SynC · SynC Standards

Access Control Systems

Rev3
IssuedJun 8, 2026

Revision history

Build a datasheet from this standard Start a project with this standard already attached — one click, no setup.
Use in a project

1 Scope

NOTE This specification covers the design, equipment, installation, programming, and testing of an electronic access control system (ACS) for controlling pedestrian entry into and movement within a building. (1.1)
1.2 The system shall identify users by credential, validate their access privileges against a rule set maintained by a head-end software platform, and electrically operate door hardware to permit or deny passage at controlled openings.
1.3 The system shall additionally monitor door position and request-to-exit conditions, log every access event and exception, and interface with the building fire alarm system to release fail-safe locking devices on alarm.

1.4 System Composition

NOTE The access control system is a coordinated assembly of electronic head-end software, networked door controllers, credential readers, request-to-exit devices, door position switches, low-voltage power supplies, and the electrified door hardware that physically secures each opening. (1.4.1)
1.4.2 This standard governs the electronic head-end, the controllers, the reader-side devices, and the wiring; the electrified locking hardware itself — the electric strike, electromagnetic lock, electrified mortise lock, electrified cylindrical lock, or electric exit device — is procured and installed under Doors Frames And Hardware and shall be coordinated under this standard.

1.5 Coordination

NOTE Every controlled opening is a system requiring coordination across multiple trades and standards. (1.5.1)
1.5.2 The Contractor shall coordinate the access control scope with Doors Frames And Hardware for lock selection, frame and door preparation, and hardware-set finalization.
1.5.3 The Contractor shall coordinate with Fire Alarm Systems for the release of fail-safe locks on fire alarm.
1.5.4 The Contractor shall coordinate with Conductors And Cables and Raceways And Conduit for low-voltage pathways.
1.5.5 The Contractor shall coordinate with Grounding And Bonding and Telecommunications Bonding for the bonding of the head-end and controller equipment.
1.5.6 The Contractor shall coordinate with Equipment Labeling for device and circuit identification.

1.6 Exclusions

NOTE This standard addresses electronic access control of swinging pedestrian doors using card, smart card, or mobile credentials. (1.6.1)
1.6.2 This standard does not cover video surveillance, intrusion detection alarms, intercom systems, parking and vehicle access control, automatic pedestrian door operators beyond the lock release interface, or biometric-only systems without a supporting card or mobile credential.

2 Referenced Standards

2.1 Equipment, materials, software, and installation shall comply with the latest adopted edition of the following standards.
Standard Title
UL 294 Access Control System Units
UL 1034 Burglary-Resistant Electric Locking Mechanisms
UL 1076 Proprietary Burglar Alarm Units and Systems
UL 1981 Central Station Automation Systems
UL 10C Positive Pressure Fire Tests of Door Assemblies
UL 10B Fire Tests of Door Assemblies
NFPA 101 Life Safety Code (egress at access-controlled openings)
NFPA 80 Standard for Fire Doors and Other Opening Protectives
NFPA 72 National Fire Alarm and Signaling Code (interface to ACS)
NFPA 70 National Electrical Code (Articles 725 and 760)
IBC Chapter 10 International Building Code — Means of Egress
IFC Chapter 10 International Fire Code — Means of Egress
ICC A117.1 Accessible and Usable Buildings and Facilities
ADA Standards for Accessible Design Federal accessibility requirements
ANSI/SIA AC-01 Access Control General Requirements
SIA OSDP v2.2 Open Supervised Device Protocol
ANSI/BICSI 008 Wireless LAN Best Practices for Cabling Installation
ANSI/TIA-568 Generic Telecommunications Cabling for Customer Premises
ANSI/TIA-569 Telecommunications Pathways and Spaces
ANSI/TIA-606 Administration Standard for Telecommunications Infrastructure
ANSI/TIA-607 Generic Telecommunications Bonding and Grounding
FIPS 201 Personal Identity Verification (where federal credential interoperability applies)
NIST SP 800-116 Use of PIV Credentials in Facility Access
ISO/IEC 14443 Identification cards — Contactless integrated circuit cards (proximity)
ISO/IEC 7816 Identification cards — Integrated circuit cards
2.2 Where the contract documents, the adopted building code, or a referenced standard conflict, the more stringent requirement shall govern unless the Engineer of Record directs otherwise in writing.

