Every organisation, regardless of the field of activity in which it operates, needs state-of-the-art control and security systems. The environments in which these systems are located are called Control Rooms. But what really is a Control Room and what distinguishes it from an Operations Room? What are the technological elements that make it up? What are the advantages for the resources assigned to the role of operator?
We will try to answer these questions in the following paragraphs.
A Control Room for the systematic monitoring of technological infrastructures
The fundamental function of a Control Room is the systematic monitoring of the organisation's technological infrastructure. This activity is linked to the timely analysis of data coming from the field. The ultimate objective is to guarantee the operational continuity of the installations, simplifying and accelerating the decision-making process of the operators employed there.
While the function of control rooms has been unchanged over the years, the same has not been true for operational ecosystems, which have evolved in terms of:
Definition of criticality attributed to events by organisations. The view currently taken by organisations regarding the level of criticality associated with events that may affect them, directly or indirectly, no longer concerns only the organisation itself, but also expands outwards. In fact, the greatest attention is now paid both to what happens within the physical perimeter of an establishment and to other possible sources, including social media.
Amount of information available for monitoring and processing. The exponential increase in the number and heterogeneity of intercepted data is leading to an ever-increasing need for IT tools capable of better organising the sources they come from to be able to use them efficiently and effectively within the organisation's security processes. The term “awareness capability” refers to the ability to orchestrate data and their sources with the aim of providing added value in the aggregation, correlation and presentation of all that information that is preparatory to the activation of decision-making processes and the resolution of incidents.
Investing in technology to ensure Operational & Business Continuity
In the past, Control Room IT solutions used proprietary hardware, which was particularly expensive and sometimes required cumbersome configurations and additional training to ensure proper operation and maintenance. Today, the availability of the latest generation information technology makes everything simpler and more usable, especially through the web, emphasising mobility and virtual communication and allowing organisations to deploy control infrastructure easily, quickly and at a much more sustainable cost.
Furthermore, whereas until recently it was unthinkable to undertake a decision-making process “outside” the Control Room, today operators can use the same applications installed at the centre in extended mode, directly exploiting the mobile devices provided (Smartphone and Tablet) to contribute in real time to maintaining the operational continuity of the monitored infrastructure. Particular application extensions can be used in non-specifically operational environments to present data and information more oriented to business continuity.
Control Room Design Guidelines
For the effective and efficient design of a Control Room, it is necessary to ensure that certain basic rules are respected:
Always locate monitoring rooms within the building, following the “last compromised environment” criteria. In other words, the monitoring room should have the highest level of resilience allowed by the specific structural context. Let's imagine, for example, an area subject to flooding: the Control Room and its equipment should always be located on the highest floor of a structure in order not to be immediately damaged.
Equipping the Control Room with special communication vectors, specially implemented to function even when the building's traditional telephone systems are not operational, as well as a public address system to alert the operators.
Making work easier for maintenance and rescue workers. In order to facilitate operations during an emergency or technical intervention, it is necessary to install a notice board (also mechatronic) inside the control room that allows maintenance and rescue workers to promptly locate and retrieve the keys to any external and internal access point.
Planning actions to overcome an emergency. In a facility with lifts, the Control Room must contain manual lift override equipment, to be operated only in the event of an emergency (for example, in the event of a power failure), and include interoperability mechanisms between security systems (for example, allowing operators to unlock all building doors to facilitate a rapid evacuation of the facilities).
Implementation of a Control Room
There are different application “declinations” of a Control Room, dictated mainly by the type of infrastructure consistency possessed by the organisation. A particular importance is attached to the:
SOC (Security Operations Centre) is a vertical implementation of infrastructure monitoring environments that employs people, processes and technology to continuously ensure the level of IT security through prevention, detection, analysis and incident response. A SOC typically acts as a hub, receiving the logs generated by an organisation's IT infrastructure, regardless of the location of the resources. In essence, such a hub is the correlation point for each recorded event of the elements being monitored. For each of these events, the SOC can apply a decision in terms of management and action. Next to the SOC for cyber security, there is the similar verticalization dedicated to physical security. In this case, the threats are obviously not cyber, but physical, and monitoring takes place with a view to protecting the organisation's assets of people and property.
