Understanding Secure Device Communication in AV Control

Cybersecurity is a hot topic of conversation in the world at large and the AV industry is no exception.  As AV has become a specialized area of IT, it is critical that security best practices are implemented in integrated systems and devices.

For many years, the AV industry has relied on RS-232 communications to integrate complex devices that supported a robust API (Application Program Interface aka control protocol).  While this method was effective and required adherence to basic security measures, its exposure was limited by the requirement of a point-to-point connection within 50 ft with a custom communication cable.

With AV device communication migrating to the ethernet network comes the flexibility and standardization of connections along with convenience and vulnerability of being accessible.  Devices on an ethernet network tend to be reachable for communication by many other devices on the network and thus provide an easy target for security breaches.  As a result, many AV manufacturers who are developing products intending to communicate on a local or wide area ethernet network, including The Cloud, are implementing intense security measures to ensure their devices are IT approved and don’t become a weak link in the integrated system security chain.

As is the case with most security measures, the trade-off for effectiveness results in restrictions in accessibility and added complexity in communication.  Integration of devices through an API more and more often requires proper authentication and authorization before access to runtime functions is permitted.  The nature of the security protocol within a device API varies and dictates how a device will communicate with an AV control system or other outside source.  Additionally, devices accessed over a local network will likely have different security protocol than devices accessed through a cloud server.

Understanding and being able to master the security protocol requirements of a device is a major part of effective control and integration.  Even the most successful and experienced programmers may be challenged by some of the advanced techniques needed to establish secure connections, if they are not familiar with them.

For more technical details on some of the common security methods and how they are effectively integrated with control systems, please continue reading Decrypting AV Device Security for Control Programmers.

One way for manufacturers to overcome potential integration challenges and facilitate successful control implementation for their products, while ensuring secure communication, is through an investment in the development of control system modules/drivers/plugins.

If you would like to learn more about how Control Concepts helps manufacturers balance ease of control programming with secure communication through the development of modules/drivers/plugins that integrate with a variety of AV control platforms, please visit the Module and Driver Development page on our website, email projects@controlconcepts.net, or call (201) 797-7900.

Adam Hanson started his career in software development and has continued to hone those skills, while growing new skills in the traditional world of AV solutions and control system programming. To read his full bio, check out the Our Team page. Adam can be reach at adamh@controlconcepts.net or on LinkedIn.