3 Submittals

3.1 Action Submittals

3.1.1 The Contractor shall submit the following to the Engineer of Record for review prior to procurement and prior to beginning installation:
  • Manufacturer's product data for the head-end server platform, every door controller and panel, every reader, every credential type, every power supply, every request-to-exit device, every door position switch, every input/output module, and every accessory item
  • A system riser diagram showing the head-end server, network switches and segmentation, every controller panel, every reader, every electrified door hardware connection, every REX and DPS input, every power supply with backup battery, and the interface to the fire alarm system
  • A door schedule listing every controlled opening by mark number, cross-referenced to the door schedule in Doors Frames And Hardware, indicating reader type and quantity per opening, electrified hardware type (free-egress vs access-controlled vs delayed egress), fail-safe or fail-secure operation, REX device type, DPS configuration, power supply assignment, and controller and reader address
  • A panel schedule for each controller cabinet listing every door served, the assigned reader address, the assigned input/output points, the panel power budget, and the upstream and downstream power supply
  • A head-end architecture diagram showing the server, redundancy or high-availability arrangement, database storage, backup strategy, network segmentation, directory and SSO integration, and any cloud or remote connectivity
  • A sequence-of-operations matrix listing each input (valid credential, invalid credential, REX, DPS open, DPS forced-open, DPS held-open, fire alarm, tamper) and the resulting outputs (unlock, lock, alarm, audit log, notification) for each door type
  • Battery calculations for every UL 294 listed power supply showing standby and alarm current draw, required standby duration, and selected battery amp-hour capacity
  • OSDP configuration documentation including baud rate, Secure Channel keys management, polling intervals, and address assignments
  • Cybersecurity hardening documentation including the cipher suite, certificate management plan, default-credential change procedure, firmware version baseline, and network segmentation approach
Action Submittals Requiredcheckbox
Product data for head-end, controllers, readers, credentials, power supplies, REX, DPS, modules
System riser diagram
Door schedule cross-referenced to door, frame, and hardware schedule
Controller panel schedules with point assignments
Head-end architecture diagram
Sequence-of-operations matrix
Battery calculations for each power supply
OSDP configuration documentation
Cybersecurity hardening plan
3.1.2 The access control submittal is a complete system-level package; partial or piecemeal submittals shall be returned without review.

3.2 Informational Submittals

3.2.1 The Contractor shall submit the following informational items:
  • Manufacturer's installation instructions for each component, retained on site during installation
  • Installer qualifications documentation, including factory training certificates for the specific controller platform
  • Proposed acceptance test plan including test procedures, schedule, personnel, and forms
Informational Submittals Requiredcheckbox
Manufacturer's installation instructions retained on site
Installer qualifications and factory training certificates
Proposed acceptance test plan with procedures, schedule, personnel, and forms

3.3 Closeout Submittals

3.3.1 At substantial completion, prior to system acceptance, the Contractor shall submit:
  • Accepted acceptance test report signed by the Contractor and the testing technician
  • As-built system drawings reflecting final device addresses, controller programming, and circuit routing
  • Complete head-end programming record: user roles, access levels, time schedules, door groups, holiday schedules, and event-to-action mappings
  • A keyholder turnover package: head-end administrator account credentials, encryption key custody record, recovery procedures, and an inventory of issued credentials at substantial completion
  • Operation and maintenance manual including normal operations, lockdown procedures, after-hours access procedures, credential enrollment and revocation, backup and restore, battery replacement schedule, and firmware update procedure
  • Warranty documentation
  • Manufacturer service contact list and any service-agreement terms
Closeout Submittals Requiredcheckbox
Accepted acceptance test report
As-built system drawings with final addresses
Head-end programming record
Administrator credentials and encryption key turnover package
Operation and maintenance manual
Warranty documentation
Manufacturer service contact list

4 Quality Assurance

4.1 Installer Qualifications

Installer Factory Certificationradio
Required for the specific controller platform
Required for controller platform and head-end software
Not required (installer qualifications by experience only)
4.1.1 The access control system shall be installed by a contractor regularly engaged in the design and installation of electronic access control systems with documented experience on at least three projects of comparable size and complexity within the past five years.
4.1.2 The installer-in-charge shall hold factory certification on the specific controller platform being installed and shall be present on site during programming, head-end configuration, and acceptance testing.
4.1.3 Personnel making low-voltage terminations at controllers and readers shall be trained in the manufacturer's wiring methods, in OSDP Secure Channel commissioning, and in the project's cybersecurity hardening procedures.
4.1.4 Cabling between controllers, readers, and head-end equipment shall be installed by personnel meeting the qualifications of Conductors And Cables for low-voltage and structured cabling.

4.2 Single-Source Responsibility

4.2.1 The head-end software, door controllers, reader-to-controller protocol stack, and panel-level firmware shall be furnished by a single manufacturer or by a tightly integrated ecosystem of manufacturers documented to interoperate.
4.2.2 Multi-source assemblies in which the controller, the head-end, and the readers are sourced independently and integrated only at the field level shall not be acceptable unless the Engineer specifically approves the integration after review of interoperability test documentation.
4.2.3 Credentials and readers, where sourced from a different manufacturer than the controller, shall be confirmed compatible through OSDP v2.2 Secure Channel testing prior to procurement of credentials in quantity.

