Access Control Remote Devices A&E Spec
Overview
This article contains two different views. Use the button below to toggle between the two views. If you are looking to save this information, right click and print or save as a pdf.
Architecture and Engineering Specifications
Access Control Remote Devices
BluBØX, Inc.
9 Bartlett Street, Suite 334
Andover, MA 0181
Phone: (844) 425-8209
www.BluBØX.com
© 2017 BluBØX, Inc. All rights reserved
Product Support
The first lines of support for BluBØX products are the third-party installing/servicing dealer and the online BluBØX Knowledge Base. Please check the Knowledge Base and/or contact the dealer with any questions or support requests, prior to contacting BluBØX.
Specifications
This Architectural and Engineering Specifications document utilizes MasterFormat™ April 2016 Edition and SectionFormat™ / PageFormat™ December 2009 Edition standards by the Construction Specifications Institute (CSI).
This document specifies the architectural/engineering and bid criteria for a Physical Access Control System (PACS) with a cloud-based Hosted Security Management System (HSMS) software that controls and monitors networked intelligent system controllers, card readers and personal identification devices, portal control devices, input/output interface hardware and power supplies.
Notes to Specifier
1. Where several alternative parameters or specifications exist, or where the Specifier has the option of inserting text, such choices are presented in <bold red text> .
2. Explanatory notes and comments are presented in red hidden text . To display the hidden text, see the Instructions at the end of this document.
3. Delete any item or paragraph that is not applicable to this project, renumber the paragraphs. Insert additional provisions as required for this project.
4. Delete the hidden text specifier instructions prior to releasing or publishing this document.
Document Disclaimer and Restrictions
Information in this document was current as of the time of publication, and subject to change without notice, Inc. For the most up-to-date information, visit www.BluBØX.com.
Section 28 15 19
ACCESS CONTROL REMOTE DEVICES
Copyright 2017 BluBØX, Inc. – All rights reserved
PART 1 GENERAL
-
Summary
1.01. SUMMARY- Section Includes
- This section specifies access control devices, intrusion detection devices, security access devices that are controlled and monitored by a Hosted Security Management System (HSMS) as part of Physical Access Control System (PACS).
- Products Furnished [or] Supplied But Not Installed Under This Section
[SPECIFIER NOTE: Briefly list products that are only furnished/supplied by this section, but whose installation is specified in other sections. For example, these may be new products “installed by owner”. Delete if not used.] - Products Installed But Not Furnished [or] Supplied Under This Section
[SPECIFIER NOTE: Briefly list products that are only installed by this section, but furnished/installed under other sections. For example, these may be new products “furnished by owner”. Delete if not used.] - Related Requirements
[SPECIFIER NOTE: Delete any item or paragraph not applicable in the section and renumber the paragraphs.]- Section 07 00 00 – Thermal and Moisture Protection (Division 07)
- Section 07 84 00 – Firestopping.
- Section 08 00 00 – Openings (Division 08)
- Section 08 10 10 – Doors and Frames.
- Section 08 11 73 – Sliding Metal Fire Doors.
- Section 08 30 00 – Specialty Doors and Frames.
- Section 08 31 13.53 – Security Access Doors and Frames.
- Section 08 34 59 – Vault Doors and Day Gates.
- Section 08 35 13.13 – Accordion Folding Doors.
- Section 08 42 00 – Entrances.
- Section 08 71 00 – Door Hardware.
- Section 08 74 00 – Access Control Door Hardware.
- Section 26 00 00 – Electrical (Division 26)
[SPECIFIER NOTE: Common Work Results for Electrical, for interface and coordination with building electrical systems and distribution]- Section 26 05 11 – Requirements for Electrical Installations.
- Section 26 05 21 – Low Voltage Electrical Power Conductors and Cables (600 Volts and Below.
- Section 26 05 33 – Raceways and Boxes for Electrical Systems.
- Section 26 05 41 – Underground Electrical Construction.
- Section 27 00 00 – Communications (Division 27)
- Section 27 05 33 – Pathways for Communications.
- Section 27 10 00 – Structured Cabling.
- Section 27 15 00 – Communications Horizontal Cabling.
- Section 27 15 01.11 – Conductors and Cables for Electronic Safety and Security.
[SPECIFIER NOTE: For cabling between system computers, panels and remote devices] - Section 27 20 00 – Data Communications.
- Section 27 24 00 – Peripheral Data Communications Equipment.
- Section 28 00 00 Electronic Safety and Security (Division 28)
- Section 28 05 00 – Common Work Results for Electronic Safety and Security.
[SPECIFIER NOTE: For general requirements that are common to more than one section in Division 28.] - Section 28 05 26 – Grounding and Bonding for Electronic Safety and Security.
- Section 28 05 28 – Pathways for Electronic Safety and Security, for conduit and raceway requirements.
- Section 28 05 28.33 – Conduits and Boxes for Electronic Safety and Security.
- Section 28 08 00 – Commissioning of Electronic Safety and Security.
[SPECIFIER NOTE: For requirements for commissioning, systems readiness checklists, and training.] - Section 28 10 00 Access Control.
- Section 28 14 00 Access Control Hardware.
- Section 28 05 00 – Common Work Results for Electronic Safety and Security.
- Section 07 00 00 – Thermal and Moisture Protection (Division 07)
- Section Includes
-
Price and Payment Procedures
-
References
1.02. REFERENCES- Abbreviations And Acronyms
- ADA: Americans with Disabilities Act.
- AES: Advanced Encryption Standard.
- APB: Anti Passback.
- DHCP: Dynamic Host Configuration Protocol.
- EOL: End of Line (resistance).
- FIPS: Federal Information Processing Standard.
- HSMS: Hosted Security Management System.
- IP: Internet Protocol.
- ISO: International Standards Organization.
- ITU: International Telecommunication Union.
- LAN: Local Area Network.
- LED: Light Emitting Diode.
