - not because of a lack of reliability but because of inefficiency. However since almost everyone's software architecture is based on it, it will inevitably take time.

No more sitting around doing nothing - it's time for everyone to pull their own weight.

Wednesday, June 4, 2008

Leveling the bitrate playing field

There’s a nasty game being played, and the end user always loses. Only last night I came across a project where a reputable competitor went in with a storage quote that was half their original quote. I first raised the issue in 2006 and I have since seen wiser specs written that protect the end user. But it is not yet common-practice and so I am reiterating it here.

End users demand that vendors bid comparable technologies against the written specifications for framerate and image size – and the vendors comply. But, what if one vendor gains a price advantage by tweaking an important factor that the end user did not know should be specified? All the security director has is two bids with two different prices that look equivalent on paper. How can they be sure to get what they need? What is the important factor used by all the vendors but not always explained? The simple answer: the bitrate.

Bitrate measures data transfer rate between the imaging source (camera) and the storage device for the video stream, expressed as bits per second (bps). Correct bitrates matter so much in surveillance systems because (i) bitrate caps the quality of the video stream with lower bitrates yielding lower quality video streams and (ii) appropriately compressed CIF images look consistently better than over-compressed 4CIF images even though it is common sense to think of 4CIF as being superior; (iii) bitrate affects storage needs: unreasonably low bitrates pack more hours of video onto a storage device but uses excessive image compression to get there, again losing video quality.

Imagine a competitive bid situation. Two vendors both recommend systems that meet the specs required, say 30FPS at 4CIF. However, one vendor may adjust the bitrate to create an advantageous price by reducing the amount of storage required to lower the overall bid (remember the framerate and image size still meet spec).

Adjusting the bitrate does not breach the customer’s spec and it does not mean that a vendor is unscrupulous or underhanded. Tweaking (lowering) the bitrate permanently removes image detail from the video stream, making the images look fuzzy or pixelated (blocky), depending on the type and degree of compression. It's a bit like you asking 2 artists to paint a mural on your 6x4 yard wall. That is the 'image size', that is exactly analogous to something like 4CIF. The first artist quotes $1M, the other $2M, because the first artist takes less than half the time because his brush is twice as thick. The paintings are the same size, 6x4, but the detail from one artist is much finer than the broader stroke work of art. Bitrate affects the amount of fine detail that is preserved in the final image. And the problem is that it only gets slightly worse as you use slightly lower bitrates. 10% lower bitrate means a marginally inferior image, which is subtle to the eye but a resolution chart will give you an objective assessment of the true resolution. Unfortunately in the move to video over IP many people are confusing 4CIF image sizes with high TVL lines of resolution, when in fact there is only a distant relationship. Bitrate has the final say.

By the way, I do admit that in the absence of objective measurements the acceptability of video is a subjective opinion, however objective measurements have existed since the dawn of time – we just seem to be ignoring them now. Frequently the video quality of the newly installed system is lower than expected but the end user has nothing else installed to compare it against and doesn’t know why what they asked for isn’t what they received. The problem becomes acute when using PTZs, busy scenes and low-light situation when automatic gain control kicks in.

This is where the end user suffers: they got what they specified but didn’t get what they wanted. They got an inferior 4CIF image where the fine detail they expected is lost.

End users deserve to make a fair comparison of every bid proposal they receive. They are entitled to full disclosure of all factors affecting the system’s price and most importantly they should simply demand to see a demo of the system using the bitrates assumed in the quotes. Otherwise they are being misled, with all the consequences that entails.

Click here for a podcast on this topic.

Monday, June 2, 2008

Back to basics

Converting our video from a fluidly fluctuating voltage analog signal to billions of digital ones and zeros cannot hide the fact that what we all really care about is how it looks. And it all starts with light. Especially for those of us that see IP cameras and encoders as merely network devices, it might be helpful to understand what's really going on.

Should I choose a fixed or varifocal lens? Do I need a day/night camera or IR illumination or both? Fixed, manual or auto iris? At night time what difference does deep twilight, a full moon or a quarter moon make to the lighting level and which type camera will cope?

I found this link to be helpful as both a refresher for video and imaging basics, or if you are new to security, then a library of the few basic building blocks everyone should know about video.

Click here to visit the Camera Learning Center.

