Mystique can be a great advantage in lots of professions. For example, movie stars seem more exotic and interesting the less we know about them. The attraction of traveling to distant countries and strange cultures is also boosted by the desire to see something obscure.
But I’m not sure mystique is a good thing when it comes to security systems, and that’s one of the problems I see with BRS Labs. They have generated market interest by their amazing claims, but there is very little known about their technology. That may be their biggest advantage – at least for creating marketing buzz – but it raises quite a few concerns when it comes to actually using their systems for security.
Let’s take their central claim that they can detect out of the ordinary behaviors without any rules being set up or configured. It automatically observes the area, learning what is typical. Then it alerts you when something happens that is abnormal.
It’s a truly fascinating marketing concept. Who wouldn’t want a system that you could just plug in and was smart enough to know when a potential threat was occurring – even warning you about things you would not have thought about before. At first it seems like the perfect answer to security.
However, the more I think about it, the more concerned I get. The problem is that we don’t know what it is going to detect or why, and we don’t know what it might miss that could be important. In other words, it is mysterious about how it works.
How do you know how effective the system will be unless you know what it is detecting and how it works? How do you know it is going to catch real threats that matter to you, if you don’t know its enigmatic methods of detection?
Being curious, I decided to do some research. I tracked down the first patents that BRS Labs filed to get a better idea of what was under the hood. And just like in the Wizard of Oz, once I pulled back the curtains and understood what they were doing, it lost a lot of its mystique.
The most important thing I learned: Their system isn’t smart enough to work without rules. Their system requires rules just like all analytics systems. The big difference is that they simply aren’t telling you what those rules are that the system is using. It can’t detect anything out of the ordinary, it can only detect the types of things they program it to look for. How can you ever judge how well the system is going to work unless they tell you what those rules are?
From what folks at BRS have said, their system watches where objects enter the field of view and where they go in the scene, including their direction of travel. I believe they also detect where objects stop and about how fast they move. They probably distinguish people from vehicles and seem to be able to filter out ordinary background movement. This is actually all stuff we do as well, as do many other analytics systems.
What is different, is that they monitor these specific activities over time, and if some pattern of actions happens that is different from previous activities, they consider that a potential threat. In other words, if a car parks in an area where the system hasn’t seen a parked car before, it generates an alert. It will do this whether you care about that or not. If you get the alarm and don’t care about it, then you can tell the system to stop sending alarms like that.
But here’s the problem: when you are telling it you don’t care about that kind of alarm, you can never be sure what you are saying you don’t care about. You might think you are telling the system that you don’t care about someone parking in that spot, but in fact it might have alarmed because it was a truck and it had never seen a truck in the scene before, or the truck might have taken a different path than usual. You are telling the system to stop sending those alarms, but you don’t even know what it is you are turning off – because you don’t know the rules it was using in the first place. So, you might be making the system worse.
You might think, then, that you should not tell it to stop sending alarms, but the system needs you to, because when the system starts up, it generates large quantities of alarms, because lots of things look abnormal at first. The false alarm rate would never be manageable if you didn’t teach it what was not important. This process takes weeks of training, from what I’ve heard.
If you were trying to protect a high risk facility, such as a nuclear power plant or a place were dangerous chemicals were stored, how secure would you feel if you never knew what your system was detecting and what it was ignoring? And how secure you would feel if you told the system something was unimportant, but you didn’t know exactly what you were turning off?
If I want to detect someone in an area that is off-limits at night, with a rules based system you define the detection you want, and you can easily measure if it is missing real threats or sending you false alarms. But how do you measure or judge the accuracy of a system when you have no idea what it is detecting or avoiding? I don’t think this is a place for mystique. I think this is a place where we need to know what the system is doing. Otherwise, how can we ever know if it was going to provide the kind of protection we need?
That’s the first big problem that concerns me about this idea. However, as I thought about it, another problem became clear as well. This is something that is important in security: How easily could someone defeat your system? In this case, it becomes clear that if you do something repeatedly, the system is going to start ignoring it, because it is no longer abnormal. So, if someone wants to defeat the system, they just need to do something over and over again, and they can be sure the system will stop alerting on that behavior.