- LCD: Liquid Crystal Display.
- NIST: National Institute for Standards and Technology.
- OPC: Open Platform Communication.
- PACS: Physical Access Control System.
- PIN: Personal Identification Number.
- PoE: Power over Ethernet.
- REX: Request to Exit.
- SIA: Security Industry Association.
- SIP: Session Initiation Protocol.
- SSH: Secure Shell.
- SSL: Secure Socket Layer.
- TCP: Transmission Control Protocol.
- WAN: Wide Area Network.
- Definitions
- ABA Track: Magnetic stripe that is encoded on track 2, at 75-bpi density in binary-coded decimal format; for example, 5-bit, 16-character set.
- Authentication: A process that establishes the origin of information, or determines an entity’s identity.
- Authenticator: A memory, possession, or quality of a person that can serve as proof of identity, when presented to a verifier of the appropriate kind. For example, passwords, cryptographic keys, and fingerprints are authenticators.
- Authorization: A process that associates permission to access a resource or asset with a person and the person’s identifier(s).
- Auto-relock: Door control feature that automatically relocks the door after access has been granted and the door has opened and closed, regardless of the time allowed for the door to momentarily remain unlocked to allow entry.
- Controller: A purpose-built microcomputer that receives from the HSMS the door and cardholder data including access privileges and device configurations; communicates with reader and keypad access control devices and performs real-time access decisions; executes processes and procedures based upon user-selectable/user-defined triggers; and performs I/O operations with monitoring inputs and control relay outputs.
- CPU: Central processing unit, the electronic circuitry within a computer that executes the computer’s firmware and the software running on the computer, processing data the computer receives from connected devices and systems.
- Credential: Data assigned to a person or non-person entity (such as security system equipment) and used to identify that person or entity. For a person, the data may be printed on an access/ID card, such as a photograph, name, and other printed data, or stored electronically in the computer chip on a smart card, an RFID chip, or in the memory of a biometric reader. For electronic equipment, the data is securely stored in a digital certificate file, which contains equipment identification information as well as the allowed purposes for which the certificate may be used.
- HSMS: Hosted Security Management System, a cloud-based service provided (SaaS PACS Application).
- Identifier: A credential card, keypad personal identification number or code, biometric characteristic, or other unique identification entered as data into the entry-control database for the purpose of identifying an individual.
- Location: A Location on the network having PACS equipment installed. Where this term is presented with an initial capital letter, this definition applies.
- PACS: Physical Access Control System.
- ROM: Read-only memory. ROM data are maintained through losses of power.
- RS-232: ANSI/TIA standard for asynchronous serial data communications between terminal devices. This standard defines a 25-pin connector and certain signal characteristics for interfacing computer equipment.
- RS-485: ANSI/TIA standard for multipoint communications.
- TCP/IP: Transport control protocol/Internet protocol incorporated into Microsoft Windows.
- UPS: Uninterruptible power supply.
- Wiegand: Patented magnetic principle that uses specially treated wires embedded in the credential card.
- Windows: Microsoft® Windows®, a computer operating system by Microsoft Corporation.
Workstation: A network-connected personal computer intended to be used by a specific person or people for the performance of specific tasks, such as an alarm and video monitoring workstation; a tablet computer used for a similar function.
- Reference Standards
- The latest published edition of a reference shall be applicable to this Project unless identified by a specific edition date.
- All reference amendments adopted prior to the effective date of this Contract shall be applicable to this Project.
- The publications listed below (including amendments, addenda, revisions, supplement, and errata) form a part of this specification to the extent referenced. The publications are referenced in the text by the basic designation only.
- American National Standards Institute (ANSI)/ International Code Council (ICC):
- NASI/ICC A117.1 – Standard on Accessible and Usable Buildings and Facilities
- American National Standards Institute (ANSI)/ Security Industry Association (SIA):
- ANSI/SIA AC-03 – Access Control: Access Control Guideline Dye Sublimation Printing Practices for PVC Access Control Cards.
- Department of Justice American Disability Act (ADA)
- 28 CFR Part 36 – ADA Standards for Accessible Design 2010.
- Electronic Industries Alliance (EIA):
- EIA-568-A – Commercial Building Telecommunications Wiring Standard.
- EIA-569 – Commercial Building Standard for Telecommunications Pathways and Spaces.
- EIA-606 – The Administration Standard for the Telecommunications Infrastructure of Commercial Buildings.
- EIA-607 – Commercial Building Grounding and Bonding Requirements for Telecommunications.
- EIA TSB 67 – Transmission Performance Specification for Field Testing of Unshielded Twisted-Pair Cabling Systems.
- RS232C – Interface between Data Terminal Equipment and Data Communications Equipment Employing Serial Binary Data Interchange.
- RS485 – Electrical Characteristics of Generators and Receivers for use in Balanced Digital Multi-Point Systems.
- European Union:
- Restriction of the Use of Certain Hazardous Substances in Electrical and Electronic Equipment (RoHS).
- Federal Communications Commission (FCC):
- FCC Part 15 – Radio Frequency Device.
- FCC Part 68 – Connection of Terminal Equipment to the Telephone Network.
- Government Accountability Office (GAO):
- GAO-03-8-02 – Security Responsibilities for Federally Owned and Leased Facilities
- Institute of Electrical and Electronics Engineers (IEEE):
- IEEE 802.3 – Ethernet Standards
- International Organization for Standards/International Electrotechnical Commission (ISO/IEC):
- ISO/IEC 7810 – Identification cards — Physical characteristics.
- ISO/IEC 11801:2010 (Ed. 2.2) – Information technology – Generic cabling for customer premises.
- ISO/IEC 14443 – Identification cards – Contactless integrated circuit cards – Proximity cards
- ISO/IEC 15693-1:2000 – Identification cards – Contactless integrated circuit(s) cards – Vicinity cards.
