How a Standard Interface Improves Intelligent Building Management using Anonymized Data

A white paper for corporate security system integrators.

Mohammad Soleimani,
CTO Kastle Systems and Chairman PSIA
August 2016

This white paper presents the use-case and solution for corporations that are integrating intelligent building management systems (BMS’s) and physical access control systems (PACS’s) in a standardized method for improved energy consumption and operational building control. The integration of PACS with BMS enables companies to continue to drive better energy efficiency and lower their operational costs while maintaining comfortable and secure environments. One or multiple PACS’s are often installed to provide critical security measures across the building’s footprint. Additionally, state-of-the-art BMS’s aim to provide many ecofriendly advantages, including but not limited to:

  • Providing timely lighting based on occupancy.
  • Regulating room temperatures to ensure a pleasant working environment while maintaining energy efficiency.

With these building controls, companies may be eligible to receive credits as offered by local
utility companies.

While a BMS provides many facility improvements, without an integration with PACS’s these systems are constrained by pre-defined schedules. Because schedules are predictive in nature, they cannot react in real-time to unforeseen events that may cause schedule disruptions. The integration of BMS’s with PACS’s improves upon the benefits attained with smart buildings to reap even greater rewards. Doing so offers fine-tuning where building control is limited to rigid processes and settings. This integration also makes it possible to leverage the capabilities of today’s sophisticated HVAC systems and realize higher energy efficiencies by basing settings and controls on a real-time occupancy count.

To meet this need with plug-and-play usability and ease, the Physical Security Interoperability Alliance (PSIA) provides a standard interface that enables passing of anonymized location data between the BMS and PACS’s: the Physical-Logical Access Interoperability (PLAI) specification. This paper describes the PLAI solution and its application and benefits in BMS PACS environments. It also presents how one client is implementing PLAI to use the anonymized location data over an event stream and perform functions without unnecessary exposure of personally identifiable information (PII).

State-of-the-Industry Shortcomings
Across various industries, environmentally friendly alternatives are raising the standards to promote a healthy ecosystem now and for future generations. In support of this vital trend, businesses around the globe are implementing building management solutions that promote energy conservation, reduce operational processes, and increase ROI of systems throughout their lifecycle. Intelligent BMS’s are enabling corporations to provide optimal working environments with a green status; however, limited by schedules and primitive occupancy sensors, these building control processes do not maximize the full potential of modern, variable-speed HVAC systems and they are not fine-tunable based on facility occupancy.

Moreover, because of their predictive nature, building management solutions cannot adjust configurations on-the-fly in response to real-time events. For instance, these events may be
inclement weather days that prevent a large part of the workforce from coming into the office, or cases where a tenant event either takes significant workforce away from the building, or brings additional workforce into the building at unexpected times and without prior notification to the building management staff.

In these scenarios and other similar situations, smart building management is improved through the sharing of anonymized location data as obtained by the PACS’s using the PLAI standard interface.

PLAI Improves BMS Operations
Figure 1 shows how PLAI is implemented in a BMS-PACS environment to support the sharing of anonymized location data over a REpresentational State Transfer (REST) application program interface (API). This credential read stream identifies:

  • The location of a card-read associated with an individual (an attribute from Lightweight Directory Access Protocol [LDAP] or managed in the PACS).
  • The zone that the person belongs to (such as building suite and floor numbers as data elements).

For example, an event stream for a person entering through a garage would include his/her access at the garage or turnstile entrance, as well as that person’s usual place of work within the building. With both card-read and zone information, an intelligent BMS can keep track of a person going to a particular location even if the PACS at the tenant suite is not providing that data.

In this scenario:

  • The PACS’s (REST servers) pass anonymized data over the PLAI event stream as requested via HTTPS GETs from the BMS client. With the content type multipart-mixed, multiple events can stream in one transaction, limiting the HTTPS overhead involved while still leveraging standard HTTPS protocols.
  • The BMS (REST client), performs HTTPS GETs and then executes its functions based on occupancy without unnecessary exposure of PII.


