Lifespan of Electronic Access Control Systems

By: Brian Rhodes, Published on Jul 01, 2014

Just how long do end users hang on to access systems before they look to change? The answer may surprise you. Unlike video surveillance systems that turn over every seven years or so, the service life of access is much longer.

How much longer, and what is the impetus to change? In the update, we look at integrator survey results for the answer.

**** *** **** ** end ***** **** ** to ****** ******* ****** they **** ** ******? The ****** *** ******** you. ****** ***** ************ systems **** **** **** every***** ***** ** **, *** ******* life ** ****** ** much ******.

*** **** ******, *** what ** *** ******* to ******? ** *** update, ** **** ** integrator ****** ******* *** the ******.

[***************]

Systems **** *******

****** ******* ******* ********* are ** ******* **********, **** **** **** 70% ** ******* ******* 15 ***** ** ******:

**** **** **% ** responses ******** *** ***** stay **** *** **** system *** **** **** 10 *****, *** * huge ******** **** **** for ** ***** ** longer.

Why ** ****?

**** ********* ******* ** the '** - **+ years' ******** ********* **** maintain ******* **** **** been ** ******* **** long **** ** ********* plans ** *******, ** simply ***:

  • "**** ** *** ********* have **** ***** *** same ****-*** ******** (******* current **** ******* ********) for * **** ****. why ******?"
  • "**-** *****. ** *** not ****** **** ***'* replace **"
  • "********* ********* *****'* **** that **** *** ****** control ******, ** **** as ** ***** ** good ******..."
  • "** **** ** ********. until *** ****** ****."
  • "**** ** *** ********* use ** ***** ** breaks"
  • "*** ******* *** **** reason ** **** **** is ***** ** ******** hardware ** ******** **** is *** **** ** continue ** ******* *** may **** **** *** of*****."
  • "** ** **** **** that *** ******** ******* to ******* ***** ****** control ******. "
  • "** **** * ***** lifespan **** *** *** systems"

******* ******: ********* ****

**** ******* ** ******, the ****** **** *** coincide ******** **** ***, but **** *** ******* to **** * ****** operational ** *** **** of *********** **:

  • "****** **** ** *** hardware ** ****** ******, this **** *** ****** soon. ********* ** ******* new ******** ******* *** previous ********/ ************ ** longer ******."
  • "**-** *****. *********** **** typically*************."
  • "*** ********* ****** ** not ****** *******, ***** it **** *** ********* to **** *****."
  • "*** **** **** ** see * ********'* ****** is ******* ** **** they **** ****** **** necessary ****** ******* ********** from *** ************. *** majority ** **** ********* upgrade ***** ******** ******** and ********."
  • "**+ *****. *** ******** won't ******* *** *** panels."
  • "*****, **** **** ****** not ** ***** ** they ***'* **** **."

**** ******* ****** ** a *********** ** *********, as *** **** ** operating ****** ******* ******** as **** ******. ******* it ** ******* ***** parts ****** ********* ** procure, ** **** ********* support ***** ****** ** more ******* *********, *** users **** ****** ******* or ** ******* ** an ********* ****** ** upgrade.

Other ******* 

********** ******** ********* **** other major ******** ****** ** our '********* ****** ******* *******" ******:

*** *********: ***** ****** ******* systems ******* ***/** ********, and *** *********** **** to ********* **** ***** network ******* ** ****** them ******** ****** **** changes. *** *********** ** application ****** *** ********** afforded ** ** ******** connected ****** *** **** like ** ********** *********** compared ** *** ********* of ** ***** *******, but **** ******** *** been **** ****** ** the ********** *** ****-***** world ** ******** ****** control. ***** ******** ********:

  • "*** ************ ********* (**** as **) - ********* by *** *********"
  • "**-** *****. ****** ** always **** ** *** list, *** ****** **** internet ********** *** ******* not ******** **** *** systems."

*********** / ****************:** * ****** ******, overarching *********** ** *********** force ******. *** ******* cannot ****** ******* ********* encoding ** ********** ************* requirements. ******** ******* **** mergers ** *********** *** force ******, ** ******* and **************** ******* ********* platforms ** ****** ********** to ** ***-********.

  • "** ******* **** ***** technology ** **** ** complete ********-****** *******, ********* to ******* *********** **** other ******** *******."
  • "****** ** ***** ****** policy ******* ***** ********* hand's. ** **** ******* systems ****** ******* ** policy ******* **** **********."

 

Comments (10)

Two main factors:

(1.) Being built on mostly solid state hardware, alarm panels and ACS equipment will usually have a longer life span than systems dependant on spinning hard drives, or tapes and tape heads for predecessor systems. When I worked at a newspaper company we had dumb terminals still way into Windows 2000 systems and servers.

