Additional Resources Share Your Solutions Ask A Question How Tos Facts and FAQs What Is FireWire? FAQs For Developers Working Groups Assigned Codes Technical Bulletins Specifications Compliance Program Overview Tools For Developers Networking Entertainment and Consumer Electronics Computers and Peripherals New Products Featured Products Contact Bylaws TA Logo Working Groups Board of Directors contact Members List Join the 1394TA Member Benefits What We Do Pro-Audio Mass Storage Imaging / IIDC Home Entertainment Computers cables and Connectors Automotive Automation / Controls Aerospace Where To See FireWire PlugFests and Compliance Workshops Quarterly Meetings Press Contact Newsletters Resources White Papers 1394 In The News Member Press TA Press Releases
     
  1394 Trade Association

Change Text Size

 
FireWire In Action 1394: Under The Hood Products About the TA 1394 by Industry Events Press
 

1394 TRADE ASSOCIATION TECHNICAL BRIEF

1394 Maximizes Value in Security Camera Networks

by Dimitrios Staikos, Codemost Technology Ltd. Inc.

Companies making security and surveillance Systems that rely on multiple cameras are facing a major technology transition – the swap to an all-digital system. That transition will necessitate a digital network that links all of the cameras in an installation. Video-centric security systems in the past have typically used analog connections that link remote cameras to a surveillance control center. Older systems have even stored video on analog media such as videotapes. More modern analog designs digitize the video using servers in the control center. Industry-standard compression techniques yield video that is stored on disk drives for quick access and the ability to jump instantaneously to any timestamp in a recorded stream.

There are a number of good reasons to move to an all-digital security system with the compression/encoding step being integrated directly into a smart camera. With codec ICs and fast-and-affordable microprocessors enabling real-time compression in the camera, the amount of equipment, and the power and cooling requirements, in the surveillance center are greatly reduced. Moreover, analog systems often suffered from lost frames or image distortion. The digital cameras place the A/D conversion and encoding function adjacent to the CCD or CMOS imaging sensor eliminating distortion cause from noise and long cable runs. The digital network can then stream perfect video through high EMI environments.

Digital networks also offer flexibility in terms of topology relative to the dedicated cables that must run from the surveillance center to each camera in an analog system. Modern technologies such as 1394 can carry the data payload and control commands and information to a camera using a single cable, and in some cases even power the camera over the same cable. In analog systems, separate cables are typically required for data and control.

Once a product design team decides to develop a digital security system, choosing the network technology is a critical decision. The installer community demands simplicity. But the chosen network must meet extraordinary requirements including the support of multiple video streams, support for some level of uncompressed video, and extreme reliability.

A wireless network might offer the ultimate in installation simplicity. But no wireless network can meet the reliability or bandwidth requirements of anything beyond hobbyist security systems. The choice will ultimately come down to wired options such as Ethernet and 1394.

A 1394-based network will offer the best match for the video-centric security application. Relative to alternatives such as Gigabit Ethernet, 1394 offers equivalent or even greater bandwidth in the latest S1600 and S3200-based solutions, isochronous capabilities that can guarantee bandwidth and timing, optimal synchronization of streams from multiple cameras, a flexible topology, and advanced fault tolerance.

The generic use of the term 1394 implies the IEEE 1394-2008 standard that combined into a single specification all of the prior versions of the standard. That version also introduced features such as 800-Mbps bandwidth over 100m twisted-pair cables and coax that, as you will read later, are very important capabilities in a digital security application.

The advantages of 1394 come down to a physical layer (PHY) that offers a much more robust set of capabilities than Ethernet does. Let’s examine what the 1394 PHY offers in terms of:

  • Bandwidth
  • Isochronous functionality
  • Network monitoring and management
  • Fault tolerance
  • Flexible topology

Bandwidth
In terms of bandwidth, 1394 matches or exceeds the standard flavors of Ethernet. Currently Ethernet tops out at 1 Gbps in terms of widely shipping technology. The industry has developed 10-Gbps flavors but that technology has not gone mainstream. Moreover it’s unlikely that 10-Gbps Ethernet will ever use the low-cost cabling required in security applications. The 10-Gbps technology will either require expensive fiber media or relay on very short-range copper cables that wouldn’t suffice in the security industry.

The 400-Mbps (S400) and 800-Mbps (S800) flavors of 1394 are broadly available and proven in computer-centric products. Moreover, S800 1394 is the equal of 1-Gbps Ethernet because the latter uses 8B/10B data encoding, and that encoding overhead effectively reduces Ethernet performance by 20%. Moreover 1.6-Gbps (S1600) 1394 has been announced in 2010, is due within 2011 and will be compatible with the low-cost cooper cabling that will be required in security installations.