4.3 Listing and Labeling

4.3.1 The fire alarm interface point — the relay or supervised input that releases fail-safe locks on fire alarm — shall be UL 864 listed where it forms part of the fire alarm system or shall use a UL 294 listed module driven by a UL 864 listed dry contact from the fire alarm control unit.
4.3.2 All access control system units shall be listed and labeled to UL 294 by a Nationally Recognized Testing Laboratory.
4.3.3 Power supplies shall be UL 294 listed for access control service.
4.3.4 Electrified locking hardware listed to UL 1034 shall be used where the opening is required to resist burglary; the listing requirements for the hardware itself are addressed in Doors Frames And Hardware and shall be coordinated.

5 Environmental and Service Conditions

5.1 Indoor and Exterior Equipment Ratings

Exterior Reader Environmental Ratingselect
IP55 / NEMA 3R
IP65 / NEMA 4
IP66 / NEMA 4X (corrosive or wash-down environments)
5.1.1 Access control equipment installed in indoor, conditioned, occupiable spaces shall be rated for 0 °C to 50 °C ambient operating temperature and 0 to 85 percent non-condensing humidity.
5.1.2 Equipment installed in unconditioned spaces, electrical rooms, attics, or telecommunications rooms shall be confirmed against the extreme conditions of the space.
5.1.3 Readers installed at exterior openings shall be rated for the local exterior temperature extremes and shall carry an enclosure rating appropriate to the exposure.

5.2 Sprinkler and Plenum Exposure

5.2.1 Equipment installed in spaces with active sprinkler systems shall be located so that direct sprinkler discharge does not impinge on the equipment, or shall be enclosed against discharge.
5.2.2 Equipment installed in plenum spaces shall be plenum-rated or shall be installed in conduit per NEC Article 300.

6 System Architecture

System Architectureradio
Networked, on-premises head-end (default)
Networked, cloud-managed head-end
Hybrid (on-premises controllers, cloud-hosted management)
Standalone per door (small projects only)
6.1 The access control system shall be configured as a networked architecture with a central head-end software platform, intermediate door controller panels distributed throughout the building, and reader-side devices at each controlled opening.
6.2 The head-end shall hold the system of record for users, credentials, and access privileges.
6.3 Controllers shall hold a cached copy of the rule set sufficient to make access decisions autonomously if the head-end network connection is interrupted.
6.4 Standalone, per-door, non-networked systems shall be used only on very small projects with a handful of openings and no requirement for centralized audit.
NOTE A networked, on-premises head-end is the default for projects of moderate or larger size, for facilities with confidentiality concerns about credential and audit data leaving the premises, and for facilities subject to regulatory or contractual data-residency requirements; cloud-managed and hybrid architectures are appropriate where the Owner accepts the operational benefits of reduced server administration and automatic updates in exchange for ongoing subscription cost and external data residency. (6.5)

6.6 Controller Topology

Controller Topologyradio
Multi-door panel (4-, 8-, or 16-reader panels in centralized cabinets)
Controller-per-door (edge controller adjacent to each opening)
Hybrid (centralized panels for grouped doors, edge controllers where pathway is impractical)
Maximum Doors per Centralized Panelselect
2-reader panel
4-reader panel
8-reader panel
16-reader panel
NOTE Centralized multi-door panels in a secure equipment closet are the default topology for typical commercial buildings because they consolidate power supplies, simplify battery backup, ease maintenance, and produce a cleaner cabling architecture; controller-per-door edge devices are appropriate where opening density is low, where the cable run from a central panel is impractical, or where the Owner specifically prefers the topology for redundancy reasons. (6.6.1)
6.6.2 Panel sizing should leave spare capacity for at least 20 percent additional doors beyond initial installation, to accommodate future openings without panel replacement.

6.7 Equipment Location

6.7.1 The head-end server shall be located in as indicated on the head-end architecture drawing.
6.7.2 Controllers shall be located in as indicated on the panel location plan in secure equipment closets or IT rooms with physical access restricted to authorized personnel.