With this integration solution, a real-time, continuous occupancy count offers greater efficiencies for modern, variable-speed HVAC systems and allows for impromptu, finer control in comparison to current occupancy sensors. In cases of unscheduled events that significantly impact the number of workforce present in the building, anonymized location data allows for HVAC and lighting adjustments to be made as the need arises, in real time.

PLAI makes it possible to integrate BMS’s and PACS’s over a well-defined HTTPS REST API and is adaptable when having to add or replace one or more of these systems. This standard interface is built with extensibility in mind, which makes not only adding features into the specification relatively easy, but also makes it so that users can customize and extend the features of PLAI if necessary.

Solution Benefits
In BMS-PACS environments, PLAI offers benefits such as:

  • Clearly-defined specifications for security device communications, which offers significant cost savings on API development and potentially more resources for the development of new features and enhancements.
  • Plug-and-play integration, which delivers a streamlined solution in lieu of costly and labor-intensive custom code and scripts.
  • Common-event language interoperability, which provides a unified view of security data and the ability to trigger automated responses or alerts in other systems.
  • Backwards compatibility, which ensures scalability with compliant devices regardless of version level.
  • Robust specifications, which support operating system or application software upgrades with transparency and eliminate custom interface maintenance expenses.1

Application Example
More than 65 physical security manufacturers and systems integrators have been involved in advancing standards through the PSIA. Most of the leading access control companies are engaged in the development of the PLAI specification. Their focus is on promoting interoperability of IP-enabled security devices and systems and developing open specifications pertaining to networked physical security technology.2

PLAI has been demonstrated at ISC West (April 2016) and extensions to the specification are continually being evaluated within the PSIA PLAI Working Group to enhance its functionality. Other vendors actively involved in the development of PLAI include Tyco, Lenel, Honeywell, Kastle Systems, Stanley Security, and Gallagher.

A global leader in building automation platforms, Tridium is implementing PLAI for the purpose of smart building management, such as regulating HVAC and lighting controls, based on occupancy. To perform these functions, Tridium only requires a real-time, continuous occupancy count. This integration approach limits unnecessary exposure of PII since biographic information pertaining to individuals is not needed.

In Tridium’s application, anonymized location data is received over the PLAI event stream and consumed for dynamic building management. PLAI events are converted by Tridium to Building Automation Control network (BACnet) calls – data communication protocol known as ANSI/ASHRAE standard 135-2008 and ISO 16484-53. These calls in turn, readjust the thermostat settings and lighting settings as appropriate. The PLAI approach in this scenario allows temperatures to be lowered as people enter a room and raised as they exit, and provides for overall superior intelligent building management.
The Tridium PLAI application will be demonstrated at the ASIS 2016.

As enterprises continue to seek ways of conserving energy, gaining operational efficiency, and ensuring security, many corporations are deploying various systems to help achieve these goals. Intelligent BMS are making it possible to control settings for HVAC and lighting in order to maintain comfortable working conditions and increase the ROI of systems; PACS’s are providing the necessary building, employee, and resource protection throughout the facility or even across multiple locations.

Where there is a need for disparate systems to work together for the sharing of data, PLAI offers a quick, cost-efficient, and scalable approach. In the case of sharing anonymized location data between a BMS and PACS for the purpose of improved intelligent building control, the PLAI event stream allows this data to be consumed without unnecessary exposure of PII. This solution on actual facility occupancy.
With PLAI, a flexible BMS-PACS system integration is possible. The PLAI solution offers all the benefits of a standards-based interface and is suitable for the integration needs of today and easily scalable to meet future needs as directed by growth and change.

To become a PSIA member, or for PLAI specification details and other documentation to help meet your integration needs, please visit the PSIA website:

Stay informed.
Subscribe to our updates.

Stay updated on the latest security trends and technology, including our KastleWatch newsletter, news, virtual events, and promotions.