Lesson 4.1: Controller Architecture

Back to: Advanced Physical Security Integration (APSI)

Lesson 4.1: Controller Architecture & Distributed Intelligence

Module: 4 – Access Control Systems (ACS) Prerequisites: Module 2 (Networking) Estimated Time: 45–60 Minutes

1. Learning Objectives

By the end of this lesson, you will be able to:

Define “Distributed Intelligence” and explain why it is critical for life safety and reliability.
Differentiate between an Intelligent Controller (Master) and an Interface Module (Slave/Sub-panel).
Identify the core ports on a controller board: Network, Reader, Input, and Output.
Critique “All-in-One” IP readers versus traditional panel-based architecture.

2. The Core Philosophy: Distributed Intelligence

In video surveillance, if the network dies, you lose the live view. In Access Control, if the network dies, people cannot get in or out. This is unacceptable.

Therefore, Access Control relies on Distributed Intelligence.

The Server: Used for administration (adding users, running reports).
The Controller: Used for operation.

How it works: Every time you click “Save” on the server, the software pushes a copy of the entire database (User 1234 = Access Granted) down to the Controller’s local memory chips.

Scenario: The server crashes, the network switch catches fire, and the internet goes down.
Result: You present your badge at the door. The Controller checks its local memory, sees you are authorized, and unlocks the door. It stores the event (“User 1234 Entered”) locally and uploads it to the server whenever the network comes back (days later).

3. Anatomy of the Hardware

In commercial systems (like Mercury Security, HID, Lenel), the hardware is split into two tiers.

A. The Intelligent Controller (The “Master”)

Function: The brain. It connects to the Network (IP Address) and holds the database.
Connectivity:
- Ethernet Port: Talks to the Server.
- Downstream Port (RS-485): Talks to the “Slave” boards.
Capacity: Can typically hold 250,000+ cardholders and manage up to 32 or 64 doors (via sub-panels).

B. The Interface Module (The “Slave” / Sub-panel)

Function: The muscle. It has no brain/database. It just relays signals.
Connectivity: Connects to the Master Controller via RS-485 (2-wire twisted pair).
Why split them?
- You put One Master in the IT room.
- You put Ten Slaves scattered around the building (in electric closets near the doors) to save on cabling labor.
- The Master tells the Slave: “Unlock Door 5.” The Slave obeys.

4. The Ports: What goes where?

When you look at a green circuit board, you will see four distinct types of screw terminals.

Reader Port:
- Power: +12V / GND (Red/Black).
- Data: D0/D1 (Green/White) for Wiegand, or A/B for OSDP.
- Function: Listens for the badge number.
Input (Digital Input):
- Function: Monitors the state of a sensor (Open or Closed).
- Devices: Door Contact (DPS), Request to Exit (REX) button, Motion Sensor.
Output (Relay):
- Function: Switches high current to power devices.
- Devices: Maglock, Electric Strike, Siren, Strobe Light.
- Type: Usually “Form C” (Common, Normally Open, Normally Closed).
Tamper:
- Function: A special input connected to a spring inside the metal enclosure. If someone opens the box, it triggers a “Tamper Alarm.”

5. Architecture Types: Panel vs. IP Edge

Traditional Panel-Based (The Standard)

Setup: All wires (Reader, Lock, DPS, REX) run back to a central metal can in the electrical closet.
Pros: Secure (wires are hidden), Easy to service (everything is in one room), Battery backup is centralized.
Cons: Expensive cabling (lots of “Home Runs”).

IP Edge (The “All-in-One”)

Setup: The controller is shrunken down and stuffed inside the card reader itself. You plug a generic Cat6 cable into the reader.
Pros: Very easy to install (just one cable).
Cons (The Security Risk):
- The network cable is outside the wall.
- If a hacker unscrews the reader, they can unplug the Cat6 cable and plug it into their laptop. They are now on your corporate network.
- Verdict: Great for a single closet door, terrible for a high-security bank exterior.