(2.) What better has the industry offered? ACS systems are 10 years or more behind mainstream technology and alarm panels almost 20 years. So what really has the industry offered up in the way of improvements besides the most begrudingly given babysteps of progress?

Hmm.. LDAP integration, Calendar integration, POE (9 years ago), browser based management experiences that run on any form factor, smart phone based credentials, tiered management for multi-site, deeper integration with video, rules engines that allow you to build virtually any functionality, should I stop now?

I agree that in general the security industry lags the general IT industry, but there's lots of innovation going on if you know where to look.

Our experiance in the Perth CBD market has been that generally a building owner will retain their access control technology for at least ten years before considering a change to a new platform. With the advent of IP connectivity to controllers and the abilty to "flash" new firmware upgrades in some systems to card reader level we foresee newer systems will be in place even longer. The change in elevator technology to destination control has forced many building owners to replace their access control systems over the past three years since older systems generally do not have the intelligence to interface to these systems at a high level.

Years ago, through a strange twist of fate, I found myself part of a small development crew which created the product now known as Honeywell Pro-Watch. One of the things we marketed (and I believe they still do) was the broad ability to support about a half-dozen other manufacturer's panels, not just Honeywell's Mercury-powered panels. We would go into sites supporting non-Honeywell boards for existing construction, with the premise that new construction would use Honeywell/Mercury panels, and older construction would be gradually replaced. While that generally proved true for greenfield work, the existing installations remained. To this day I am aware of hybrid sites where nearly all the system is on Honeywell/Mercury, but the orginal non-Honeywell panels, existing when PW was installed more than a decade prior, remain in place.

There are some truths in this industry:

First, access control is, at its best, invisible. At its worst, it is extremely disruptive. Workers don't necessarily know if a camera is down, a camera retains some deterent value even if it's down, and certainly workers don't need to be rebadged if you change out cameras, but everyone knows if a door isn't working.

Second, many door controllers are slaved to a host system or appliance, at which a "top-box" integration is usually implemented, extending usable life of older boards. I know of installations of 1980's-era panels, which nonetheless participate in modern IT integrations, due to logic implemented at the head-end.

Full disclosure: I now work at Mercury and of course our partners find value in our compelling features like SNMP, Zeroconf, TLS, biometrics, etc. That said, I know of end-user sites with 100 Mercury panels, and maybe 5 Thorn/Grinnel boards from the 1980's, but will not replace those 5 until they fail.

Jonathan,

You mention:

"I know of end-user sites with 100 Mercury panels, and maybe 5 Thorn/Grinnel boards from the 1980's"

Is there any feasible way to pitch them the benefits of buying/ switching to a newer panel? Is there not enough improvement in 2014 panels that 1980s boards are seen as just as good?

Nope. (in regards to feasible way to pitch, not lack of benefits)

You're probably thinking, "Why, young Jonathan, is this so?". Let me tell you:

The systems of which I speak are usually very large, like a large airport having expanded, but the original concourse largely unchanged. Want IP connectivity for that old panel? No problem. You can get an IP to RS485 converter terminal server from BlackBox for a couple bucks:

IP to RS485

Want an event on that old panel to trigger video recording on Exacq or Milestone? No problem...it's done at the host, now that it has an IP conneciton to that old board. Want LDAP integration so that cards are automaticly updated and synched with IT? No problem: Implement it at the host.

I would say that newer smart card technologies will finally start to give reason to upgrade those systems before they fail. However, even then one could get by with the HID (formerly Corestreet) F5 board which ultimately provides a standard weigand signal to a controller.

These are all partial solutions, but rips and replaces, especially of old stuff, can be very labor-intensive and expensive.

I think this trend is about to change dramatically. With smarter devices, such as smart cards and readers, and the "internet of things" being deployed, technology obsolecense is introduced into the equation. The legacy of these devices that do not do much and just work allows for the long term use. With advanced technologies comes the much shorter life cycle of the components. In this world it is all about power of the processor and how long can you continue to support the old ones. Readers might work for 20 years but the software integration and smarts of the devices won't keep up with expectations. So, I think the trend will be cut to 5 years. Certainly under 10. The base system might not change but the world of "refresh" will become a part of the access control industry and a new life cycle will emerge.

The challenge is the mindset of the end user. "We just installed that system" - yeah 7 years ago. Companies must adjust to the life cycle change and begin to think about access control like any other technology based platforms they buy. This could mean many more subscription service models in lieu of capital investments.

As long as there are significant labor costs involved with changing out door hardware, as long as badging offices exist, as long as new bells and whistles can be sort-of introduced at higher levels, I doubt you will see much shortening of the cycle. Maybe a little, and certainly there may be waves of upgrades here and there, but no wholesale shortening of the cycle.

