Why use OSDP instead of Wiegand?
When a security system is being replaced or retrofitted, OSDP should be considered instead of Wiegand, since Wiegand leaves many card readers vulnerable to attack. OSDP offers end users more options due to its interoperable nature. In addition, OSDP’s multi-drop capabilities means one length of 2-conductor cable can accommodate many readers, eliminating the need to run wire for each reader.
If you work in access control, no doubt you realize that Wiegand became a de facto industry standard after it first emerged in the early 1980s, but has not kept pace with today’s changing security demands.
Despite several attempts over the past two decades to update the standard, the erroneous assumption was that the “sun was setting on Wiegand technology,” and Wiegand would inevitably be replaced without the need to formally create a new standard.
Security systems are better served by an intentionally developed standard such as OSDP, which brings heightened security, interoperability and improved functionality.
Wiegand lacks the security essential for today’s access control systems. In addition, Wiegand is unsupervised, offers limited distance options, and wires must remain in good condition, free from induced electrical interference. The name Wiegand has also spawned much confusion, since it applies to three completely different aspects of card reader technology (see below).
If you participated in ISC West 2016, you may have heard about the session with ethical hacker Babak Javadi of The Core Group and Cypress CTO Tony Diodato. Javadi quickly hacked a Wiegand card reader and easily extracted data, which could be used to gain or even deny entrance to holders of legitimate credentials.
“Wiegand is not just old, it’s incredibly insecure,” said Javadi, who audits business security systems.
A new standard undoubtedly means changes, but the transition is expected to be a smooth one for dealers and integrators familiar with conversion devices, since the converters eliminate the need to replace entire access control systems at once.
We at Cypress are deeply committed to OSDP, a standard which has long been needed in the security industry. Cypress Founder and CTO Tony Diodato has been involved in SIA’s Access Control & Identity Group as the standard has developed.
WIEGAND and ACCESS CONTROL
Since about 1979, most microprocessor-based security and access control equipment used a half-duplex communication medium which relayed signals ─ in one direction at a time ─ from field devices to monitoring stations or control panels. Half-duplex has been used in everything from telephone lines to dedicated wires within or between buildings. Security manufacturers have used single, twisted-pair communication for decades.
Wiegand became considered the industry standard for most access control card readers in the early 1980s.
While the name Wiegand is widely known among those in access control, it has spawned much confusion, since it applies to three completely different aspects of card reader technology:
- Wiegand – Cards and Readers
- Wiegand – Hardware Interface
- Wiegand – Binary Formatted Data on a Card
1. Wiegand Cards and Readers – Wiegand became involved in the access control industry with the advent of cards with tiny wires embedded in the plastic and in the card readers. The Wiegand cards were a great replacement for the magnetic stripe (magstripe) cards, which could be erased or destroyed in heavy industrial or outdoor environments. Magstripe cards also required precise swiping. The Wiegand cards were virtually indestructible and could not be erased or reprogrammed. In addition, due to the Wiegand reader’s wider slot, swiping was more efficient, user-friendly, and fault-tolerant. GM was among the first companies to implement Wiegand card and reader technology worldwide and still uses these technologies today, along with other card technologies.
2. Wiegand Hardware Interface – The above mentioned Wiegand readers had an extremely simple 2-wire interface that came right out of the read head. As the little wires in the plastic passed by a magnet, they energized, then released an inductive voltage spike (like a coil). The “ones” came out one wire and the “zeros” came out the other. The spike lasted about 100 microseconds and originally was sent out raw. The signals would travel about 500 feet on 18 AWG wire after simple signal conditioning was employed (typically 100us Pulses with 1ms intervals). Today we refer to these as “Data 0 and Data 1”.
3. Wiegand Binary Format – Finally, the way the bits were organized on the card was referred to as “Wiegand Format.” All card formats have ones and zeros but, unlike the ABA format of magstripe cards (5 bit digits) which were common at the time, Wiegand used a compact binary representation of the card number since, well, there are only so many little wires you could fit into a 2-inch plastic card. There were 2 main fields of data and usually 2 parity bits for error detection. With 26 bits, you could get 16 bits of sequential card numbers (1 to 65535) and 8 bits of Site (Facility) codes (1 to 255). A parity bit at either end could be used for both error detection and sensing which direction the badge was swiped.