Wednesday, May 14, 2008

Value of Stored Video

How precious is your stored video? Not very? Quite a lot? Very important, mission critical or drop dead important? These are the kinds of vague answers we hear that reflect your attitude toward risk. And that attitude drives the dollar value you are willing to invest to avoid losing the video you have gone to great lengths to capture and archive away for that rare incident review moment when it magically becomes more than just video - momentarily it becomes unimaginably precious.

This question is much harder to answer than it first seems, and understanding your options will help you make the right investment that suits your needs.

Hard drives follow Moore's Law - doubling in capacity or halving in price every 18m or so. This means that the 120GB hard drives of 3 years ago were tiny compared to the 750 GB and 1TB that are available now with 2TB drives around the corner. This technological driver has one major impact. Five years ago some customers could only afford low quality video which had lower resolution and frame rates. Now, customers are recording video for longer, a month instead of a week, 3 months instead of 1. Some customers, often regulated, store their video for a year, 3 years or even 5.

DVRs invariably have storage inside the box and you can easily buy DVRs with 2-3TB inside the box. If these hard drives are not configured with redundancy then if a hard drive fails you lose your video. It's not for me to say if this is acceptable or not because it depends on your situation. However, 3TB is a lot of video to lose by anyone's standards. Also, if a drive fails, typically it is not field replaceable and so you have to send the entire unit back for repair, including your sensitive video. At this point you can no longer control who watches the video and you have to rely on service professionalism and good faith.

An option is to configure the hard drives as a RAID - Redundant Array of Independent Disks, which immediately improves reliability because it can survive one drive failing. There are subtle differences between the most common RAID levels in CCTV, RAID, 4, 5 and 6, but the most common is RAID 5 and they all provide protection in case of a disk failure. If a drive fails, you don't even power down the machine - you just eject the faulty drive and insert a new one. After a few hours of the disk array rebuilding itself you are back to normal.

Currently DVRs rarely support RAID inside the box - it is far more common to attach an external disk array to a DVR (using a SCSI cable), and barely use the DVR's internal HDD. These off-the-shelf disk arrays are always more expensive, and noisy, than internal hard drives, but they are more reliable - and you can choose from many different manufacturers with subtly varying features. To achieve economies of scale you can sometimes share one disk array between 2 or even 4 DVRs - assuming the DVRs are co-located and all within a couple of feet from the disk array. Such disk arrays come in different sizes ranging from 2TB to over 10TB.

Disk arrays are often associated with centralized storage, which is why it is the default storage type for IP video where dozens or hundreds of IP cameras' or IP encoders' streams find their way across an IP network to reach an NVR server, and land safely on the directly-attached SCSI disk array. The alternative design is to use iSCSI disk arrays, and stream those same IP cameras and encoders directly to the disk array without going through an NVR - Bosch refers to this as Direct-to-iSCSI and it combines all the reliability and scalability benefits of a RAID disk array, whilst eliminating the need for NVRs, which are expensive bottleneck PCs running operating systems and anti-virus software.

But even with IP video, some people don't use RAID. For example some people use encoders with a small hard drive embedded in the encoder, or a direct-attached USB hard drive, or a removable CF card. Others are using tiny memory cards embedded inside the IP camera itself. These are reminiscent of the concept of a DVR and are completely viable solutions for specific IP video applications, and Bosch refers to this as Recording at the Edge, because the video does not have to traverse the network to get recorded.

I'm not suggesting that everyone buy RAID storage, after all Bosch sells both DVRs with embedded HDDs as well as RAID disk arrays, and as with all things one is not outright better than the other, but for a given situation one is likely to be more appropriate than the other. But I did want to share some of my thoughts, especially with those that could benefit from its value but aren't sure about taking the next step.

Friday, May 9, 2008

Cost Cutting with IP Communications for Fire/Intrusion

For the past few months, we've focused on IP video topics, but it's time to switch gears a bit - since this blog is dedicated to all IP security-related topics - and recognize some of the benefits of using IP with intrusion and fire systems.

Likely one of the most important benefits for the end user is the ability to reduce operating costs by using IP for communications between control panels and the central monitoring station and eliminating the dedicated phone lines previously used for these communications.

Davidson College in North Carolina provides an excellent example of this. The college's IT staff recently challenged their integrator to engineer a way to shift the primary monitoring infrastructure to the campus fiber network. The integrator recommended using IP communications modules, so the college could continue to use their existing fire and intrusion control panels, while communicating to the central monitoring station over the Internet.