7 Door Controllers

Controller-to-Head-End Communicationradio
TCP/IP over Ethernet with TLS 1.2 or higher (default)
TCP/IP over Ethernet with TLS 1.3
Wireless (802.11) — only where wired pathway is impractical
7.1 Door controllers (panels) shall be UL 294 listed devices providing autonomous access decision capability, supervised reader and input/output circuits, encrypted communication to the head-end, and a local cache of the rule set sufficient to operate during head-end outage.
7.2 Controllers shall communicate to the head-end over TCP/IP using TLS 1.2 or higher.
7.3 Wireless controller-to-head-end communication shall not be used except where a wired pathway is genuinely impractical.
NOTE Wireless controllers introduce reliability and security complications that outweigh the installation savings in nearly all projects. (7.4)

7.5 Reader-to-Controller Protocol

Reader-to-Controller Protocolradio
OSDP v2.2 with Secure Channel (default)
OSDP v2.1 with Secure Channel (where v2.2 not available)
Wiegand (legacy only — not for new installations)
7.5.1 OSDP v2.2 with Secure Channel shall be the default reader-to-controller protocol.
7.5.2 New installations shall not use Wiegand except where the Owner has a legacy reader infrastructure that cannot be replaced in the project scope.
NOTE OSDP supersedes Wiegand by providing bidirectional, supervised, encrypted communication; reader status, tamper indication, and firmware updates over the reader cable; and resistance to the credential-replay and signal-injection attacks that have been demonstrated against Wiegand. (7.5.3)

7.6 Controller Inputs, Outputs, and Supervision

Input and Output Supervisionradio
Required on all controller inputs and outputs (default)
Required on inputs only
Not required (only for non-critical, low-security openings)
7.6.1 Each controller shall provide supervised inputs for door position switch, request-to-exit, and tamper, and supervised outputs for lock control.
7.6.2 End-of-line resistors shall be installed per the manufacturer's instructions to enable line supervision; cut, shorted, or grounded reader and input wiring shall be detected and reported.
7.6.3 Controllers shall provide a tamper switch on the enclosure and shall report tamper conditions to the head-end.
7.6.4 Tamper events shall be logged and shall generate an operator notification.

8 Credential Readers

Reader Mountingradio
Surface mount on door frame mullion or adjacent wall
Flush / mullion mount within frame profile
Surface mount on pedestal (parking and exterior gate applications)
Reader Form Factorselect
Mullion (narrow profile for door frame mounting)
Wall switch (single-gang) — interior typical
Wall switch (mullion-width) — exterior typical
Wall switch (keypad-equipped) — high-security or two-factor
8.1 Readers shall be UL 294 listed and shall communicate to the controller using OSDP v2.2 with Secure Channel as specified above.
8.2 Readers shall be selected for the credential technology specified below.

8.3 Reader Mounting Height

Reader Height (Centerline Above Finished Floor)range
in
3448
40424448
Default: 42 in
8.3.1 Reader height above finished floor shall comply with ADA and ICC A117.1 reach-range requirements.
8.3.2 The reader's active read zone shall be located between 34 inches and 48 inches above finished floor for unobstructed forward reach, and the reader shall be positioned within the accessible side reach range where applicable.

8.4 Exterior and Exposed Readers

8.4.1 Readers at exterior openings shall be rated for direct exposure to weather, ultraviolet light, and condensation.
8.4.2 Readers at openings subject to vehicle traffic, vandalism, or impact shall be protected by a guard, recessed in a wall, or selected with a vandal-resistant rating.

8.5 Two-Factor Authentication

Two-Factor Authentication at High-Security Openingsradio
Not required (single-factor card or mobile credential)
Required at designated high-security openings (card + PIN)
Required at all openings
8.5.1 Two-factor authentication shall not be specified for general circulation openings because it impairs throughput and frustrates users without providing meaningful security benefit at low-risk openings.
NOTE Two-factor authentication adds a PIN to the credential read for openings serving high-value or sensitive areas such as data centers, pharmaceutical storage, executive areas, and weapons storage. (8.5.2)

9 Credentials

Primary Credential Technologyradio
13.56 MHz smart card — MIFARE DESFire EV2/EV3 (default)
13.56 MHz smart card — iCLASS SEOS
Mobile credential — BLE and NFC
Combined smart card and mobile credential
125 kHz proximity (legacy — not for new installations)
9.1 The default credential shall be a 13.56 MHz smart card based on MIFARE DESFire EV2 or EV3 technology, with mutual authentication and AES-128 encryption between card and reader.
9.2 125 kHz proximity credentials (HID Prox and equivalents) shall not be used for new installations.
9.3 Where the Owner has an existing 125 kHz population, the migration plan to a contemporary credential shall be documented in the closeout package.
NOTE The 125 kHz proximity technology is trivially clonable, has no cryptographic protection, and is being phased out across the industry. (9.4)
9.5 Mobile credentials over Bluetooth Low Energy and NFC shall be supported where the Owner intends to issue credentials to smartphones in addition to or in place of physical cards.
NOTE Mobile credentials reduce credential reissue cost and accelerate enrollment and revocation, but require the Owner to operate a credential management process compatible with the user population's device ecosystem. (9.6)

9.7 Federal Credential Interoperability

Federal Credential Interoperability (FIPS 201 / PIV)radio
Not required
Required — PIV credentials honored at designated openings
Required — PIV is the primary credential
9.7.1 Federal facilities and contractors handling federal information shall require FIPS 201 (PIV) credential interoperability per the applicable HSPD-12 mandate.
9.7.2 Where PIV is required, readers and head-end shall support the PIV authentication mechanisms specified in NIST SP 800-116.