A 1394 network provides sufficient bandwidth to carry many compressed video streams. The total number of streams depends on the resolution of the cameras and the color-depth of the capture devices. A typical security camera might use the H.264 video encoding standard that might yield a 5- to 6-Mbps stream. A 1394 network could carry more than 20 such streams simultaneously with plenty of headroom to spare.

Some security applications also require carriage of uncompressed video. Compression always adds a small amount of latency in the encoding and decoding processes. And in some security installations, a fraction of a second delay may be critical.

Security system vendors have deployed 1394 technology in installations to carry a mix of compressed and uncompressed streams. For example, an installation might utilize a relatively lower resolution uncompressed stream for absolute real-time monitoring of a scene. A higher-resolution compressed stream is transmitted and stored to support detailed review by security personnel.

Isochronous facilities
While 1394 and Ethernet have essentially equivalent maximum bandwidth, all bandwidth isn’t created equally. The 1394 standard inherently supports Quality of Service (QoS). The Ethernet community has added QoS layers, but those added layers simply prioritize traffic. Conversely, a system designer can schedule 1394 traffic guaranteeing real-time delivery of video streams, without lost or delayed packets due to packet queuing.

The 1394 advantage in carrying video streams goes even further in a security application. From the beginning 1394 has supported isochronous capabilities. In a security application, the isochronous feature can be used to precisely synchronize video streams from different cameras.

Companies that are using 1394 in security systems have used the isochronous capability to actually stitch together streams from multiple cameras. That technique can create a continuous streaming presentation that exceeds what any single camera can capture.

A common misconception about 1394 is that bandwidth usage is restricted to 80% of the available bandwidth. This is indeed what the IEEE-1394 standard specifies, but this is just a soft rule that should be applied to "open systems". A security system, like an industrial system for example, is not considered open systems. Industrial systems and security systems are "closed systems". An end-user PC, where potentially anything can get attached to the bus at any time, is what is considered an open system.

The 1394 Trade Association has written a detailed white paper explaining these limits and describing how to safely use up to 92% of the bandwidth for isochronous operations in closed systems. See this PDF.

Network management
The 1394 physical layer (PHY) is also a good match for the requirements of a security camera network. The PHY allows a central control system in the surveillance center to monitor and manage a network of video cameras. Moreover, the control system can detect attempted network hacks.

A 1394 network offers full plug-and-play convenience. Devices connected to the network can be fully discovered by every other node on the network. A central controller can configure devices such as cameras over the network greatly simplifying the system installation process.

The PHY features allow the central controller to continuously monitor the health of each node/camera. Indeed the control system has complete visibility into the network topology. If a node fails, the system can pinpoint the location of the failure immediately. Ethernet, in contrast, would require installers to map IP addresses to camera locations so that personnel could locate a failed camera.

The plug-and-play aspects of 1394 PHY also ensure that a central controller can detect any unauthorized device that’s added to the network. For example, consider a case where an intruder might attempt to insert a video recorder or storage device on the network to capture streams. The controller on the 1394 network would automatically detect that device.

Moreover it is possible for the host, using the standard 1394 protocols, to detect and disable all disconnected ports on the whole network, so attaching any malicious device will not have any effects to the topology. Similarly the software can detect any "unexpected disconnection" event and immediately block the newly disconnected port so that no unauthorized device can be attached in its place.

It is really one of the big strengths of 1394 that it can separately address each and every port of every device on the bus. Moreover, through software commands (sending a PHY packet) it can even disable a connected port, which essentially has the same results as unplugging the cable from that port.  All done by exchanging data packets and without any mechanical intervention!

So consider the following scenario: 10 cameras are connected on a bus and the PC has two 1394 adapters for extra reliability (if one fails the other can take over) that are not connected directly to each other but only get connected through the bus. So the bus essentially is a straight line starting from one host adapter and ending on the other.

If an extraordinary event occurs (alarm conditions) then the PC can disable a selected port at the "middle" of the bus and thus "break" the bus into two 1394 buses, with each host adapter now handling 5 cameras on each bus. Thus the cameras can be configured into higher resolution/fps (but reduced redundancy if one adapter fails) during the alarm situation, so that the quality of recorded information is even higher.

When the alarm condition is over, then the cameras can be set to normal resolution and the two buses rejoined to operate as one.

