= Security Industry Association =

Security Industry Association
- Type: 501(c)(6)
- Abbreviation: SIA
- Status: Association
- Purpose: Trade
- Headquarters: Silver Spring, Maryland
- Location: Silver Spring, Maryland
- Language: English
- Leader Title: Chief Executive Officer
- Leader Name: Don Erickson
- Main Organ: Board of Directors

The Security Industry Association (SIA), based in Silver Spring, Maryland, is a U.S. trade association, founded in 1969, representing global security solutions providers. The organization today represents over 1,600 firms and organizations in the security industry, and in 2017 the association expanded membership to include an academic category. SIA is the premier sponsor of the ISC Security Events, including ISC West and ISC East.

Since 2010, SIA has presented Securing New Ground (SNG), an annual conference for executives in the security industry. The organization also produces the annual government security conference SIA GovSummit, which has addressed federal and state security topics, as well as national issues such a school security, and AcceleRISE, an annual conference for young security industry professionals presented by SIA's RISE community.

SIA's industry activities generally fall under one of the following divisions of the association: Government Relations, Industry Relations, Learning & Development and Standards & Technology.

==Learning and development==

SIA's learning and development team creates and presents training classes at various trade shows and conferences, including ISC West and ISC East. SIA develops professional development and industry training conference programs at ISC East and West each year under the brand of SIA Education@ISC.

SIA's learning and development offerings also include the Security Project Management (SPM) training program, the Certified Security Project Manager (CSPM) credential program and the Security Industry Cybersecurity Certification (SICC) program.

The SICC, developed by SIA with support from PSA Security Network and Security Specifiers, is the security industry's first credential focused specifically on cybersecurity for physical security systems. Becoming a designated SICC helps validate the skills required to support technical security installations according to industry best practices for electronic security and cybersecurity and aligning with clients’ organizational priorities and business objectives.

==Government relations==

SIA Government Relations lobbies federal and state governments on measures that would affect the security industry while tracking and reporting on the progress of various legislative initiatives. Through its government relations initiatives, SIA has accomplished legislative and administrative advances. SIA lobbied for the enactment of legislation creating the GSA Schedule 84 Cooperative Purchasing Program. The Local Preparedness Acquisition Act (Public Law 110-248), signed June 26, 2008, authorizes state and local governments to purchase from GSA alarm and signal systems, facility management systems, firefighting and rescue equipment, law enforcement and security equipment, marine craft and related equipment, special purpose clothing and related services, according to GSA.

SIA also lobbied for legislation (Public Law 111-360), signed by President Barack Obama in January 2011, that exempts external power supplies for security and life safety products from federal energy efficiency standards that apply to devices in no-load model. A SIA-led coalition that included both industry and environmental groups argued that, since security and life safety equipment must always be in active mode, an efficiency standard for no-load mode would make no sense.

In July 2024, SIA signed a letter to members of both the House Committee on Armed Services and the Senate Committee on Armed Services opposing Section 828 of S. 4628, the National Defense Authorization Act for Fiscal Year 2025, entitled "Requirement for Contractors to Provide Reasonable Access to Repair Materials," which would require contractors doing business with the US military to agree "to provide the Department of Defense fair and reasonable access to all the repair materials, including parts, tools, and information, used by the manufacturer or provider or their authorized partners to diagnose, maintain, or repair the good or service."

The annual SIA GovSummit, hosted by SIA and organized by its government relations team, is a public policy and government security conference.

==Standards and technology==

SIA's standards and technology team produces, maintains and advocates for technical standards that enable interoperability between security devices. SIA develops American National Standards Institute (ANSI)-accredited standards that promote interoperability and information sharing in the industry.

SIA's Open Supervised Device Protocol (OSDP) standard is an access control communication standard developed by SIA to improve interoperability among access control and security products. OSDP was approved as an international standard by the International Electrotechnical Commission in May 2020 and has been published as IEC 60839-11-5. SIA OSDP v2.2, which is based on the IEC 60839-11-5 standard, was released in December 2020.

In early 2023, Bishop Fox disclosed to SIA several weaknesses in an OSDP implementation. Members of the OSDP Technical Subcommittee met with senior security engineer Dan Petro to review in depth the vulnerabilities along with his recommendations. These recommendations were then presented before the subcommittee and will be identified for revision in the next version of OSDP v2.3. For example the Secure Channel Base Key (SCBK), which encrypts the connection between each reader-controller pair, is itself sent in the clear from the controller to the reader when the reader first joins the network. The protocol is also vulnerable to a downgrade attack. They demonstrated splicing a covert attack device named Mellon into the network in about 60 seconds, so only a brief period of physical access to the devices may be needed. A variety of other flaws in the protocol make it difficult to secure.In addition to Bishop Fox’s recommendations, SIA members concluded the findings are rooted in two main issues: 1) the proper design of OSDP reader and controllers and 2) the installation and management of devices onsite.

SIA Standards developed and maintains the ANSI/SIA CP-01–False Alarm Reduction Standard. The standard generally specifies the design for controls of security alarm systems at the control panel. The specification focuses chiefly on the arming and disarming process.

SIA also manages AG-01, the Architectural Graphics for Security Standard, which is a collection of architectural graphics for security intended for use by architects, building contractors, system integrators, electrical contractors and security managers who use CAD to produce construction drawings, shop drawings and installation/as-built drawings, and physical security system layouts.