For example, you might want to be warned whenever a car enters a parking lot at night. Well, if a smart terrorist or criminal knew you had one of those mysterious behavioral detection systems, they would simply make a habit of driving into the parking lot and turning around and driving out. The first few times it would generate an alarm and anyone looking at the video would probably think a person just came in by mistake and left. But even if you wanted to keep an eye on such behaviors because it could potentially be a problem, you would not be able to, because the system would start ignoring it once it happened often enough.
Hopefully BRS has a way for the user to tell the system that although an alert was not important, that it still wants to keep seeing them – and not to start ignoring those kinds of things. But the problem is that you don’t know exactly why it generated the alarm, and so you don’t know what it is you are asking for more of, or saying you don’t want to see any more.
The BRS LabsĀ systems would be a lot more useful if they told everyone exactly what their rules are for detection. However, this would probably rob them of the great mystique their system has, which has certainly created a lot of good marketing for them.
Mystery is a great attractor. But when it comes to security, I think we need to know how a product works before designing it into a system. Spice is nice, but it doesn’t make a good main course.
February 7, 2010 at 12:05 am
So in summary, you’re personally not comfortable with their product because the company has selected not to share their IP secrets with the general public or competitors. Did it really require nearly 20 paragraphs (saying the same thing over and over) to convey such a simplistic point? Maybe BRS Labs should be more forthcoming with info, but in your case, less would’ve been so much more.
February 7, 2010 at 6:18 pm
GSteen: Unfortunately, what you wrote was not a good summary.
The problem is not with the sharing of intellectual property.
To keep it short: It has to do with controlling your security protection.
Rule based analytics, which they claim are inferior, let you set up exactly what you want to detect and when to alert you. Their system also has rules, but they don’t tell you what they are and only they can control them.
Its like having a car with no means of control except a “right” and “wrong” button. It might be great to show off how incredibly smart the car is – but as soon as you want to go someplace, most people are going to want their gas pedal, steering wheel and brakes back, so they can drive the car, instead of just going wherever it takes them.
That’s a real short summary. But understanding the reason this is such a problem is what needed the explanation.
Thanks.
Doug.
February 7, 2010 at 8:56 pm
I think GSteen, is right ’bout the write up. To extend it even Doug’s response is long and winding.
thanks,
kirthi
February 9, 2010 at 12:16 pm
I disagree with the two negative reviews. There was much more than one point to the review. Personally, I would think that if something is “abnormal” it probably would be less risky not more risky. Bad guys try to blend in not stand out. I never thought about bad guys gaming the system as Doug points out so that’s a good point too.
February 10, 2010 at 5:09 pm
Kirthi,
Anyone looking for short tweets should consider dropping this blog. I know quite a number of people are connecting to my blog through Twitter, so this might be the issue here. Short comments are best for Twitter.
My blog is about providing in-depth comments, showing why things work or don’t work in the world of video security, and I try to explain it as clearly as possible. I also try to talk about things I haven’t heard mentioned anywhere else before.
I always appreciate the feedback, however.
Thanks.
Doug.
February 10, 2010 at 5:12 pm
Tom,
Thanks for the comments.
Also, thanks for the point about how bad guys try to blend in. An “abnormal” detector is not going to do well catching them.
Great point.
Thanks.
Doug.
February 16, 2010 at 6:54 pm
Doug, thanks for the concise follow-up and I apologize if I came across as snippy. Without intending to sound pro-BRS Labs, it’s difficult to understand how anyone can provide an objective viewpoint on them when the information at present is so limited. I’d argue that currently it is too early to lean one way or the other, but will continue to follow your tweets when more data is eventually made available. – gs
February 19, 2010 at 8:14 pm
GS,
I agree that there is a real lack of information about their technology and this is probably a much bigger problem for potential customers than I was addressing.
Thanks.
Doug.
May 20, 2010 at 10:03 am
It sounds to me like none of you have actually talked to the folks at BRS Labs &/or seen a demo. They do have rules that can be applied and are definable by the user. Your concerns regarding bad guys trying to fit in and what if the system misses something you thought was important are valid, and challenges for the analytic industry engineers to overcome, but in the meantime – it’s unrealistic to think a human security agent is going to watch 100 cameras and know whats going on in each one of them all the time so….whether its rules based or a combination of behavior & rules based – analytic systems like BRS Labs serve a valuable role. I would recommend each of you call BRS Labs and request a demonstration and in depth conversation about their products. Everybody thought the idea of recording video at 30fps in high resolution and storing it for a year for a reasonable cost was a crock….10years ago! Don’t close your minds to what the future holds for our industry. BRS may not be the ultimate answer but for right now, they’re the only ones I’ve found who are doing it differently and that should be of interest to all security professionals. If any of you can direct me to other manufacturers doing video analytics in a similar way I would be very interested in the referral.