At Davidson, 70 fire systems from a variety of manufacturers protect the residence hall, classroom and administrative buildings throughout campus. All of these systems now communicate to the central station using IP as the primary communication method. If the network fails, phone lines connecting the panels to the college’s PBX switch serve as the back up.

Previously, two phone lines connected each panel to the PSTN for communications, requiring 140 dedicated phone lines. By eliminating the direct connections to the PSTN for each panel, the system's operations costs have reduced significantly. Davidson's IT project manager reports that the college has already experienced a 50% cost savings, and he expects that number to increase to 75% in the near future.

For many customers, cost savings is just one of the benefits of IP communications for fire and intrusion systems, albeit an important one. We'll explore some of the additional benefits in future posts.

Friday, May 2, 2008

Tangled in technology

Something happened to me at ISC that I wanted to share. I met a really smart guy, who was indirectly connected with a fascinating technology sector - they make tiny converters that allow IP devices to reuse an existing coax cable infrastructure. As one of the global players that will drive his business he wanted to know my opinion on the future of this segment as the ratio of IP to analog cameras, though still a minority, continues to rapidly increase.

He argued that you could switch from analog cameras to IP cameras without recabling, just by adding pairs of these devices in a point to point manner and then have the head-end of the cable go into a regular network switch. And the cable reach is impressive too.

I was suitably impressed and I can see niche applications, however he seemed disappointed by my general lack of enthusiasm for the possibility that this was the silver bullet that was going to accelerate wide-spread IP video adoption. I asked him under what circumstances would an end user climb up a ladder, or maybe even rent a cherry picker truck, dismantle a camera housing, disconnect and remove the perfectly functioning analog camera and throw it in the trash can, install an IP camera at more than twice the cost, connect it via 6" of CAT-5 to his fascinating connector, which in turn gets connected to the existing coax, power up the new camera (but without the benefit of power over ethernet), realign and refocus (sometimes by holding a cross-over cabled laptop in one hand while adjusting the camera while standing on the ladder). All so that you can view the same image you had in the first place! Except of course NTSC IP cameras can never look as good as analog cameras because they modify the image, introducing artifacts. So in fact the picture looks worse than when you started. And of course, you would have to repeat this for each and every camera.

Of course now we can dual stream, record on NVRs (or Direct-to-iSCSI), run embedded analytics and view the video from the other side of the world -- all the benefits of IP video. But in this common scenario couldn't we have just walked into a closet and simply installed a multi-channel encoder where the old coax cables terminated anyway, and get the identical end result?

I see the converters as offering a great solution if you are going to install Megapixel cameras, or if you want to combine multi-channel encoders from various closets. But it is rare to find a closet nowadays that does not house a network switch anyway so again, what is the high-volume application for today?

Is this a classic example of technology for technology's sake? An engineering dream that invents something without an understanding of what the market really needs? And if so, how common is this among manufacturers today? Remember that today the volume of Megapixel cameras is dwarfed by CCTV IP cameras, in turn dwarfed by analog. That is the story as of ISC West 2008 anyway.

Tuesday, April 22, 2008

Rocket Scientist Syndrome

I don't know if rocket scientists are the cleverest people alive, but that's how the metaphor goes.

And so the myth perpetuates - to do anything that requires expertise, requires you to be clever, maybe even a genius. My opinion is that to do something that requires expertise, you JUST need to be qualified. To be qualified I mean you have to have the technical/academic qualifications, backed up by some experience.

Just like I wouldn't have a rocket scientist give me a hair cut, I don't want someone unqualified to set up my network to handle my IP video, including all the firewalls, VLANs and multicasting parameters etc. Is it something that unqualified people try to do? Yes, unfortunately everyday. I have seen IP cameras and an NVR connected by a 4-port Linksys hub. Yes - a hub, not even a 4-port switch. They ran with choppy video for over a year before I climbed behind the dusty racks and asked the obvious question, phrased in an utterly predictable way, which I will leave to your imagination.

Video over IP is not rocket science, but to those that are unqualified it seems like it. And those that most need to harness its power are often the least qualified. Among manufacturers, dealers, system integrators and installers, I have watched only a small minority successfully learn networking. I have seen many more achieve the same end-result by sub-contracting - by bringing someone in to be the specialist. And there are plenty of them. Finally, I have even seen experienced IP video dealers offer expert consulting services to competitive dealers for specific projects - basically the market-place is self-organizing in order to survive.