Fault tolerance
By nature, security systems require high levels of reliability. A video-surveillance system does an owner little good if the system can’t continuously capture video data.

A 1394 network offers far greater reliability and fault tolerance than does an Ethernet network at a fraction of the cost. The 1394 PHY virtually supports any topology and any number of loops.

Moreover, b-loop recovery is a much faster process than the recovery provided by the spanning tree algorithm, because a b-loop disconnection only causes a normal bus reset, that is handled at the PHY layer and requires a maximum of about 166 microseconds to process while running the Spanning Tree algorithm may take several seconds, depending on the topology, as the bridges exchange Bridge Protocol Data Units and go through a number of states in their state machines. Clearly 1394 was a network designed to inherently support redundant connections, while on Ethernet, redundancy only came as an afterthought and unexpected/dynamic changes in the network topology are considered an exceptional event.

The 1394 Trade Association has demonstrated the reliability features using off-the-shelf products and impromptu network configurations. The demonstration relies on cameras and a PC connected in a loop with video streamed from each camera to the PC. You can subsequently remove any one cable from the network and the video streaming will continue flawlessly from every camera.

System designers can leverage the fault-tolerant capabilities of 1394 through unique topologies and develop much more robust capabilities relative to the simple example described above. Ethernet could potentially be deployed with some level of fault tolerance. But the fact is that most Ethernet switches and routers don’t support such capabilities.

Flexible topology
System designers and installers will benefit from the flexibility that’s inherent in the 1394 PHY both in terms of topology and media. For example, you can daisy chain 1394 cameras – a feature that Ethernet does not support. Ethernet can only be used in a star networks or tiered-star networks. With 1394 you can mix stars, loops, and other topologies.

If "star or tiered-star networks" versus "flexible topologies" is too abstract for your taste, then simply take a look at the diagrams showing topologies.

Figure 1

Figure 1, above, shows what a star topology looks like in practice. Compare it to a daisy-chain topology using 1394 for the same location, as shown in Figure 2, below, and you can immediately see the huge gains in cabling costs and complexity:

Figure 2

The 1394 standard also supports a variety of media types including Cat-5/6 cables, coax, and fiber optics. In fact, a 1394-based system could in most cases use coax cable that is in place, deployed previously for an analog security system. Naturally, a 1394 bus can be built by a combination of different media types, for example long haul fiber or coax cables connecting together remote 1394 segments that locally use standard 1394 cables.

Moreover, the nature of the FireWire bus allows the system designer to implement multiple monitoring stations at no added cost! The data is only transmitted once and the isochronous video stream is on the bus available for any node to receive, so any number of monitoring stations can be easily implemented.

The monitoring stations can even be completely separate from the recording stations as shown in Figure 3, below, allowing the installation of dumb displays around the perimeter so the security personnel can follow the activity from several locations.

Figure 3

When using VCRs, you need additional connections between the multiple VCRs and the monitoring stations in order to retransmit the video streams from one place to another.
When using a digital network with mainstream IP cameras, in most cases two stations can connect to the same camera, but that means that the camera is transmitting two separate video streams. Clearly this does not scale well when many cameras need to be displayed on multiple monitors.

The IP camera
Ethernet proponents have been exalting the simplicity of an IP camera. Presumably the IP camera would be simple to install and use because people have a growing level of comfort with Internet technology. Moreover, some Ethernet proponents point out that security systems can use existing Internet applications such as telnet so long as the camera has an integrated IP node.

Whether or not there are any real advantages to the IP concept remains to be seen. But the IP-camera concept does not require an Ethernet network. Ethernet equipment vendors on purpose cultivate the impression that IP and Ethernet are practically synonymous, but the Internet Engineering Task Force (IETF - http://www.ietf.org/) has gone to great lengths to make sure that the IP protocol can operate over a variety of physical layers.
The IETF and the 1394 Trade Association have long ago published standards allowing IP to operate over 1394 networks:

  • RFC 2734 "IPv4 over 1394"
  • RFC 2855 "DHCP for IEEE 1394"
  • RFC 3146 " Transmission of IPv6 Packets over IEEE 1394 Networks "
  • 1394TA 2009007 "IPv4 over 1394 Test Specification"

Ethernet is just one of the physical layers that support IP, certainly the most commonplace among office and home installations, but an IP camera could easily be built using 1394 as the physical layer of choice.

The most likely implementation of a digital security network will require a dedicated network for video traffic in any case. Mixing enterprise IT traffic with video stream would saturate the network and can cause issues with both the IT users that want fast access to the Internet and the security personnel that need guaranteed video delivery.