May 20, 2010 at 1:00 pm
Meghan,
Thank you for posting. I like seeing a wide range of responses.
I wanted to let you know that BRS Labs has been difficult to get information from. John Honovich, who reviews IP video products for the industry, has been trying to get a unit from them to test for over a year now, but they refuse to let him try it out. They might have very good reasons for refusing, but this makes it more difficult to find out real information. So, I appreciate what you have let us know.
But I also wanted to let you know that just a week ago I came from a university who was testing the BRS Labs system. They were testing their system side-by-side with our video analytics. So I got to see that they have added rules to their new software, as you said. They didn’t have it originally, but their system has it now.
That’s the right move for them.
I see that they also added the ability to let a user decide when they want to continue seeing an alarm, even if it becomes “normal”. So, they’ve addressed two of the concerns I’ve raised. And now their system is starting to act more like other rules based systems, which as I’ve said makes sense.
By the way, the university who was running their tests were extremely happy with our results. They couldn’t believe how much simpler our system was to set up and that it was working accurately within minutes, without any calibration or tuning.
The BRS Labs takes weeks or longer to learn the environment, while ours does it in a few minutes. Even after weeks, they seem to have far more false alarms than our system, according to the university. When I was there, the person in charge of testing showed me how a beam of sunlight was causing a false alarm for the BRS Labs system. Apparently it thought the beam of light was baggage left behind.
When you ask for other companies doing analytics in a similar way, can you explain what it is you are looking for?
Or, feel free to write to me privately, if you prefer.
Thanks again for posting and sharing your perspective and the information you have about BRS Labs. It is appreciated.
May 20, 2010 at 2:36 pm
Hmmm…I haven’t had any trouble getting information from them so far? We are still in the exploratory process and have not actually seen or been involved with a live install. I am aware that the set up process is longer than with traditional rules based analytics and as I understand it, the “set up” or learning process of their system is ongoing so false alarms can be expected periodically if patterns change like with seasons changing the angle of sun, more rain, snow etc. So initially they would see those things as an anomaly and throw an alarm until a pattern establishes so I can see where that might seem to result in a higher FAR than a rules based system. I think its such a different approach to analytics that the “sell” has to be different. FAR, as we’ve always known it, doesn’t necessarily apply to an intelligence based system and customer expectations need to be massaged to understand the differences in the technologies. The other thing to keep in mind is that the BRS solution is quite a bit more expensive than traditional rules based solutions so I wouldn’t use it in EVERY application for analytics. If all you need to know is did someone cross over that fence – BRS may not be the right system because rules based systems do that very well and currently, more cost effectively. I think a combination of the two types of analytics may be useful for most customers. I am familiar with John Honovich’s site and we are a Corp Member. His reports are great and give us good input when we’re researching a technology. Some of the issues he raises are concerns we’ll be addressing with our conference call next week. At this point, we have several gov’t customers who have an interest in analytics and the behavior based system BRS Labs has is of interest to them so any other “behavior” based systems are what I’m interested in looking at. I’m pretty familiar with the rules based technology already.
October 3, 2010 at 1:01 pm
Security industry must be behind the times. Your average stats/AI graduate student can craete a Neural Net model these days. Lots of algor. out there.
October 15, 2010 at 6:33 pm
Obviously Boeing and SAIC are OK with the BRS technology. Any follow up comments?
October 18, 2010 at 12:07 pm
Tom – can you explain what you said in English for me? At the risk of sharing my ignorance, I don’t know what a Neutral Net model is or how it applies to the subject of analytics? Are you saying there are other manufacturers out there doing analytics the way BRS is doing it? If so, can you direct me to them?