9.8 Credential Quantity

Initial Credential Quantityrange
each
505000
10025050010002500
Default: 250 each
9.8.1 Credential quantity at substantial completion shall be sufficient to enroll the initial occupant population plus a 25 percent overage for new hires, visitors, and replacements during the first year of operation.
9.8.2 The Owner shall provide the initial occupant population to the Contractor at submittal review.

10 Electrified Door Hardware

NOTE This section governs the access control system's interface to that hardware: the power supply, the lock control output from the controller, the supervision of the lock state, and the policy governing lock-type selection at each opening. (10.1)
10.2 The electrified locking device at each opening — electric strike, electromagnetic lock, electrified mortise lock, electrified cylindrical lock, or electric exit device — is procured and installed under Doors Frames And Hardware.

10.3 Default Lock Type

Default Electrified Locking Device Typeselect
Electric strike (fail-secure) on standard mechanical lock
Electrified cylindrical or mortise lock (free-egress)
Electric exit device (free-egress, exit-only or full-feature)
Electromagnetic lock (avoid where possible — see policy below)
10.3.1 The default lock type shall be an electrified cylindrical or mortise lock that preserves free mechanical egress at all times by operating the lever from the egress side without electrical action.
10.3.2 The lock shall secure the latch on the access side and release the access-side lever or trim on a valid credential or REX signal; the egress-side lever shall always operate the latch mechanically.

10.4 Electromagnetic Locks

10.4.1 Electromagnetic locks (mag locks) shall be avoided where any other lock type is feasible.
10.4.2 Where the door, frame, or operational use case truly requires a mag lock — most commonly on glass-and-aluminum entrance doors with no available latch reinforcement, or on cross-corridor smoke doors — the installation shall comply with NFPA 101 7.2.1.6.2 (Access-Controlled Egress Doors), the AHJ shall accept the arrangement in advance, and the release scheme shall be documented in the sequence of operations.
NOTE Mag locks are inherently fail-safe and require ancillary release devices (REX motion sensor, push-to-exit button, fire alarm release) to comply with NFPA 101 egress requirements at all times; each ancillary device is a failure point and an enforcement point with the AHJ. (10.4.3)

10.5 Fail-Safe vs. Fail-Secure

Default Fail-Safe vs. Fail-Secure Policyradio
Fail-secure default (locked on power loss) for offices, suites, and tenant openings
Fail-safe default (unlocked on power loss) for stairwell discharge and life-safety egress
Per-door determination by code analysis
10.5.1 Fail-safe vs. fail-secure shall be determined per opening by the means-of-egress analysis.
10.5.2 A stairwell discharge door that must release on a building power failure to permit exit shall be fail-safe; an office suite door that must remain secured on a power failure to protect the contents shall be fail-secure.
10.5.3 The Engineer shall determine the policy for each opening; this standard does not establish a single default that overrides the code analysis.

10.6 Lock State Monitoring

Lock State Monitoringradio
Lock state monitored at controller via supervised contact (default)
Door position only (lock state not directly monitored)
10.6.1 Lock state monitoring — a supervised contact on the lock confirming the lock is mechanically secured — shall be the default where the hardware supports it.
NOTE Monitoring only door position (closed vs. open) does not detect a latch that has failed to engage or has been propped; lock state monitoring is the means by which the system detects a door that is closed but unlocked. (10.6.2)

11 Request to Exit

Primary REX Deviceradio
Passive infrared (PIR) motion sensor over the door (default)
Integrated REX switch in the lock or exit device
Wall-mounted push-to-exit button (mag lock applications only)
Combination PIR + integrated lock REX (high-traffic openings)
11.1 A request-to-exit (REX) device shall be provided at every controlled opening to indicate that an authorized egress is occurring and to suppress the door-forced-open alarm during egress.
11.2 REX devices shall be supervised by the controller.
11.3 A PIR motion sensor mounted directly above the door on the egress side, aimed at the floor immediately inside the opening, shall be the default REX device.
11.4 Integrated lock REX (a switch in the exit device or lever) shall be used as a supplement where the hardware supports it.
NOTE A PIR sensor is the default because it triggers on actual egress traffic without requiring the user to take any action, and an integrated REX is a more deterministic indicator that the door is being operated for egress and complements the PIR. (11.5)

11.6 Push-to-Exit Buttons

11.6.1 Push-to-exit buttons shall not be used as the primary REX on access-controlled egress doors with free-egress hardware because they require a deliberate user action that adds nothing to a door that is already mechanically free to open.
11.6.2 Push-to-exit buttons shall be provided as the legally compliant egress release for mag-lock openings per NFPA 101 7.2.1.6.2, where they shall be wall-mounted, clearly identified, located within 40 to 48 inches above finished floor, and wired so that operation releases the mag lock for a minimum of 30 seconds independent of the access control system.