- National Fire Protection Association (NFPA):
- NFPA 70-11 – National Electrical Code
- National Institute of Standards and Technology (NIST):
- FIPS PUB 140-2 – Security requirements for cryptographic modules protecting sensitive information.
- FIPS 197 – Advanced Encryption Standard (AES).
- FIPS-201-1 – Personal Identity Verification (PIV) of Federal Employees and Contractors.
- Abbreviations And Acronyms
-
Administrative requirements
-
Submittals
1.03. SUBMITTALS- Refer to 28 10 00 PHYSICAL ACCESS CONTROL SYSTEM, Part 1.
- Provide certificates of compliance with Article 1.05, Quality Assurance.
-
Closeout submittals
1.04. MAINTENANCE MATERIAL SUBMITTALS -
- Spare Parts
- Submit to Owner’s Representative a complete list of the manufacturer's recommended spare parts and components required to satisfactorily maintain and service the systems, as well as unit pricing for those parts and components.
- Extra Stock Materials
- Furnish extra materials described below as [Part of the Base Bid][Bid Alternate] before installation begins, that match products installed and that are packaged with protective covering for storage and identified with labels describing contents. Provide not less than one of each item listed below. Deliver extra materials to Owner marked on the outside of each original manufacturer’s packaging with “SPARE EQUIPMENT FOR PHYSICAL ACCCESS CONTROL SYSTEM”.
- Fuses: One for every 10; each type and rating.
- Card Readers: One spare for each type installed.
- Cameras: One spare for each type installed.
- Lenses: One spare for each focal length installed.
- Furnish extra materials described below as [Part of the Base Bid][Bid Alternate] before installation begins, that match products installed and that are packaged with protective covering for storage and identified with labels describing contents. Provide not less than one of each item listed below. Deliver extra materials to Owner marked on the outside of each original manufacturer’s packaging with “SPARE EQUIPMENT FOR PHYSICAL ACCCESS CONTROL SYSTEM”.
- Spare Parts
- 1.05. QUALITY ASSURANCE
- Furnish and install the PACS as specified. Provide certification as required.
- Install and test the PACS to ensure all components are fully compatible as a system and can be integrated with all associated security subsystems and HSMS, whether the security system is stand-alone or a part of a complete Information Technology (IT) computer network.
- Qualifications
- Manufacturers
- The manufacturer shall regularly and presently produce, as one of the manufacturer's principal products, the equipment and material specified for this project, and shall have manufactured the item for at least three years.
- Product
- Manufacturer's product shall have been in satisfactory operation, on three installations of similar size and type as this project, for approximately three years.
- Contractors/Installers
- The Contractor or security sub-contractor shall:
- Be licensed to perform security installations in the state the work is to be performed.
- Have a minimum of five years’ experience installing and servicing systems of similar scope and complexity.
- Provide four current references from clients with systems of similar scope and complexity which became operational within the past three years.
- At least three of the references shall utilize the same system components, and in a similar configuration, as the proposed system.
- The references must include a current point of contact, company or agency name, address, telephone number, complete system description, date of completion, and approximate cost of the project.
- The Owner reserves the option to visit the reference sites, with the site owner’s permission and representative, to verify the quality of installation and the references’ level of satisfaction with the system.
- Utilize factory-trained technicians to install, program, and service PACS equipment and services.
- Utilize factory-trained technicians to install, terminate and service controller/field panels and reader modules.
- Provide copies of system manufacturer certification for all technicians.
- Require technicians to have a minimum of five (5) continuous years of technical experience in electronic security systems.
- Provide a local service facility.
- Located within 60 miles of the project site.
- Ensure service facility stocks a spare parts inventory sufficient to support the service requirements of this contract.
- Ensure service facility is equipped with diagnostic equipment to perform diagnostic procedures for the installed equipment.
- Owner’s Representative reserves the option of surveying the company’s facility to verify the service inventory and presence of a local service organization.
- Provide evidence that the installer is an authorized dealer in good standing for the manufacturer of the HSMS described in Section 28 10 00, and that installer’s personnel meet the manufacturer’s technical certification requirements.
- The Contractor or security sub-contractor shall:
- Service Qualifications
[SPECIFIER NOTE: In the following paragraph use 4 hours for metropolitan areas and 8 hours for rural areas.]- There shall be a permanent service organization maintained or trained by the manufacturer which will render satisfactory service to this installation within [four] [OR] [eight] hours of receipt of notification that service is needed. Submit name and address of service organizations.
- Manufacturers
- Certifications
- FIPS 201 Compliance Certificates
[SPECIFIER NOTE: Delete and add components to the list as required by the project. Check http://www.fips201.com/ website for list of the approved products.]- Provide Certificates for all software components and device types utilizing credential verification. Provide certificates for:
- Card Readers.
- Facial Image Capturing Camera.
- Certificate Validator.
- <list devices and software>
- Provide Certificates for all software components and device types utilizing credential verification. Provide certificates for:
- FIPS 201 Compliance Certificates
- 1.06. DELIVERY, STORAGE, AND HANDLING
- Deliver materials in manufacturer’s labeled packages. Store and handle in accordance with manufacturer’s requirements.
- Storage And Handling Requirements
- All equipment shall be stored in an environment compliant with the equipment manufacturers’ recommendations.
- 1.07. SITE CONDITIONS
- Ambient Conditions
[SPECIFIER NOTE: Identify site specific ambient conditions under which work must be performed such as bad lighting, obstacles, or extreme cold/heat that installers or equipment may have to deal with. Delete if not needed.] - Existing Conditions
[SPECIFIER NOTE: Identify site specific existing conditions. Such as the condition of existing work subject to rework or modification.]
- Ambient Conditions
- 1.08. WARRANTY
- Manufacturer Warranty
- Provide manufacturer one-year warranty that the software and hardware product(s) are free from defect in materials and/or workmanship as of the date of installation.