October 29, 2010 at 2:29 pm
Meghan,
I too was wondering if Tom would explain what he meant further. What I believe he is saying is that there are lots of algorithms known by computer vision scientists. Therefore, being able to develop systems that can track normal behaviors can easily be developed. Neural networking methods make this simple.
That’s one of the biggest problems I’ve seen in the field of video analytics: It looks like it should be easy to do. This is exactly why we’ve seen dozens of companies springing up with solutions. Unfortunately, their incredibly bad performance has created a black eye for the industry. They run into far more problems in the real world than they expected.
To provide reliable detection is far more complex than it seems.
A recent dialogue with John Honovich, who has been testing numerous video analytics systems, raised his concern that out of the multiple dozens of solutions on the market, he was coming to the conclusion that perhaps only 3-4 at best were usable. That’s the problem that you get when it looks easier than it is.
The solution, of course, is to work with what does work, and run your own tests to verify the performance you need.
Thanks.
Doug.
October 29, 2010 at 2:45 pm
Mike,
I hear that BRS has sold a few systems, and I’ve spoken to a number of companies who have tested it. But I have only spoken to one company who felt it was useful. They liked the idea that it would detect things they would not have thought to look for. So, they were using our video analytics for the areas they knew what they wanted to detect, and BRS for unexpected detections.
They admitted that BRS generated lots of false alarms, but since their security operators were sitting there looking at cameras anyway, it was not a big problem for them to be getting alerted to false events. Most of the time they were not looking at real problems, so they could afford to look as possible events that didn’t pan out. However, most applications don’t have the luxury of being able to put up with lots of false alarms, but I’m sure there are some where this would be a good fit.
The fact that Boeing and SAIC are testing or have tried BRS is a long way from saying they have adopted them as a standard solution and are widely deploying them in high volume. Lots of companies publish when a big name tries their product and treats it as if this is an accomplishment. But the real test is follow-on orders and wide-scale deployment.
The last numbers I saw suggested very limited sales by BRS. See John Honovich’s web site and news he has dug up. If you have information that you could share that suggests otherwise, I’d be interested in hearing.
Doug.
November 9, 2010 at 7:42 pm
My main point was that I’m surprised at how seemingly behind the times video analytics are. Building models using AI (artificial intelligence-neural nets being one area) is not new. I’m not making any comments about how well they work in this case just that if it does work and a good idea then copying the idea should be relatively simple. I’m no lawyer with a speciality in patent law but there are many algorithms that could be used for this purpose. I don’t know anything specificially about BRS so can’t make any judgements on that front.
November 10, 2010 at 12:44 pm
Thanks for your comments Doug & Tom. At this point, the feedback I’m getting is that folks like BRS, as well as, the other manufacturers with higher level analytics HOWEVER, they can’t see the justification of cost when a standard DVR/NVR gives them so much analytic capability as part of the basic system. Not many are even using analytics and those that are, just use basic motion detection so asking them to pay an addition $1 – $3k per camera just doesn’t compute. Are you seeing same?
November 15, 2010 at 9:19 pm
Tom,
Thanks for the explanation. I think there may be some confusion here. BRS Labs has not introduced artificial intelligence or neural nets to video analytics. If they were the first to use these, then I would agree completely with your points.
Both artificial intelligence and neural net techniques have been used from the first video analytics systems introduced to the security industry about 10 years ago. All the advanced video analytics systems use some form of both of these in their systems.
Our VideoIQ has been using an advanced artificial intelligence approach that allows for advanced self-learning, which improves its accuracy and ease of use. This was included in the first VideoIQ products introduced in 2003.
Hopefully, that clears up this confusion.
As for patent coverage, you can get a patent on even old ideas and techniques if applied in new ways for specific new solutions. These are sometimes narrow patents, since they can’t be applied outside the narrow application, but they are still valid patents.
Thanks.
Doug.
November 15, 2010 at 9:32 pm
Meghan,
I think there is a small market for high end analytics, where those kinds of prices can be justified. Analytics can be so valuable in some cases that users can afford to fly in factory engineers to install the systems, and they are willing to pay thousands of dollars more per channel.
But it’s a small market. That’s why Vidient just went out of business.
Our approach at VideoIQ has always been the opposite approach. We believe that where this is all going is to have IP cameras with video analytics built in for about the same price.
So, that’s the approach we’ve taken, since we can offer that today. The market is much bigger for those who would like to use video analytics if the price was about the same.