11.7 REX Behavior at Door Position

REX Behavior at Door Positionradio
REX suppresses forced-open alarm; lock remains under access control (free-egress hardware, default)
REX releases lock; door physically unlocks on REX trigger (mag lock openings)
11.7.1 For free-egress hardware (electrified mortise, cylindrical, or exit device), REX shall suppress the forced-open alarm but shall not unlock the door.
11.7.2 For mag lock openings, REX or the push-to-exit button shall actually unlock the door because the mag lock has no mechanical bypass.

12 Door Position Switches

Door Position Switch Typeradio
Concealed magnetic reed switch in door frame (default)
Surface-mounted magnetic switch
Door-mounted high-security balanced magnetic switch
12.1 A door position switch (DPS) shall be provided at every controlled opening to monitor whether the door is closed.
12.2 DPS contacts shall be supervised by the controller, and the controller shall report and log forced-open, held-open, and propped-open conditions.
12.2.1 A concealed magnetic reed switch installed in the head of the door frame with a matching magnet in the top edge of the door shall be the default for new construction.
12.2.2 Surface-mounted switches shall be used only on retrofit projects where concealed installation is not practical.
12.2.3 Balanced magnetic switches shall be specified at high-security openings where defeat by an external magnet must be prevented.

12.3 Door Held-Open Time

Door Held-Open Timerange
seconds
15120
30456090
Default: 45 seconds
12.3.1 The door held-open timer shall determine how long the door may remain open after a valid access before a held-open alarm is generated.
12.3.2 High-traffic openings or openings used for material movement may extend the timer with the Engineer's approval.
12.3.3 The held-open alarm shall be local at the door (annunciator at the door if specified) and remote at the head-end.
NOTE The default of 45 seconds accommodates normal cart and accessibility usage. (12.3.4)

12.4 Forced-Open Alarm Routing

Forced-Open Alarm Routingradio
Head-end notification only
Head-end notification plus local annunciator at the door
Head-end notification plus security monitoring service

13 Power Supplies and Battery Backup

13.1 Power supplies serving access control equipment shall be UL 294 listed for access control service and shall be sized for the connected load with at least 25 percent spare capacity for future additions.
13.2 Power supplies shall provide regulated DC output, output supervision, AC fail and low-battery monitoring, and integral battery charging.

13.3 Lock Voltage

Lock Voltageradio
24 VDC (default for runs exceeding 50 ft and for higher-current locks)
12 VDC (short runs and low-current locks only)
Reader and Controller Logic Voltageradio
12 VDC from controller-integrated supply (default)
Power over Ethernet (PoE/PoE+) where reader and controller support it
Separate 24 VDC supply for readers
13.3.1 24 VDC shall be the default lock voltage.
13.3.2 12 VDC may be used only for short runs and low-current devices where the voltage drop calculation confirms adequate voltage at the lock under worst-case current.
NOTE 24 VDC is the default because the higher voltage reduces conductor sizing and tolerates longer runs without unacceptable voltage drop. (13.3.3)

13.4 Battery Backup

Battery Standby Durationrange
hours
424
481224
Default: 4 hours
13.4.1 Battery backup shall be provided at every power supply serving access control loads.
13.4.2 Battery capacity shall be sized to provide a minimum of 4 hours of standby operation at the system's quiescent load.
13.4.3 Where the access control system serves life-safety egress functions or is part of a security plan with regulatory standby requirements, the battery shall be sized for a longer duration as required by the applicable standard.
13.4.4 Battery calculations shall be performed for each power supply, documented in the submittals, and the calculations shall account for both quiescent and alarm-condition current draw, the temperature derate factor specified by the battery manufacturer, and a margin above the calculated requirement of at least 25 percent.

13.5 Power Supply Location

13.5.1 Power supply locations shall be coordinated to keep the lock-cable run between supply and lock within the voltage-drop calculation tolerance.
13.5.2 Power supplies shall be installed in lockable enclosures and shall be co-located with the door controller cabinet where practical.