It is tempting to use the smartphone analogy, but it is not a good one. When you go down to Best Buy and upgrade your iPhone every 2 years, it affects only you. You do not need to hire a union electrician to plug in the new USB Lightning cable. You do not have to come up with a plan have both your old phone and your new one working together for any stretch of time. The phone is limited in scope and you do not need to train anyone but yourself.

Example: Smart cards were introduced about 20 years ago, yet only now are really taking share from 125kHz, in spite of the clear benefits.

This is not to say that greenfield opportunities won't run the latest and greatest, as they will. I am just saying that the threshold for upgrades is really high when you have wires running through walls and people to train.

Was looking back at this report for some research on the topic. Does anyone think things have changed since 2014? Are there any new regulations or guidance presented by DHS, DoD, ISO 27001, CTPAT, ASIS, etc. that would add to this discussion today?

In the private sector, little has changed. As results have indicated, [even] OSDP has poor adoption.

However, in government and high-security sectors, regulations like FIPS-201-2 (PIV) have driven changes.

For those other entities you mentioned, I will research the scope and applicability of standards that may impact things.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

HID Favorability Results 2019 on Feb 21, 2019
HID favorability results were strong, in the 2019 IPVM integrator study of 200+ integrators, with a net +62% and low negativity as the table below...
HID Launches Origo To Fix Mobile Credential Problems on Feb 05, 2019
HID is releasing Origo, an overhaul of its mobile credential platform, this time drastically restructuring the way it is priced and packaged. HID's...
Top Metrics For Ensuring Integrator Profitability - Statistics on Mar 20, 2019
How do integrators ensure the profitability of their projects? As part of our profitability study, 100+ integrators answered the following...
Lenel Favorability Results 2019 on Mar 26, 2019
The positive news for Lenel is that integrators do not dislike them as much as they used to.  The negative news for Lenel is that integrators...
Manufacturer Favorability Guide 2019 on Jun 12, 2019
The 259 page PDF guide may be downloaded inside by all IPVM members. It includes our manufacturer favorability rankings and individual...
Poor OSDP Usage Statistics 2019 on Jul 09, 2019
OSDP certainly offers advantages over decades-old Wiegand (see our OSDP Access Control Guide) but new IPVM statistics show that usage of OSDP, even...
Mobile Access Usage Statistics 2019 on Jul 18, 2019
The ability to use mobile phones as access credentials is one of the biggest trends in a market that historically has been slow in adopting new...
Biometrics Usage Statistics 2019 on Aug 13, 2019
Biometrics are commonly used in phones, but how frequently are they used for access? 150+ integrators told us how often they use biometrics,...
Access Control Time & Attendance Guide on Sep 24, 2019
Access control systems can do more than lock doors. With little or no extra equipment, they can be used to track labor hours for employees...
"Severely Impacted" Mercury Security 2020 Leap Year Firmware Issue on Jan 17, 2020
One of the largest access controller manufacturers has a big problem: February 29th. Mercury Security, owned by HID, is alerting partners of the...

Most Recent Industry Reports

Motorola / Avigilon Drops ISC West on Feb 26, 2020
Motorola Solutions has pulled out of ISC West 2020 effective immediately, because of coronavirus concerns, IPVM has learned. This is done amidst...
Cancel or Not? Industry Split Over ISC West on Feb 26, 2020
The industry is split, polarized, over whether ISC West 2020 should run or be canceled. New IPVM survey results of 400+ respondents show heated...
Coronavirus Hits Sony, Bosch Says Switch on Feb 26, 2020
Sony's fall in video surveillance has been severe over the past decade. Now, they may be done. In this note, we examine Bosch's new...
Video Surveillance Cameras 101 on Feb 25, 2020
Cameras come in many shapes, sizes and specifications. This 101 examines the basics of cameras and features used in 2020. In this report, we...
Favorite Video Analytic Manufacturers 2020 on Feb 25, 2020
Video analytics is now as hot as ever, driven by the excitement of advancing deep learning offers. But what are actually integrator's...
Latest London Police Facial Recognition Suffers Serious Issues on Feb 24, 2020
On February 20, IPVM visited another live face rec deployment by London police, but this time the system was thwarted by technical problems and...
Masks Cause Major Facial Recognition Problems on Feb 24, 2020
Coronavirus is spurring an increase in the use of medical masks, which new IPVM test results show cause major problems for facial recognition...
Every VMS Will Become a VSaaS on Feb 21, 2020
VMS is ending. Soon every VMS will be a VSaaS. Competitive dynamics will be redrawn. What does this mean? VMS Historically...
Video Surveillance 101 Course - Last Chance on Feb 20, 2020
This is the last chance to join IPVM's first Video Surveillance 101 course, designed to help those new to the industry to quickly understand the...
Vulnerability Directory For Access Credentials on Feb 20, 2020
Knowing which access credentials are insecure can be difficult to see, especially because most look and feel the same. Even insecure 125 kHz...