To an IP-savvy person, its not video, it's data. It's not an IP camera, it's just another device on the network. It's not an NVR it's a server app and it's not an iSCSI disk array, it's nothing more than a SAN. They never look for a red LED on the front of a rack of equipment - they just wait for the SNMP trap to trigger a message to their iPhone. They know little if anything about camera positioning, backlight compensation, framerates and resolutions, AGC, PTZ lag and intelligent video analytics plus hundreds of other issues that make video security experts, experts.

My recommendation to all contemplating entering the domain of Video over IP - don't be afraid of what you don't know, just acknowledge the gap and bring in the expertise. Start looking for network-centric folks to supplement your staff, or start looking for those rare gems in your staff who are capable of learning about networks and send them to them to school. Maybe I've given my answer to how convergence will be achieved - more by the transfer and integration of people of different disciplines rather than by the osmotic transfer of knowledge.

You don't have to be a genius to tackle IP video. But you do have to know what you're doing, or know someone who does.

Tuesday, March 25, 2008

Is video analytics for real yet?

My short answer is yes. My long answer is still yes it is, but under certain conditions and for a price.

Pixel based video analysis has been around for years. Available for free, we have all referred to it most commonly as simple motion detection. Video Content Analysis, also known as Intelligent Video Analytics (IVA), jumps beyond analyzing pixel changes and seeks to identify discrete objects in a scene, track them through it and draw conclusions about their behavior. Video content analysis 'knows' the difference between the near-random rustling of leaves in a tree-line versus a group of people walking together along the sidewalk underneath them. Pixel-based algorithms don't have the slightest chance of accomplishing this, which is why they are rarely used outdoors. However they have very high success rates indoors in quiet corridors where nothing interesting ever happens, normally.

So if IVA is ready for prime-time, then why isn't it all around us? There are a bunch of factors at play here. Surprisingly the first is not reliability nor price; it is experience. How can someone sell and install IVA unless he has learned the hard way from previous installations? And if that expertise has to come from the manufacturer then that automatically drives up the cost per channel because of the increased cost of sale, which is the second factor. Prices vary from several hundred dollars to $4,000 per camera depending on the architecture and the kinds of behaviors you want to detect. Government, airports, military and critical infrastructure may be able to justify it, but what about the Elementary School that wants to stop people parking in the fire lane in front of the school? I could put reliability as the third factor, but really IVA works reliably under certain conditions - and it is experience that tells you what those are. So, I'm going to lump reliability with experience.

My vote for the third factor is total cost of ownership, commonly known as TCO. If you are doing video analytics on a bunch of liquid nitrogen-cooled PC servers that have more quad-core processors than an octopus has legs, then according to published data from the Meta Group, SAP and Gartner, the TCO for a PC is 1-5x the capital investment per year. So a $10,000 server costs another $10-50K per year to keep the little LEDs flashing on the front. Extrapolate that for 3 years to see how much these analysts estimate the system really costs you. I'm not saying that server-based analytics is bad; indeed it can do things that embedded analytics cannot; however, at least know the true cost of the system - not only in initial capital but also the maintenance, UPS power for the servers as well as the cooling, which has to be beefed up to cope with all the servers, and finally the rack space. Yes, IVA has a very real environmental footprint, but it hasn't hit most of us in the face yet because we have so little experience, because it hasn't become mainstream yet.

If Experience, Initial Price and TCO are preventing the mass market adoption of IVA, what has to change? Time will give us experience. And in my opinion moving the intelligence to the edge away from centralized PC servers, and detecting 'the most common' kinds of behavior using algorithms embedded in the edge devices will deliver much more acceptable TCO figures, drive up volume and consequently drive down unit price, bringing intelligent video analytics to the masses. And just like simple video motion detection, that's where it's needed most.

Saturday, March 15, 2008

What is Video over IP?

Since this is my first post I thought I'd start off with a simple question, one that unfortunately doesn't get asked and more often than not leads to fundamental arguments about just about everything that follows. What is Video over IP?