- Provide manufacturer periodic updates to software and hardware during the warranty period.
- Provide manufacturer limited "no questions asked" replacement warranty against hardware product defects in material and workmanship, as follows:
- One Year – Integrated credential readers.
- One Year – Photo imageable cards.
- Lifetime – Clam shell card; key ring tag; mullion, Euro, and wall switch readers.
- Special Warranty
- Refer to 28 10 00 PHYSICAL ACCESS CONTROL SYSTEM, Part 1.
- Manufacturer Warranty
PART 2 PRODUCTS
-
Owner-furnished products
2.01. OWNER-FURNISHED PRODUCTS
[SPECIFIER NOTE: Use the next section to describe owner-furnished products to enable the Contractor to install them correctly, or to ensure compatibility or proper system operation.]- New Products
- <list new products furnished by owner>.
- Existing Products
- <list existing products/systems furnished by owner>.
- New Products
[SPECIFIER NOTE: The following articles describe equipment and services that may be used in a PACS project. Add, modify or delete as required.]
-
Integrated Credential Readers and Field Entry Management
2.02. INTEGRATED CREDENTIAL READERS- Manufacturers
- BluBØX, Inc., 9 Bartlett Street, Suite 334, Andover, MA 0181. Phone: (844) 425-8209, www.BluBØX.com
- Substitution Limitations: No Substitutions.
- Product Options:
- Person Reader.
- Person Reader with anti-glare screen.
- Person Reader with restricted view screen.
- Description
- Integrated credential readers authenticate a person using one or more recognition methods including biometric, keypad PIN, Bluetooth, and NFC.
- Authentication
- Integrated credential readers shall support:
- User authentication via Bluetooth 4.0, NFC, RFID, Facial Recognition, and keypad PIN methods.
- Single authentication method or a combination of multiple methods.
- Authentication at a distance using Bluetooth.
- Facial recognition requirements:
- Facial recognition shall be based on LFAR Facial Recognition Technology. READERS USING EIGENFACES-BASED FACIAL RECOGNITION WILL NOT BE ACCEPTED.
- Utilize Adaptive Learning System and a combination of 2D and 3D technology to maximize recognition capabilities and minimize dependence on pose in varying lighting conditions.
- Provide facial recognition time of less than 1 second.
- Integrated credential readers shall include a built-in megapixel surveillance camera to document access attempts and incidents of tampering.
- Visitor Management with Video Intercom
- Integrated credential readers shall:
- Provide visitor management features such as video intercom, remote door release, and visitor check-in / enrollment / logging.
- Recognize and provide notice when unauthorized or blacklisted individuals attempt access.
- Prompt visitors to use the touchscreen video intercom. [under what conditions?]
- Send email and text notification of guest arrivals to a predetermined distribution list.
- Provide user response via mobile device or computer to video intercom callers.
- Provide authorized users with remote door release capability.
- Log remote door release events.
- Provide audio only or audio plus video modes for intercom dialog.
- Log all guest access activity.
- Function in an offline mode, and transmit access event data to the access control system upon resumption of online mode.
- Enable authorized users to preauthorize visitors for entry using:
- Pre-enrolled visitor face.
- Temporary visitor PIN code.
- Notify the associated user of pre-authorized visitor access via email or SMS text message.
- Automatically connect non-recognized visitors to a pre-designated recipient by video intercom, or prompt non-recognized visitors to select a recipient from a directory listing.
- Provide enrollment of visitors and assignment of user rights directly at the reader.
- Transmit reader-enrolled visitor information to other integrated credential readers and/or the access control system.
- Integrated credential readers shall:
- Multi-Purpose Touch Screen
- Integrated credential readers with multi-touch capacitive screen shall provide the following additional reader functionality:
- Touchscreen PIN Scramble Keypad
- Keypad PIN may be used for authentication or as one factor of a multifactor authentication.
- Keypad may arm and disarm alarm system.
- Message Board Display
- Screen shall support programmable text message and graphics including:
- Graphics, company name, suite number, room number, room name, portal name.
- Owner defined information / graphics / images.
- Screen shall support programmable text message and graphics including:
- Touchscreen PIN Scramble Keypad
- Integrated credential readers with multi-touch capacitive screen shall provide the following additional reader functionality:
- Black List Recognition and Unauthorized Access Attempts
- Integrated credential readers shall:
- Recognize blacklisted visitors, vendors and employees, and deny them entry.
- Monitor repeated attempts by unauthorized people to gain entry.
- Automatically add repeat unauthorized people to the blacklist.
- Notify an administrator by email or SMS text when a blacklisted person attempts access.
- Integrated credential readers shall:
- Analysis and Reporting Functions
- Integrated credential readers shall collect information regarding access attempts, analyze collected information, and report exceptions including:
- Attempts to defeat the system.
- Attempts by blacklisted persons to gain access.
- Repeated attempts by unauthorized visitors to gain access.
- Integrated credential readers shall collect information regarding access attempts, analyze collected information, and report exceptions including:
- Resident Data Protection
- Integrated credential readers shall:
- Encrypt locally stored user and system data using AES 256-bit encryption.
- Provide remote erase functionality controllable from HSMS.
- Integrated credential readers shall:
- Health and Status Monitoring Functions
- Integrated Credential Readers shall:
- Monitor hardware and software health.
- Monitor biometric health and performance.
- Notify administrator and access control system when tampering is detected.
- Notification shall include captured pictures, video, and GPS location.
- Integrated Credential Readers shall:
- Performance / Design Criteria
- Technical Details
- Communications:
- Wired
- Ethernet TCP/IP.
- Wiegand – In, to support additional card reader technologies.
- Wiegand – Out, to interface with access control systems and communicate authentication events.
- Wireless
- WI-FI 802.11 a/b/g/n/ac, dual-band.
- Bluetooth 4.0.
- Protocols
- OPC.
- SIP.
