Access Control Standards Revolution Now In Progress
Access control provides the ability
to control, monitor and restrict the movement of people, assets or vehicles,
in, out and round a building.
Access control is essential for all
businesses to protect people and assets and has the added benefit of being
expanded from controlling, for example, a single entrance door, to a large
integrated security network. There are also huge potentials in terms of
integrating other systems, such as Time and Attendance, Visitor Management,
ANPR, Fire, Intruder and CCTV.
Few specifications are seen more commonly in access control than UL 294.
However, aside from seeing it in print, very few understand what it means. In
this note, we break apart and define this spec, describing why it is a vital
part of many Access RFPs.
A Standard Defined
The scope of UL 294 covers three aspects of Access Control
systems:
- Construction
(Installation)
- Performance
- Operation
Essentially, the heart of UL 294 is a safety standard, where testing
proves that system components can be assembled and operate reliably without
hazard. In the case of access control, this is a step beyond just validating
devices will not catch fire or spark - it attests that the system will not harm
the safety or impede egress of those using the system.
In practical terms, this means doors will not accidentally stay locked
and keep people in harm's way even during a malfunction. The UL standard
subjects each labeled device to a range of testing designed to show the
equipment meet relevant code expectations from:
- NEC
(NFPA 99):
Requirements that each component will not create a hazard either during
(recommended) install or use (Sparking, Grounding)
- NFPA
72:
Fire Code compliance, assures that controllers include interfaces with
fire alarm/suppression systems
- NFPA
101:
System devices
A UL 294 mark is a 'extra step' the vendor has taken to 'prove' their
equipment is safe, and it stands as a 'mark of assurance' when included in
buying specifications that dubious equipment will not be purchased.
The Mark
While Underwriter's Laboratories offer a range of 'UL Symbols' that
can be interpreted to signify different standards. In the case of UL 294, the
mark looks like this:
The UL 'Security Mark' applies only to products such as intrusion
detectors, burglar alarms, access control, safes, and vaults.
Performance Tests
UL 294 includes several tests that evaluate how well devices withstand
damaging environments. Devices are subjected to atypical electrical,
environmental, and brute force situations, including:
- Variable
Voltage
- Variable
Ambients (Environment)
- Humidity
- Endurance
(Ruggedness)
- Transients
- Corrosion
- Standby
Power (Battery backup)
- Physical
Attack Toughness
Tests are performed individually and are not 'layered' or 'stacked'
simultaneously as might occur in the field. The exact methodology for each
test depends on the device being tested, but the resulting grade is given
in four levels of security performance with Level I (lowest level security
equipment) to Level IV (highest level security equipment).
Exclusions
However, not all parts and features of an Access platform fall under the
scope of UL 294. Two areas excluded from the scope include:
- Headend
Server/Database:
The scope reads "The accuracy of logged data is not evaluated by this
standard", and also "This standard does not apply to
supplementary computer equipment that is not necessary for operation of
the access control system..."
- Intrusion
Detection:
Again, the scope details "Where an access control equipment and/or
system incorporates the features and functions of a burglar alarm control
unit, the requirements of the Standard for Proprietary Burglar Alarm Units
and Systems, UL 1076, shall also apply"
This is important to note when careless specs are written that "All
Access Equipment shall be UL 294 Certified", because this is inherently
not possible. There will be major functional aspects outside the scope of the
standard.
Large System Adoption
Especially for larger systems, UL 294 is common, including devices
from: Mercury Security, C*Cure, S2, Maxxess, Sargent, etc.
However, certification is done on a component basis, and there may be
gaps in a brand's portfolio. If UL 294 compliance is required in a system,
every hardware component must be checked for conformity, as there is no
'system' certification.
Systems and platform intended for smaller deployments (<100 doors)
typically forego the certification, because it simply is not a purchasing
driver for many non-enterprise customers.
Prime Use
Regardless of the 'safety' overtures, like UL certification for
surveillance equipment, 294 is primarily used to exclude non-compliant systems
from specifications. UL 294 evaluation is not mandatory for Access Equipment,
and many vendors forego the cost of certification especially when their
offerings are not well suited for larger government, institutional, and
hospital verticals where 294 is commonly cited.
Likewise, while the mark's testing 'proves' that devices are safe, the
onus remains on the field technician to install them in the correct fashion to
indeed live up to the certification.
Remember once UL certification has void OEM is not responsible for any health & safety incident of your premises. UL certification void due to repairing through unauthorized service provider....etc.
Remember once UL certification has void OEM is not responsible for any health & safety incident of your premises. UL certification void due to repairing through unauthorized service provider....etc.
NFPA 101
While NFPA 101 is comprehensive, the most relevant passages for access
control include:
- NFPA
101: 'Electrically Controlled Egress Doors' (2012: 7.2.1.5.6; 2009:
7.2.1.5.5)
- NFPA
101: 'Releasing Devices' ( 2012: 7.2.1.5.10-12; 2009, 2006, 2003: 7.2.1.5.9
-7.2.1.5.11)
- NFPA
101: 'Access Controlled Egress Doors' (7.2.1.6.2)
Specifically, requirements like Access Control Request to Exit (RTE), Exit
Devices, and Delayed Egress foundationally conform to NFPA 101.
NFPA 72
In general, this code is the foundation of requirements that doors must
release when fire alarms or smoke detectors go into alarm.
NFPA 80
Specifically, this code examines Fire Doors and how they are properly
used for protection in a building. In many cases, these door types are also
slated to become access-controlled openings, and the 'Locks or Latches (6.4.4)'
section describes which modifications are permitted for access use without
voiding their fire door ratings.
IBC: International Building Code
The IBC, published by the International Code Council, is
essentially a guidebook for designing and engineering safe buildings.
If not observed directly as the authority, then whatever resulting codes
that do have authority take guidance from the source.
- · IBC: 'Door
Operations' (2012, 2009: 1008.1.9; 2006, 2003: 1008.1.8)
- · IBC: 'Sensor
Release of Electrically Locked Egress Doors' (2012:
1008.1.9.8; 2009: 1008.1.4.4; 2006, 2003: 1008.1.3.4)
- · IBC:
'Electromagnetically Locked Egress Doors' (2012: 1008.1.9.9;
2009: 1008.1.9.8)