Should be simple enough, but there are extreme purist views, and miles of gray in-between. At one extreme they declare a 'traditional' IP camera, such as is common-place in CCTV, must be used for it to be IP video. The more liberal view is that an analog camera connected to an encoder, or IP video server, is also acceptable as conforming to the label of IP video. Then the purists kick in, taking the stance that only megapixel cameras are true IP video because they break the NTSC/PAL shackles and anything else is a waste of time. At the other end a DVR with a network port on it is considered by some to be IP video, allowing the user to view live and recorded video from anywhere on the network. Somewhere in-between you have IP cameras and encoders with onboard storage (something I refer to as Recording at the Edge) which play a dual role of pure IP streaming device and DVR. Everyone talks about convergance of IT and physical security, because it helps to sell more pure IP video systems. But not many people are talking about the pragmatic use of multiple concepts to solve a given problem. It is this same merger of concepts that brought us the iPhone, Pearl, combo fax/ printer/ scanner/ copier/ and coffee-maker.

I take IP video for what it is - a system which somewhere in its architecture uses the IP network to get video from point A to point B. This abstract view covers all the scenarios above, giving each manufacturer the chance to differentiate themselves by justifying why their view is right and everyone else is wrong. A few manufacturers have all their eggs in one basket - they have only one solution, so by definition it has to be the only right one. I'm never going to say they are wrong, all I will say is buyer beware when you are presented with a prescriptive solution with little or no options. There's always more than one way to skin a cat, and the end-user is entitled to know as many as he or she is ready to hear.

The beauty of IP video is the architectural flexibility it offers, and consequently the things it makes possible. View at one quality, record at another. Record in 2 locations in case of a disaster. Move the monitoring station at a moment's notice. Share storage. Reuse existing infrastructure or just lay one cable. There are many more advantages, and constraints, that with your help I hope to explore in future posts. I welcome the challenges and corrections, in fact I positively encourage it otherwise I would be contradicting the multi-view world I believe in.

Thursday, February 21, 2008

School District Installs End-to-End IP Video System

The IT department at Dallastown Area School District, near Harrisburg, Pennsylvania recently installed video surveillance technology in the area’s high school and middle school. Now, more than 70 IP cameras monitor the hallways and cafeterias, and the school district plans to add 50 more cameras to the facilities by the end of the 2007-2008 school year.

For recording video, the cameras stream signals across the district’s separate security IP network for storage on five RAID arrays, called a storage area network (SAN). Video recording management software divides the total capacity of the SAN into one Gigabyte blocks and allocates storage for video recording to each of the IP cameras as needed.

With cameras that stream to a SAN, the district avoids using PC-based network video recorders (NVRs) – equipment that would have required extra time and funds to support over the life of the system. The district’s streamlined system design along with the use of video recording management software made installation easier. For example, recording settings were programmed in less than a day compared to the five days that would be required for a similar-sized NVR-based system.

The district also benefits from Power over Ethernet technology, which enables them to use Ethernet cables to power the cameras. By eliminating power supplies for the cameras, the district's wiring closets are less cluttered and troubleshooting potential cabling issues will be easier.

The IT department also plans to install IP cameras around the exterior of the school buildings. Adding cameras will require additional

The district already has five rack-mounted disk array chassis to which they can add hard drives as more storage is required. Since the video recording management software makes the video surveillance system extremely flexible, the IT staff can simply click a button, and the software will recognize the added storage and make it available to all of the system’s cameras.

Further demonstrating the flexibility of the system, the IT department was easily able to increase the resolution of certain cameras in areas of the school with high activity after the initial installation and set up. These changes were made without stopping the system from recording.

Wednesday, January 2, 2008

Network-Ready Access Control Installation

Bosch customer Associated Engineered Systems, Inc. (AES) recently installed a browser-based access control system for an engineering solutions company, Innoventor, Inc -- a St. Louis-based company with a facility that is 26,000 square feet.

Innoventor wanted to provide complete facility access for its full-time employees, while limiting access for its 14 contractors. The staff also needed a way to determine if their colleagues remain in the building before arming the alarm system each night.

Along with the browser-based system, AES installed an LCD touch screen, which is continuously logged into the access control system, near the facility’s alarm keypad. Employees can now see who is in the building right from the LCD screen. The last employee to leave each evening no longer has to walk the entire facility to determine if any of their colleagues remain in the building before arming the alarm and exiting. The information is right at their fingertips near the exit.

By integrating the access control system with the alarm system, AES enabled Innoventor to also limit access to the facility for contractors -- company policy states that a full-time employee be present whenever a contractor is in the building. If the alarm is armed, indicating no employees are in the facility, contractors are not allowed access to the building.

When the alarm system is armed, the access control system also automatically locks the building’s overhead garage doors and roof hatch, so these doors are never unintentionally left open.

The system secures a total of 10 doors throughout the facility.