- Security: The integrated credential readers shall allow only outbound communication initiation only.
- Wired
- Power
- 5–16 VDC, DC Current 30 mA average, 75 mA peak.
- PoE.
- Battery: 12 Hour.
- Screen: 8.4 inch OLED, FHD (2560x1600) resolution 10 point multi-touch capacitive
- Optional anti-glare screen.
- Optional restricted view screen.
- Operating System: Windows 8.1 O/S.
- Audio:
- Microphone with active Background Noise Cancellation.
- Stereo Speakers.
- Imaging: 2 Megapixel Camera.
- Sensors:
- GPS.
- Gyroscope.
- Accelerometer.
- Proximity Sensor.
- Compass.
- Enclosure Tamper.
- Mechanical
- Dimensions: 9 x 5 x 0.5 inch.
- Mounting: single gang junction box.
- Weight: 12 ounces.
- Environmental
- 32–120 F (0 – 55 C)
- 0 – 95 percent Relative Humidity
- Communications:
- Capacities
- Memory:
- 2 GB DDR3 SDRAM @ 1MHz.
- 16 GB Solid State Storage.
- 32/64/128/256/512 GB Micro SD card.
- Memory:
- Integrated credential readers shall support:
- Manufacturers
-
Multi-Technology Contactless Smart Card Reader – Read Only
2.03 MULTI-TECHNOLOGY CONTACTLESS SMART CARD READER – READ ONLY- Manufacturers
- HID Global; 15370 Barranca Pkwy, Irvine, CA 92618, USA; telephone: 949-732-2000, fax: 949-732-2360; Web site: www.hidglobal.com.
- Substitution Limitations: No Substitutions.
- Product Options: Multi-technology contactless smart card reader shall be HID Global multiclass SE Transit Card Reader Model:
- Without Keypad, RP40-T.
- With Keypad, RPK40-T.
- Description
- The multi-technology contactless smart card reader(s) shall be designed to securely read, interpret, and authenticate access control data from 13.56 MHz contactless smart card credentials and 125 kHz proximity cards.
- The multi-technology contactless smart card reader shall be optimally designed for use in access control applications.
- Multi-technology contactless smart card readers shall provide the following enhanced performance features:
- The multi-technology contactless smart card reader shall provide simultaneous support for 125 kHz proximity FSK (HID Proximity, AWID). PSK (Indala), and ASK (EM4102) 125 kHz technology to increase credential technology migration options.
- The multi-technology contactless smart card reader shall enable user prioritization of High-frequency/High-frequency and High-frequency/Low-frequency credential reads. Technology prioritization shall synchronize a site’s credential technology read priority to the access panel configuration while reducing unintended credential reads.
- The multi-technology contactless smart card reader shall have the ability to provide consistent optimal read range by implementing an auto-tune function that adjusts for manufacturing tolerances to enhance consistency of performance from reader to reader.
- The multi-technology contactless smart card reader shall be field programmable to provide secure upgrades for migration and extended lifecycle.
- The multi-technology contactless smart card reader shall be designed as a system to provide optimal read range and read speed for increased access control throughput.
- Multi-technology contactless smart card reader shall provide enhanced environmental and sustainability features.
- The multi-technology contactless smart card reader shall reduce power consumption by as much as 75 percent through the use of Intelligent Power Management (IPM) technology.
- The multi-technology contactless smart card reader shall be manufactured with 10 percent recycled material to provide the potential of LEEDS building credits in new construction projects.
- Multi-technology contactless smart card reader shall be fully compliant with Restriction of Hazardous Substances directive (RoHS) restricting the use of specific hazardous materials found in electrical and electronic products. The substances banned under RoHS are lead (Pb), mercury (Hg), cadmium (Cd), hexavalent chromium (CrVI), polybrominated biphenyls (PBB) and polybrominated diphenyl ethers (PBDE).
- Multi-technology contactless smart card reader shall be manufactured with 11 percent (Pigtail) and 10 percent (Terminal Strip).
- Multi-technology contactless smart card reader shall comply with the following 13.56MHz-related standards to ensure product compatibility and predictability of performance:
- ISO/IEC 15693.
- ISO/IEC 14443 – Type A.
- ISO/IEC 14443 – Type B.
- Multi-technology contactless smart card reader shall implement the following high security 13.56 MHz applications out-of-box.
- Secure Identity Object on iCLASS SE.
- Secure Identity Object on MIFARE Classic SE.
- Secure Identity Object on MIFARE DESFire EV1 SE.
- Multi-technology contactless smart card reader shall be suitable for global deployment by meeting worldwide radio and safety regulatory compliance including:
- UL294 (US).
- cUL (Canada).
- FCC Certification (US).
- IC (Canada).
- CE (EU).
- C-tick (Australia, New Zealand).
- SRRC (China).
- MIC (Korea).
- NCC (Taiwan).
- iDA (Singapore).
- Multi-technology contactless smart card reader shall be provided with a full potted assembly.
- Multi-technology contactless smart card reader shall provide the following typical contactless read ranges:
- 3.0 inches (7.6 cm) reading SIO on iCLASS SE Card.
- 1.5 inches (3.8 cm) reading SIO on MIFARE DESFire EV1 SE Card.
- 2.3 inches (5.9 cm) reading SIO on MIFARE Classic SE Card.
- 1.4 inches (3.6 cm) reading SIO on iCLASS SE Tag or Fob.
- 0.9 inches (2.3 cm) reading SIO on MIFARE Classic SE Tag or Fob.
- 2.7 inches (6.9 cm) reading 125 kHz HID Prox or AWID Card.
- 1.0 inches (2.5 cm) reading 125 kHz Indala Card.
- 2.0 inches (5.1 cm) reading 125 kHz EM4102 Card.
- 0.8 inches (2.0 cm) reading 125 kHz HID Prox or AWID Tag or Fob.
