Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Installation Manual | TM-20231105

iProtect Access / Security | Functionalities | OSDP

This manual represents the knowledge at the above-mentioned time. TKH security works non-stop to improve her products. For the most recent technical information please contact your consultant or dealer.

Introduction

This document is the installation and operation manual for OSDP readers.

WHAT IS OSDP?

Open Supervised Device Protocol (OSDP) is an access control communications standard developed by the Security Industry Association (SIA) to improve interoperability among access control and security products.

OSDP was approved as an international standard by the International Electrotechnical Commission in May 2020 and has been published as IEC 60839-11-5.

OSDP V2.2 which is based on the IEC 60839-11-5 standard, was released in December 2020.

https://www.securityindustry.org/industry-standards/open-supervised-device-protocol/

Materials

  • Card reader with OSDP protocol

  • Card reader must be provided with key material to be able to read the desired cards.

Readers are only supported by stacked Orions (RS485 connection)

General

OSDP readers are completely handled by the nodemanager, so the nodemanager should run to obtain access by a OSDP card reader.

The readermanager is not involved by handling the OSDP protocol.

Support and license

Below is an overview of support for both the hardware and the software, including the necessary license:

Version

License

Version 10.1.x

iProtect basic license

Readers license

Setup an OSDP reader using auto discovery           

  1. Connect the reader (see the documentation of the specifik reader)

  2. Press on the discover button in the line dialog of the Pluto.

  3. Wait until the discover process is ready
    (Read-in event=> Read-in event: Stop, Line: xxx…)

  4. Refresh the line dialog, if an OSDP device is detected it will be shown as a Node below port 1 or 2 of the Orion.

  5. If the <OSDP compatibility>  

  6. Badge 2 times a card at the reader, now the reader will be added below the OSDP node in iProtect (adding the reader manually is also possible)

The discover function for OSDP devices checks for the following settings:
Baudrate                     9600, 19K2, 115K2  baud,  They are all non-parity, 8 bit, 1 stop bit
Device address          0, 1, 2, 3, 4, 5, 6, 7, 8, 13, 14, 24

If other settings are nesseraly , set the settings manualy

Detection of capabilitties:

When a OSDP reader is connected the first task of the OSDP driver is to ask the so called capabilities, depending on the reported capabilities functionalities will be actived or not.
The fist time that the reader is connected the most importand capabilities will be reported in the event: New node disvoverd=>

Select adress:

Used OSDP address

Readers available

Number of readers

If 0 readers is reported and the device is a cardreader the  compatibility must be set to: No readers in capabilities.

Inputs available

Number of inputs

Outputs available

Number if outputs

Baudrate

Set baudrate

Port settings

Set port setting

More detailed information is avaible in the system log files
example log:

Dec 9 13:46:37 Server48 kp77db: [kp77db] [9/13:46:37] Line=33: OSDP reader
Dec 9 13:46:37 server48 kp77db: [kp77db] [9/13:46:37] Line=33: Non compliant OSDP fixes:4
Dec 9 13:46:37 Server48 kp77db: [kp77db] [9/13:46:37] Line=33: - card data type bit array (max 1024)
Dec 9 13:46:37 Server48 kp77db: [kp77db] [9/13:46:37] Line=33: - 1 leds per reader: timed, tricolor
Dec 9 13:46:37 Server48 kp77db: [kp77db] [9/13:46:37] Line=33: - 1 audible annunciators per reader: timed
Dec 9 13:46:37 Server48 kp77db: [kp77db] [9/13:46:37] Line=33: - reader checksum: CRC16
Dec 9 13:46:37 Server48 kp77db: [kp77db] [9/13:46:37] Line=33: - reader encryption: AES 128
Dec 9 13:46:37 Server48 kp77db: [kp77db] [9/13:46:37] Line=33: - reader buffer size: 256 bytes

Setup an OSDP reader manually

  1. Connect the reader (see chapter “Connecting the reader”)

  2. Select the line to which the OSDP reader is connected

  3. Select the Orion port to which the OSDP reader is connected

  4. Add a node of type <OSDP>

  5. Fill in the standard things like, name, code, etc

  6. Set the desired OSDP address

  7. Select OSDP compatibility
    a.    Fully compliant (default)
    b.    IDESCO (as non compliant)
    c.     IDESCO V2 (as non compliant)
    d.    No reader in capabilities (for OSDP card readers, reporting that no card reader is present.)

  8. Select the desired baud rate and port settings

    1. Most used speed is: 9600, 19200 or 115K2  baud

    2. Port setting: N81

  9. Activate the node

  10. Press <SAVE>

  11. Refresh page and check the points below.

    1. Check <Transmission Quality (%):)>   should be >= 95%

    2. Check <Version:>  version info should be available

  12. Select the created node in the tree view.

  13. Click on the right mouse button and select <Add reader>

10.  Set up the reader as usual

11.  For secure channel see chapter “Using the secure channel”

Using the secure channel

OSDP v2 with Secure Channel has AES-128 encryption to ensure that communication between the targeted devices is strict and secure.

All OSDP devices have a known standard Secure Channel Base Key (SCBK), according to the OSDP specification. The SCBK is a key shared between the peripheral/reader and the controller, which is used once to initiate encryption. The SCBK allows the controller (Pluto/ApolloN) to send a challenge command (critical information that the peripheral/reader can use to initiate a Secure Channel session). Note that OSDP security is not limited to the Secure Channel Base Key. The SCBK is used only once at the start of the session before auto-generated session keys are used to encrypt the OSDP data.

When the reader communicates, a value is displayed in the <Security status>

Status

Not supported

  1. Secure channel is not supported by the reader

  2. OSDP address is not correct

Not active

Device is connected but device has password (key)

100% communication and no password

Active SCBK

Secure channel is supported, and is communicating secure but still with default key

Key mismatch

The secure channel key in the reader does not match the key in the controller. Communication is not possible

Active

Secure channel is used, with specific key

If the status is “Active scbk” you can set a random key with the button <Set keys (SC)>. If pressed the key is set into the reader and stored in the controller (Pluto / ApolloN)
Refresh the page to see the results.

If the reader has allready a key, you can enter the key in the <password field> and save.

·         The button <Set keys (SC)>  generates and stores a key into the reader

·         The OSDP secure channel key himself is only visible for Root and Installer users

·         Once a key set, into the reader it cannot be cleared or rewritten by the system (not allowed in the OSDP protocol, security risk). If the key must be cleared (Reset) follow the procedure what is deliverd by the reader manufactoror

Reader settings :

For OSDP readers there are some specific reader settings.

Buzzer time card recognized: (Reader details- tab <Door behavior>)>

setting

behavior

0

not allowed

1 - 15

Buzzer time (1/10 sec)

>15

not allowed

Most used setting for buzzer time= 2

           
Tested readers

The readers below have been tested and can be implemented.

IDESCO BCD 2.0 OSDP

IDESCO BCD 2.0 OSDP V2

PHG Voxio -A-3100-A

OSDP - Voxio-A-3100-A reader - Service & Support (Intern use only) - Confluence (atlassian.net)

PHG Voxio -T 1570-Z

GEO / IE / INID  smartprox reader Model 5000C RS485

Tagmaster

NEDAP uPASS Target

NEDAP NVITE

OSDP - NEDAP NVITE - Service & Support (Intern use only) - Confluence (atlassian.net)

  • No labels