Functional Requirements
Functional
The following list is a set of known and determined Functional Requirements.
info
These are based on the assumptions provided in the [[Security System Brief]] briefing.
| Req | Description | Category |
|---|---|---|
| FR1 | User Authentication to Access Control: The system should allow users to authenticate themselves using various methods (e.g., cards, PINs, biometrics as well as using Mobile phones etc). These must be linked to a backend Identity Service (FR8). | Must |
| FR2 | Door Control: The system should be able to control the doors, including locking and unlocking them. | Must |
| FR3 | Access Granting: The system should grant access to authorised personnel upon successful authentication. | Must |
| FR4 | Access Denial: The system should deny access to unauthorised personnel. | Must |
| FR5 | Auditing and Logging: The system should maintain a record of all access attempts, grants, and denials. Should provide a full event log made available to other systems. | Must |
| FR6 | User Management: The system should allow administrators to manage user accounts, including adding, editing, and deleting users. | Must |
| FR7 | Role-Based Access Control (RBAC): The system should support RBAC to ensure that users only have access to authorised areas. | Must |
| FR8 | Integration with Other Systems: The system should be able to integrate with other security systems, such as CCTV and alarm systems. | Should |
| FR8 | Integration with Identity Systems: The system must be able to integrate with organisational identity systems to ensure compliance for onboarding or off-boarding of staff. | Must |
| FR10 | Alerts and Notifications: The system should send alerts and notifications to administrators in case of unauthorised access attempts or system failures. | Should |
| FR11 | Scalability: The system should be able to scale to accommodate growing user bases and increasing security requirements. | Must |
| FR12 | Door Lock Types: The system should have the ability to operate different types of door locks, from magnets to latches. | Must |
| FR13 | Policy Based: In addition to RBAC, the system must be able to assign permissions to users based on an assigned policy either system or identity defined. | Must |
| FR14 | Time of Day Controls: The system must be able to deal with Time of Day / Week scheduling to ensure proper control over out of hours access. | Must |
| FR15 | Emergency Access: The system must allow for proper emergency access controls with local regulation - including fire evacuation and power failure modes. | Must |
| FR16 | Fail Safe: The service must fail to a known state in the event of an emergency - known state being either fail open, or fail secure. Fail secure is the preferred state. | Must |
| FR17 | Door Bell: The service must provide the ability to notify staff inside the building when people are at the reception desk. | Must |
| FR18 | Package Drop: The service should allow a package drop secure drop box for packages or courier letters enabling the secure housing of items. | Should |
| FR19 | Package Drop Notifications: The service should notify staff either via e-mail or other means that a package has been delivered, and the drop box opened. | Should |
| FR20 | Package Drop Camera: The system should link the drop off of the package with a camera image / video for evidence of delivery. | Should |
| FR21 | Enhanced Detection: The system could be able to deal with new use cases such as motion detection, sound detection and/or water detection to safeguard the property and alert support teams to corner case detection. | Could |
| FR22 | Logging Externally: The system must be able to export logs and events to SIEM using syslog or compatible exporters. | Must |
| FR23 | API Capability: The system should allow secure API access to common functions to enable external automation or orchestration activities to occur. | Should |
| Video Cameras | ||
| FR24 | Cameras: The system should integrate with cameras to record both the public areas, but also secure areas such as Comms rooms or internal secure areas. A seperate Functional and Non Functional set of requirements would be defined for this should this be a consideration. | Should |
| FR25 | Integrated Door Viewer: The solution should allow staff internal to the secure office location to see who is at reception or who is looking to gain entry. This is to protect staff from potential dangers from uninvited guests. | Should |
| Smart Building Features | ||
| FR26 | Digital Signage: The system could allow management and control over digital signage in the entrance / reception area that can be used to advertise or advise on | Could |
| FR27 | Digital Motion Sensors: The system could introduce motion sensors to act as a secondary alarm system detecting motion and activating cameras or alerting security personnel when motion is detected when all staff have left. | Could |
| FR28 | Digital Water Sensors: The system could extend the monitoring of water ingress areas such as kitchens and communications rooms to provide a safeguard against leaks or other undesirable water issues. | Could |
| FR29 | Digital Audio: The system could be integrated with digital audio to provide background music or emergency communication to staff. This is important given the removal of physical handset broadcast features from the environment. | Could |
| FR30 | EV Charging: With the event of Electric Vehicles, the need to provide staff and guests access to a managed EV charging solution would be a benefit. Any security and access control system should allow expansion to IoT devices and 3rd party systems. | Could |
| FR31 | Staff Presence Detection: The system could be extended to automatically raecord a site staff register which in the event of an emergency, provide managers or staff fire teams a list of who is onsite. | Could |
| FR32 | Video Recording: The system should be able to record and retain video recordings for a defined period of time. These would be used for incident investigation, and proof of package delivery etc. | Should |
| FR33 | Video Recording Policy: All recordings must be managed by a Policy around retention and storage location. | Must |
| FR34 | Access to Video Recordings: Any video recording must use defined access control (RBAC - FR7) to view or delete any recording on the system. | Must |
| FR35 | Access to Portals and Management: All access to systems and services must be limited to system defined applications and policy access control. | Must |