- 0.8 inches (2.0 cm) reading 125 kHz Indala Tag or Fob.
- 0.8 inches (2.0 cm) reading 125 kHz EM4102 Tag or Fob.
- Multi-technology contactless smart card reader shall be designed for low current operation to enable contactless smart card migration from most legacy proximity applications without the need to replace existing access control panels and/or power supplies. Contactless smart card power requirements shall be:
- Operating voltage: 5 – 16 VDC, reverse voltage protected. Linear power supply recommended.
- Current requirements and power consumption:
- 75 mA (Standard Power Mode).
- 35 mA (Intelligent Power Management Mode).
- 110 mA (Peak Current Draw).
- 1.2 W (Standard Power Mode @ 16VDC).
- 0.6 W (Intelligent Power Management Mode @ 16VDC).
- Multi-technology contactless smart card reader shall meet the following physical specifications:
- Dimensions: 3.3 inches x 3.3 inches x 0.9 inches (8.4cm x 8.4cm x 2.3cm).
- Weight: 7.8 (222g) Pigtail and 7.6oz (216g) Terminal Strip.
- Material: UL94 Polycarbonate.
- Plastics: Consist of two-piece design with mounting plate and either separate front bezel and reader body (totaling three-pieces) or combined front bezel/reader body (totaling two-pieces).
- Color: Black or Charcoal Gray as approved by the project architect.
- Multi-technology contactless smart card reader shall meet the following environmental specifications:
- Operating temperature: -31 to 150 degrees F (-35 to 65 degrees C).
- Operating humidity: 5 percent to 95 percent relative humidity non-condensing.
- Weatherized design suitable to withstand harsh environments with a certified rating of IP55.
- Multi-technology contactless smart card reader cabling requirements shall be:
- Cable distance: (Wiegand or Clock & Data): 500 feet (150m).
- Cable type: 5-conductor #22 AWG (Shielded cable not required).
- Standard reader termination: 18 inches (0.5m) cable pigtail.
- Optional reader termination: terminal strip.
- The multi-technology smart card reader shall be provisioned through secure connections utilizing Trusted Identity Platform’s™ Secure Delivery Infrastructure (SDI) where all cryptographic keys governing system security are delivered with end-to-end privacy and integrity.
- Manufacturers
-
Access Card
2.04. DIRECT-TO-CLOUD™ INTEGRATED LOCK READER SUPPORT- Manufacturers
- BluBØX, Inc., 9 Bartlett Street, Suite 334, Andover, MA 0181. Phone: (844) 425-8209, www.BluBØX.com
- Substitution Limitations: No Substitutions.
- Description
- Integration capability of web-based cloud-hosted security management system application to manage physical access requests from networked integrated lock reader systems without site-installed access controllers.
- Architecture
- The architecture of the integrated lock reader support shall consist of:
- Cloud-hosted security management system integration to integrated lock reader systems.
- Site-based Internet-connected wireless integrated lock reader system.
- Encrypted communications between the cloud-hosted security management system and the integrated lock reader system Router.
- Real-time management of access decisions performed by the cloud-hosted security management system.
- Offline mode of integrated lock reader operations with one or more methods for reader-based access decisions.
- The architecture of the integrated lock reader support shall consist of:
- Manufacturers
- 2.05. INTEGRATED LOCK READER SYSTEMS
- Manufacturers
- Allegion Plc. Block D, Iveagh Court, Harcourt Road, Dublin 2, Co. Dublin, Ireland
- ASSA ABLOY, Inc., 110 Sargent Drive, New Haven, CT 06511 , Phone: (800) 377-3948. Web: www.intelligentopenings.com.
- Kaba Access Control, 2941 Indiana Avenue, Winston Salem 27105. Web: www.kaba.com
- Salto Systems, Inc., 1780 Corporate Drive, Suite 400, Norcross GA 30093. Phone: 770-452-6091, Web: www.salto.us.
- Description
- Integrated lock reader system with wireless door locks, wireless hubs, and router for secure Internet connection to cloud-hosted security management system.
- Architecture
- The architecture of the integrated lock reader support shall consist of:
- Site-based Internet-connected wireless integrated lock reader system.
- Router for secure Internet connection.
- Wireless hubs/access points to connect wireless integrated lock readers to Router via WiFi 802.11 or 802.15.4.
- Bluetooth Low Energy wireless gateways to connect to wireless integrated lock readers via BLE (Allegion only).
- Wireless integrated door lock readers.
- End-to-end minimum 128-bit AES encrypted communications
- Site-based Internet-connected wireless integrated lock reader system.
- System Functionality
- Real-time access control integration with cloud-hosted security management system.
- Offline access decision by integrated lock reader (Salto Systems only)
- Supported Wireless Integrated Lock Readers
- Assa-Abloy 485/POE/Wireless Integrated Lock Readers
- Allegion 485/POE/Wireless Integrated Lock Readers
- Kaba 485/POE/Wireless Integrated Lock Readers
- Salto 485/POE/Wireless Integrated Lock Readers
- Simmons Voss 485/POE/Wireless Integrated Lock Readers
- Salto XS4 Series locks (Salto)
- Schlage® AD-Series (Allegion)
- Schlage NDE Series wireless locks (Allegion)
- Aperio-enabled wireless locks: (ASSA ABLOY)
- Adams Rite A100 Keyless Entry Control
- Corbin Russwin IN100 Lock
- HES K100 Cabinet Lock
- HES KS100 Server Cabinet Lock
- Medeco M100 eCylinder
- SARGENT IN100 Lock
- SARGENT PR100 Lock
- Securitron AS100 Sensor
- Securitron R100 Reader
- The architecture of the integrated lock reader support shall consist of:
- Manufacturers
- 2.05. ACCESS CARD
- Manufacturers
- HID Global; 15370 Barranca Pkwy, Irvine, CA 92618, USA; telephone: 949-732-2000, fax: 949-732-2360; Web site: www.hidglobal.com.