14 Cabling

Controller-to-Head-End Cableselect
Category 6 UTP, plenum-rated where applicable (default)
Category 6A UTP, plenum-rated where applicable
Multimode optical fiber for long runs or electrically noisy paths
Reader Cable (Controller to Reader)select
Composite 22 AWG/6-conductor shielded with 18 AWG/4-conductor (default for reader + lock + REX)
22 AWG/6-conductor overall-shielded twisted pair (reader only; separate lock cable)
Category 6 UTP for OSDP (where manufacturer supports it)
Lock Cable (Power Supply to Lock)select
18 AWG/2-conductor (locks within voltage-drop tolerance at 24 VDC)
16 AWG/2-conductor (longer runs or higher-current locks)
14 AWG/2-conductor (long runs or magnetic locks)
REX and DPS Cableradio
22 AWG/2-conductor shielded per device (default within composite)
18 AWG/2-conductor shielded (long runs only)
Cable Pathwayscheckbox
Conduit (EMT) in unfinished spaces and where required by code
Cable tray in accessible ceilings
Bridle rings or J-hooks in accessible ceilings (per TIA-569)
Plenum-rated cable in plenums per NEC Article 300
14.1 All access control system cabling shall comply with NEC Article 725 (Class 2 circuits) for low-voltage portions and with NEC Article 800 and ANSI/TIA-568 for structured cabling portions.
14.2 Plenum-rated cable shall be used in plenum spaces.
14.3 Cable in concealed spaces, cable trays, and accessible ceilings shall be supported per NEC and per the cable manufacturer's instructions; cable shall not be supported by ceiling tile grid or other building systems not intended for cable support.
14.4 Composite access control cables that bundle reader, lock, REX, and DPS conductors in a single jacket shall be the default for door cabling because they install in one pull, reduce conduit fill, and simplify cabling.
14.5 Where the lock current exceeds the rating of the composite cable's lock conductors, a separate lock cable shall be pulled and the reader cable shall carry only reader, REX, and DPS conductors.

14.6 Voltage Drop and Separation

14.6.1 Voltage drop on lock cables shall be calculated for the worst-case (longest, highest-current) opening on each power supply and the cable size shall be selected so that the lock voltage at the lock under fault-clearing or maximum-inrush current remains within the manufacturer's operating range.
14.6.2 The voltage drop calculation shall be documented in the submittals.
14.6.3 Cable separation from higher-voltage power circuits shall be maintained per NEC Article 725 and per the cable manufacturer's instructions.
14.6.4 Where parallel routing is unavoidable, perpendicular crossings shall be used and the minimum separation shall be maintained per code.

15 Cybersecurity

15.1 Access control systems shall be hardened against the categories of attack that have repeatedly compromised installed systems: default credentials, unencrypted reader-to-controller protocols, unpatched firmware, flat-network exposure, and weak credential technologies.

15.2 Network Segmentation

Network Segmentationradio
Dedicated VLAN, isolated from general user and IT networks (default)
Dedicated physical network
Shared network segment (not acceptable)
15.2.1 Access control controllers, the head-end server, and any management workstations shall reside on a dedicated VLAN isolated from general user, guest, and untrusted networks.
15.2.2 Firewall rules shall restrict the access control VLAN to the specific protocols and destinations required for operation and management.
15.2.3 Remote access to the head-end, where permitted, shall be through an authenticated VPN or a managed gateway provided by the head-end manufacturer.

15.3 Default Credentials and Initial Hardening

Default Credentials and Initial Hardeningcheckbox
All factory default passwords on controllers, readers, and head-end changed before commissioning
Administrator accounts use unique passwords meeting Owner's password policy
Service and maintenance accounts use distinct credentials from administrators
Unused services and ports on controllers disabled
Firmware updated to current vendor-supported version at substantial completion

15.4 Reader-to-Controller Encryption

Reader-to-Controller Encryptionradio
OSDP Secure Channel enabled with site-specific keys (default)
OSDP installation mode keys (not acceptable for production)
Unencrypted Wiegand (not acceptable for new installations)
15.4.1 OSDP Secure Channel shall be enabled at commissioning using site-specific keys, not installation-mode default keys.
15.4.2 The key management procedure shall be documented and the key custody record turned over to the Owner at substantial completion.

15.5 Audit Log Retention

Audit Log Retentionrange
days
902555
9036573018252555
Default: 365 days
15.5.1 The head-end shall retain access and exception event logs for a minimum of 365 days; the Owner may extend retention per their security policy or regulatory obligation.
15.5.2 Logs shall be exportable in a documented format for review and for archiving to long-term storage.