To make analytics a part of mainstream use, you need very easy to use systems, that are as easy to install as traditional IP video systems. We believe our products are the only ones close to being that easy to use, and also provide high quality detection.
In fact, we outperform even the expensive systems in accuracy, and many customers have confirmed this.
So, I agree with your point, except on one thing. Motion detection can be usable indoors in some cases, but isn’t worth much with outdoor applications. Even indoors, the results produce 5X-10X as many false alarms. Outdoors, it is more like 100X.
Motion detection is popular and has been used for decades, mainly to reduce how much video is recorded. But most video experts know that it falls short of what they wish it really could do. That’s where true video analytics fill the need.
I hope this helps.
Doug.
November 29, 2010 at 10:13 am
If you look at the companies client list is looks like a who’s who of fortune 500 companies that do hundereds of millions is revenue and have hundereds of thousands of employees. And who are you? Someone working at another company that’s loosing market share left and right because you don’t have this incredible technology!
November 30, 2010 at 5:28 pm
Jeff,
One thing that is easy to do in this industry is show an impressive list of companies where your product has been tested or installed. Our client list beats out BRS Labs, but does prove we are better, or that all of those clients are continuing to use and buy more of our systems? Or were they one-shot deals?
Client lists don’t show that.
In terms of market share, BRS Labs has not been a problem for us. Our growth rate continues at a rapid pace. I haven’t heard of a job that we’ve lost to BRS, although I’m not a sales guy, so I don’t see all of those cases. I have talked to many customers, however, who tried out BRS, but selected our products instead.
However, this doesn’t prove we are better. We might be selling into different segments of the market, or we might have better sales people, or a number of other factors.
My big concern, however, is with misinformation or incomplete information that has been given out by too many companies selling video analytics products. This has caused more problems to the whole industry than anything.
Open discussion and more information helps, I hope, which is the purpose of my blog.
November 30, 2010 at 11:47 pm
I would be interested in how much actual revenue these BRS integrations are generating. The heart of the matter is whether or not their technology is efficient, that is , cost effective. (In an interest in full disclosure I think Jeff should tell us if he is an investor or employee of BRS.)
December 1, 2010 at 2:04 pm
Tom,
First, I had the same thought as you, that it sounded as if Jeff was an investor in BRS, and therefore was hoping to promote the image of his company. It would be nice to know, since it would help readers understand where he is coming from.
As for actual revenues, that would be interesting to know, but private companies often don’t like to reveal that information. However, according to an article, which John Honovich quoted from on his web site, the revenues for BRS was less than $500K, as of last Dec:
http://ipvideomarket.info/report/brs_labs_layoffs_and_skepticism_mount
This came from an investigative report in the Houston Chronicle, which you can link to from the above article by John. He says they expected to have $10M in the next year, but previously they had claimed to have $100M in revenues by last year, so their projections have not been accurate.
Those are the only public facts I have seen.
December 1, 2010 at 9:07 pm
cynet simdisk brs same adress same people same results
December 2, 2010 at 9:05 am
All – first of all I have no idea what Jim means in last submission & it would be courteous to know his qualification for speaking on this subject BUT its not important – this string of communication has degraded from being a potentially valuable exchange of information amongst professionals on a relatively new subject matter for our industry (at least newly worth talking about) to an adversarial exchange that I think is very close to becoming a mudslinging, name calling debacle. I’m disappointed.
June 23, 2011 at 11:47 pm
Hello.. any news about BRS labs? Have they made any sales this year so far?
August 11, 2011 at 10:55 am
My understanding is that BRS has had installations and contracts throughout the world. I have been told they will become the market leader very soon.
September 15, 2011 at 6:47 am
Your post is incorrect, you can choose to either be always notified about a specific behaviour type or “never be notified” (ignore).
Have you actually used the software, I would guess, not.
December 27, 2011 at 4:39 am
Attorneys Victoria TX…
[...]The Mystique of BRS Labs « Spot On Security[...]…
January 17, 2012 at 7:32 am
LKW Versicherung…
[...]The Mystique of BRS Labs « Spot On Security[...]…
March 16, 2012 at 10:08 am
vibrator…
[...]The Mystique of BRS Labs « Spot On Security[...]…