- Substitution Limitations: No Substitutions.
- Product Options:
- Multi-technology contactless smart cards shall be HID Global iClass Prox cards.
- Contractor shall provide [insert quantity] access cards.
- Description
- Shall provide a graphics quality surface that supports direct‐to‐card printing.
- Shall be capable of being produced with holograms, ultra‐violet fluorescent inks, or other anti‐counterfeiting features.
- Manufacturers
PART 3 EXECUTION
-
Examination
3.01. EXAMINATION- Verification Of Conditions
- The Contractor shall visit the site and verify that site conditions are in agreement with the design package. The Contractor shall report all changes to the site or conditions which will affect performance of the system to the Owner. The Contractor shall not take any corrective action without written permission from the Owner.
- General
- Verify that substrate conditions, which have either been previously installed under other sections, or that existing site conditions, are acceptable for product installation in accordance with manufacturer’s instructions.
- Verify that building doors, frames, walls, wire runs, related items, and conditions are ready to receive work of this Section.
- Cable & Wiring
- Examine pathway elements intended for cables. Check raceways, cable trays, and other elements for compliance with space allocations, installation tolerances, hazards to cable installation, and other conditions affecting installation.
- Examine roughing-in for LAN and control cable conduit systems to PCs, Controllers, card readers, and other cable-connected devices to verify actual locations of conduit and back boxes before device installation.
- LAN/WAN
- Verify LAN connections for Ethernet capable PACS controllers and devices provide access to the internet and the HSMS host.
- Power Connections
- Verify power circuits which are existing or have been previously installed under other sections are acceptable for product installation in accordance with manufacturer’s instructions.
- Preinstalling Testing
- Perform the following field tests and inspections and prepare test reports:
- LAN Cable Procedures: Inspect for physical damage and test each conductor signal path for continuity and shorts. Use Class 2, bidirectional, Category 5 tester. Test for faulty connectors, splices, and terminations. Test according to TIA/EIA-568-1, "Commercial Building Telecommunications Cabling Standards – Part 1 General Requirements." Link performance for UTP cables must comply with minimum criteria in TIA/EIA-568-B.
- Test each circuit and component of each system. Tests shall include, but are not limited to, measurements of power supply output under maximum load, signal loop resistance, and leakage to ground where applicable. System components with battery backup shall be operated on battery power for a period of not less than 10 percent of the calculated battery operating time. Provide special equipment and software if testing requires special or dedicated equipment.
- Operational Test: After installation of cables and connectors, demonstrate product capability and compliance with requirements. Test each signal path for end-to-end performance from each end of all pairs installed. Remove temporary connections when tests have been satisfactorily completed.
- Perform the following field tests and inspections and prepare test reports:
- Verification Of Conditions
-
Preparation
3.02. PREPARATION- Refer to 28 10 00 PHYSICAL ACCESS CONTROL SYSTEM, Part 3, PREPARATION.
- Determine Owner’s priority of importance to alternate high priority devices and normal priority devices on different multi-tap power supplies or PoE switches to reduce failure points where a large number of devices are unavailable to a critical area.
- Coordinate arrangement, mounting, and support of electronic safety and security equipment:
- To allow maximum possible headroom unless specific mounting heights that reduce headroom are indicated.
- To provide for ease of disconnecting the equipment with minimum interference to other installations.
To allow right of way for piping and conduit installed at required slope, so connecting raceways, cables, wireways, cable trays, and busways will be clear of obstructions and of the working and access space of other equipment.
- Coordinate installation of required supporting devices and set sleeves in cast-in-place concrete, masonry walls, and other structural components as they are constructed.
- Coordinate location of access panels and doors for electronic safety and security items that are behind finished surfaces or otherwise concealed.
- Prior to Installation
- All equipment shall be tested and configured in accordance with instructions provided by the manufacturer.
-
Installation
3.03. INSTALLATION- General
- Install all system components and appurtenances in accordance with the manufacturer’s specifications, referenced practices, guidelines and applicable codes.
- Comply with manufacturer’s written data, including product technical bulletins, product catalog installation instructions and product carton installation instructions.
- Furnish all necessary interconnections, services, and adjustments required for a complete and operable system as specified.
- Control signal, communications, and data transmission line grounding shall be installed as necessary to preclude ground loops, noise and surges from adversely affecting system operation.
- All equipment shall be attached to walls and ceiling/floor assemblies and shall be held firmly in place (e.g., sensors shall not be supported solely by suspended ceilings). Fasteners and supports shall be adequate to support the required load.
- Use weatherproof equipment or covers where installed in areas exposed to weather.
- Wiring
[SPECIFIER NOTE: Modify or delete the following subparagraphs to fit the Project.]- General
- All wiring is to be installed in dedicated conduit throughout. Cable shall not be pulled into conduits or placed in raceways, compartments, outlet boxes, junction boxes or similar fittings with other building wiring.
- All low voltage wiring outside the control console, cabinets, boxes and similar enclosures, shall be plenum rated where required by code.
- All wiring conductors connected to terminal strips shall be individually numbered and each cable or wiring group being extended from a panel or cabinet to a building mounted device shall be identified with the name and number of the particular device as identified and shown on building drawings.
- All exposed wiring inside and outside the control console, cabinets, boxes and similar enclosures, shall be dressed down neatly and secured with wiring cleats or wire ties.
- All exposed metallic flexible conduit and armored cable shall be dressed down neatly and secured with low profile, metal fasteners.
- Fire Wall Penetrations
- The Contractor shall avoid penetration of fire rated walls and floors wherever possible. Contractor shall also seal all floor, ceiling and wall penetrations in fire or smoke barriers and in the wiring closet.
- Wall Penetrations
- Where penetrations are necessary, they shall be sleeved with metallic conduit and resealed with an Underwriter Laboratories (UL) approved sealant.