NOC (Network Operations Centre) is more oriented towards the management of the organisation's networking issues, relating to the supervision, monitoring and management of active network equipment, servers, databases, firewalls, devices, and external services.
PSIM (Physical Security Information Management) platforms are strongly evolving towards the aggregation of SOC and NOC functions in a single Control Room solution. The future of supervision will increasingly hinge on the use of IT solutions capable of integrating, aggregating, and correlating SOC and NOC functions through a single IT tool capable of processing, in real time, inhomogeneous events such as IT and physical security, automation, networking, safety, etc.
Asset Management and EMS: extending the monitoring and control infrastructure
The extension of a Control Room can be realised through the integration of two modules:
Asset Management: this is a crucial issue for those responsible for the operation and maintenance of plants because, today, it is unthinkable to conduct any type of operation without accurate process control, for both economic and qualitative reasons. The value of plants, an organisation's assets, is strongly influenced by investments in process control. Therefore, in addition to monitoring, it becomes strategic to track plant activities to perform better maintenance, reducing costs and improving plant availability: this is the fundamental objective of this system. Not to be confused with the financial administration of a company, Asset Management can be considered as a natural extension of the Control Room to increase the efficiency of the management of technological installations in consistency. The fundamental objective is to access information on the equipment throughout its entire life cycle, always having the activity of the instruments under control, intelligently scheduling maintenance and saving on management costs: this, basically, is the goal of such a system.
Event Management System (EMS). A further IT tool to support the Control Room is undoubtedly the EMS, a reference solution also for corporate security. An enabler of continuous, contextual, timely and efficient decision support, this application extension helps operational managers to highlight areas where action is needed through a progressive logic of corrective or improvement interventions. The EMS is increasingly at the heart of the governance of a complex organisation's critical infrastructure. The aim of this solution is the centralised collection and recording of events generated by networked applications and systems and, thanks to Machine Learning, the correlation and monitoring of events can be enhanced, enabling evolved security intelligence procedures with a view to efficiently and effectively supporting the operator in increasingly articulated and complex decision-making processes. The key principle of the EMS is to implement more advanced monitoring, based on the ability to aggregate significant data from multiple sources, establishing real-time analyses and correlations aimed at identifying anomalous behaviour or critical signals and generating alerts, meeting the needs of incident response, regulatory compliance and forensic analysis. The very nature of the technology entails continuous adaptation according to the ongoing security assessments carried out by CSOs, together with all relevant regulatory adjustments. At a basic level, the operating principle of an EMS solution is based on a set of procedures (defined by the manufacturer and/or operational managers) that are manually or automatically correlated according to the event log.
Operations room: from organisation to technological architecture
We have briefly “explored” the universe of Control Rooms. But what are the differences with the Operations Room?
The Operations Room is an infrastructure dedicated to the management of territorial emergencies, designed to respond to individual rescue requests. This service is provided through dedicated technological platforms, operating according to shared protocols to standardise and guarantee the quality of rescue on a daily basis, without interruptions. The Operations Room for the management of health emergencies has the important task of:
receive out-of-hospital rescue requests from the population in their area of competence
coordinating the most suitable means of dispatch to the scene
provide approximation instructions to the patient or bystanders
manage the destination of the vehicle with possible alerting of the receiving facility.
This requires that Operations Rooms must have dedicated communication systems, radio and telephone, which are indispensable for uninterrupted rescue management. Such an infrastructure is active 24 hours a day to ensure the coordination of all interventions, from the moment of the event to the activation of the hospital response. It guarantees the transport of the patient to the nearest and/or most suitable hospital for the management of the pathology.
From the point of view of the architecture of the supporting IT solutions, in an Operations Room:
the EMS module is, by definition, "merged" within the solution itself, whereas it is not mandatory in a Control Room.
the ASSET module can be seen as "optional", as for the Control Room. Consider the management of the equipment fleet in the case of the Control Room and of the emergency or intervention vehicle fleet for the Operations Room.
Control Room and Operations Room: why are they different?
Given these introductory concepts, it is evident that the fundamental difference between a Control Room and an Operations Room lies in the fact that the former is oriented towards the continuous, active and passive monitoring of the technological infrastructures of a public or private organisation, while the latter is dedicated to the management of rescue requests from the population, within a specific territorial basin. Basically, in the first case the target is generically the facility, in the second the human being.