Still there is almost assuredly a need to allow access to captured video from and enterprises IT network. The ideal implementation would use a 1394 network to connect the cameras to the control center. But the video servers in the control center would also be accessible on the IT network. None of the real-time video capture would impact the IT network. But employees could access stored video selectively via the IT network.

Scalability
Security applications span a broad range in terms of the size of a network and the fidelity required. A convenience store or other small retail establishment might need a few relatively low-resolution cameras. Security at a site such as a large sports stadium might require tens or even hundreds of cameras spread around a large area. And demanding applications such as casino gambling floors require many cameras with resolution suitable to view details on the gaming tables.

A manufacturer of security systems that wants to develop a range of systems capabilities will find that 1394 can scale to meet applications across the spectrum. The 1394 choice is an affordable one even in a system with a few cameras. For large installations, system designers can use multiple 1394 segments to serve hundreds of cameras. Moreover 1394 can support any resolution required and the mix of compressed and uncompressed streams.

As security camera networks move toward the digital domain, 1394 is proving to be the best choice to network the cameras. The technology delivers the fidelity, flexibility, and reliability required for security applications. The installer community will find the plug-and-play 1394 devices simpler to deal with than Ethernet.

Image Resolution
Surely image resolution plays an important role in security and surveillance systems. The higher the resolution, the clearer the image or the wider the field of view, the greater the required bandwidth.

It is good to have an accurate understanding of the relative sizes of the most commonly used resolutions. See Figure 4.

Figure 4

Example System
The system outlined below is a relatively low cost system that can easily outperform in features much more expensive installations.

In the system shown in Figure 5 we have a 1394 bus with 10 cameras and 2 PCs, which serve as recording and monitoring stations. Each PC has two 1394 adapters, which are a relatively cheap component, for improved reliability. The PCs are also connected to each other over an Ethernet connection, so that they can exchange control information without loading the 1394 bus.

Figure 5

Both PCs record all the video traffic on an internal array of RAID10 disks with hot-swap capability comprised by 5 identical hard disks of 2TB each. RAID10 means that two disks are joined in one volume of 4TB in size (spanning), so that we get improved performance, and then they are mirrored to the other two disks so that we get improved reliability. The fifth disk is hot standby, which allows a very good level of recovery in case of a disk crash. The RAID is restored automatically and all we have to do is replace the failed disk, while the system operates at full redundancy but temporarily without a hot swap.

This kind of RAID capability is provided by many server grade motherboards and does not require any additional hardware purchase. RAID10 is a bit more wasteful in space when compared to RAID5 but much easier to setup and manage for a low cost solution.

There are 3 b-loops in this design: One going around the building, one running through the left half and one through the right half of the building. This simple design allows the system to withstand a significant amount of failures and still keep functioning.

It is worthwhile mentioning that the host can even detect the 1394 ports at which the b‑loops are "broken". These are called "loop disabled" ports and they always come in pairs. So if the standard configuration of the system has 6 loop disabled ports and after a bus reset these become 4, then the host software can immediately tell that a cable was damaged and a loop was closed to heal the bus topology.

Some example scenarios.

  • A device or cable failure (or malicious action) destroys one of the cables or one of the cameras (the cameras act as repeaters). The bus is healed immediately. The PCs, using the standard 1394 protocols, can detect that the topology is changed and thus notify the operator that immediate action is required.
  • A hard disk fails in one of the two PCs. The RAID10 is automatically healed, RAID recovery is initiated while the system continues to operate and the operator is notified that immediate action is required.
  • One of the PCs fails completely, despite the redundancies in hardware, power provision, etc. The 2nd PC is still functioning and accessing all cameras so it can still record all traffic until the 1st PC is restored.
  • This system design can even withstand two device failures at the same time.
    For example any camera and one PC at the same time, or any cable and a PC, or two cables/cameras - but not any combination of two cables/cameras.


In addition to his work at Taipei-based Codemost Technology, Inc., Dimitrios Staikos is a member of the board of directors of the 1394 Trade Association.  www.1394ta.org

 

 

 

SHARE THIS



Delicious

 

HELPFUL LINKS

Events Calendar

Contact the TA

Newsletter Archive

Presentations
     


1394TA HOME | SITEMAP | SEARCH | PRIVACY & SECURITY | CONTACT

© Copyright 2008 1394 Trade Association - All Rights Reserved
Use of this website signifies your agreement to the Terms of Use
For questions or comments, please contact the 1394TA Webmaster