- Provide three sided pre-finished metal hood and seal to wall where conduit penetrates exterior wall.
- Install new conduit on portable pipe supports – (low profile type), as manufactured by Portable Pipe Hangers or Advanced Support Products. Provide roof protection pads under each support. Coordinate location and routing with design engineer prior to rough-in or installation of system.
- General
- Containers
[SPECIFIER NOTE: Modify or delete the following subparagraphs to fit the Project.]- All cabinets, boxes, and similar enclosures containing security system components and/or cabling, which may easily be accessible to employees or to the public, shall be provided with a lock. Boxes above ceiling level in occupied areas of the building shall not be considered to be accessible.
- All junction boxes and small device enclosures below ceiling level, and easily accessible to employees or the public, shall be covered with a suitable cover plate and secured with tamper proof screws.
- Card Readers
- Wire the card reader’s multi‐color LED to indicate the following status of the door.
- Red status indicates the door is secure (locked).
- Green status indicates the door is unsecured (unlocked).
- Yellow status indicates the card reader is not functioning (off‐line/trouble), is processing a read request, or has denied access.
- Wire the card reader’s tamper to spare input on the Controller and jumper ground wire from door contact to provide normally closed circuit.
- The card reader to produce an audible beep tone to indicate to the user:
- The card was read and/or access was denied.
- Door is being held open and needs to be closed.
- Wire the card reader’s multi‐color LED to indicate the following status of the door.
- Door Hardware
- Setup and conduct a door hardware coordination meeting.
- Coordinate the installation and termination of the security cable with the installation of the electric door hardware.
- Terminate wires to delayed egress devices for monitoring activation of delayed egress by the HSMS.
- Configure electrically controlled locks and strikes to automatically unlock the door upon activation of Fire/Life‐Safety system.
- Connect Lock Power Supply fire alarm output relay to Access Control Alarm Input.
- Program HSMS to generate alarm when the FACP has triggered causing the doors to become unlocked.
- Connect Lock Power Supply AC and Battery supervisory outputs to PACS Alarm Inputs.
- Program HSMS to generate separate alerts conditions for:
- AC Power to Lock Power Supply has failed.
- Battery backup indicates a fault.
- Program HSMS to generate separate alerts conditions for:
- Provide and install a tamper switch on door hardware power supply enclosure and connect to PACS Alarm Input.
- Program HSMS to report a trouble condition when the enclosure door is open.
- Door Contacts
- Wire door contacts to PACS Alarm Input.
- Program HSMS to monitor door input.
- Wire door contacts to PACS Alarm Input.
- General
-
Repair / Restoration
3.04. REPAIR/RESTORATION- [Describe how existing work is to be repaired, restored and cleaned.]
-
Re-Installation
3.05. RE-INSTALLATION- [Describe the building-in, installation or re-installation of existing elements.]
-
Site Quality Control
3.06. SITE QUALITY CONTROL- Site Tests and Inspections
- Coordinate with Site Tests and Inspections defined in 28 10 00 PHYSICAL ACCESS CONTROL SYSTEM, Part 3, SITE QUALITY CONTROL.
- Non-Conforming Work
- Contractor must note any variants at the site and notify owner’s representative within three business days of anything that might affect the delivery date of the system or any trades associated with the functioning of the system.
[SPECIFIER NOTE: Retain paragraphs below to require a factory-authorized service representative to perform, or assist Contractor. Delete in its entirety to require only an inspection before field testing.]
- Contractor must note any variants at the site and notify owner’s representative within three business days of anything that might affect the delivery date of the system or any trades associated with the functioning of the system.
- Manufacturer Services
- Engage a member of the manufacturer’s engineering support team to inspect[, test, and adjust] field-assembled components and equipment installation, including connections[, and to assist in field testing, final testing]. Report results in writing.
- Engage a member of the manufacturer’s engineering support team for training.
- Site Tests and Inspections
-
Adjusting
3.7. ADJUSTING- Perform field software changes after the initial programming session to “fine tune inches operating parameters and sequence of operations based on any revisions to the Owner’s operating requirements.
- Security Hardening Procedures
- Installer/Factory User Accounts
- Remove all (default, installer, or temporary) user accounts and passwords used during installation that are not part of the End-user’s final operational requirements.
- User accounts that match factory defaults user accounts shall have new passwords assigned that are substantially different from factory default passwords.
- Installer/Factory User Accounts
-
Cleaning
3.08. CLEANING- Upon completion and verification of performance of installation, remove surplus materials, excess materials, rubbish, tools and equipment.
-
Closeout Activities
3.09. CLOSEOUT ACTIVITIES- Demonstration
- Refer to 28 10 00 PHYSICAL ACCESS CONTROL SYSTEM, Part 3, CLOSEOUT ACTIVITIES.
- Demonstrate operation of PACS secured doors.
- Demonstrate operation of PACS secured / controlled elevators.
- Training
- Refer to 28 10 00 PHYSICAL ACCESS CONTROL SYSTEM, Part 3, CLOSEOUT ACTIVITIES.
- License Assignment
- Software, hardware, firmware, operational or administrative licenses necessary for to operate or administer the devices shall be registered to the Owner.
- Deliver to the Owner’s Representative proof of license registration from the product manufacturer.
- Demonstration
-
Protection
3.10. PROTECTION- Maintain strict security during the installation of equipment and software. Rooms housing accessible equipment and workstations that have been powered up shall be locked and secured during periods when a qualified operator in the employ of Contractor is not present.
- Protect installed work of other trades when working in the same location.
- Contractor is responsible for protecting all completed work prior to acceptance by owner.
[SPECIFIER NOTE: Owner may, at Owner's discretion, relieve the contractor from this burden. For example, if the site already has on-site officer guarding service.]
-
Maintenance
3.11. MAINTENANCE- Software and Firmware updates shall be delivered as part of the Warranty and Service Agreements.
END OF SECTION
#