16 Fire Alarm Interface and Egress Release

Fire Alarm Release Interfaceradio
Hardwired dry contact from FACU to dedicated release relay at each lock requiring release (default)
Dry contact from FACU to power supply for all locks on that supply
Software interface from FACU to access control head-end (not acceptable as sole release path)
16.1 The access control system shall interface to the fire alarm system as required by NFPA 101 and the AHJ.
16.2 The interface shall release locks that must be released on fire alarm and shall do so independently of the head-end and independently of the network.
16.3 Locks requiring release on fire alarm — most commonly electromagnetic locks and any electrified hardware on an opening covered by NFPA 101 7.2.1.6.1 (Access-Controlled Egress Doors) or 7.2.1.6.2 (Delayed Egress) — shall release via a hardwired dry contact from the fire alarm control unit (FACU).
16.4 The dry contact shall interrupt the lock power circuit through a UL 294 listed release relay or directly at the power supply.
16.5 The release shall not depend on the access control head-end, the network, or any software function.
16.6 Where a code analysis determines that a specific opening's electric strike or electrified lever lock must release on fire alarm, the release shall be implemented in the same hardwired manner as for mag locks.
NOTE Electric strikes and free-egress electrified lever locks generally do not require release on fire alarm because they preserve mechanical egress at all times. (16.7)

16.8 Delayed-Egress Openings

Delayed-Egress Opening Configurationradio
Not used
Used at designated openings per NFPA 101 7.2.1.6.1 with AHJ approval
16.8.1 Delayed-egress hardware (NFPA 101 7.2.1.6.1) shall not be used unless the building occupancy specifically permits it (typically prohibited in Assembly and Educational occupancies), the AHJ has approved the arrangement, and the required signage, audible alarm, and 15-second (or 30-second where authorized) release time are configured per code.
16.8.2 Where delayed egress is used, the release on fire alarm shall be immediate and shall be hardwired from the FACU.

16.9 Fire Alarm Interface Coordination

16.9.1 The Contractor shall coordinate the fire alarm interface design with Fire Alarm Systems and shall confirm the release scheme with the AHJ before installation.
16.9.2 Final acceptance of any opening with electrified locking hardware shall include a witnessed test of the fire alarm release.

17 Software (Head-End)

17.1 The head-end software shall be a manufacturer-supported product currently sold and maintained, with documented update and patch cycles.
17.2 The software shall provide user, credential, access privilege, time schedule, holiday schedule, door, area, and reader management; event logging and audit trail; reporting; system health monitoring and alarms; and an administrator interface with role-based access control over the administrator population.

17.3 Directory and SSO Integration

Directory and SSO Integrationradio
LDAP/Active Directory integration for administrator authentication (default for on-prem)
SAML 2.0 or OIDC for administrator authentication (default for cloud)
Local administrator accounts only (small projects)
17.3.1 Administrator and operator accounts shall be authenticated through the Owner's directory or identity provider where one exists, so that administrator account lifecycle — provisioning, password rotation, and deprovisioning on departure — is managed centrally.
17.3.2 Local-only administrator accounts shall be limited to a break-glass account for recovery from directory outage.

17.4 Software Deployment

Software Deploymentradio
On-premises server (Windows or Linux per manufacturer support)
Vendor-hosted cloud (SaaS)
Owner-hosted cloud (private cloud or Owner's IaaS)

17.5 Backup and Recovery

Backup and Recoverycheckbox
Daily automated database backup
Weekly off-site backup copy
Documented recovery procedure tested at acceptance
High-availability configuration with secondary head-end
17.5.1 A documented backup procedure shall be in place before substantial completion.
17.5.2 The recovery procedure shall be tested as part of acceptance: a restore from the latest backup to a separate environment shall be demonstrated to recover the full configuration, credential set, and audit log.

18 User Management and Audit

Credential Expiration Defaultselect
1 year
2 years
3 years
5 years
Indefinite (set per credential at issue)
18.1 The system shall maintain a credential record for every user that includes at minimum the user's identifier, the credential type and serial, the issue and expiration date, the access privilege set assigned, and the status (active, suspended, revoked).
18.2 Credentials shall expire by default at a date set per the Owner's policy and shall require an affirmative renewal action.

18.3 Access Privilege Assignment

18.3.1 Access privilege assignment shall be by role (door group + time schedule) rather than by direct enumeration of doors.
18.3.2 A user assigned a role shall inherit the role's privileges, and a privilege change at the role shall propagate to every user with that role.
18.3.3 Direct per-user, per-door privilege assignment shall be permitted only where the user's required access does not match any defined role and the exception is documented.

18.4 Time and Holiday Schedules

Time Schedulescheckbox
Business hours (default)
Extended hours (weekdays, longer)
24/7
Weekend / off-hours only
Custom per role or per door
18.4.1 Holiday schedules shall be configured to override regular time schedules on dates designated by the Owner.
18.4.2 The holiday list shall be reviewed and updated annually by the Owner; the Contractor shall provide the procedure at substantial completion.

18.5 Audit Log

18.5.1 The audit log shall record every access attempt (granted and denied), every door state event (forced open, held open, restored), every administrator action (user added, privilege changed, credential issued or revoked, lockdown initiated), and every system event (controller online/offline, AC fail, low battery, tamper).
18.5.2 Each log entry shall include the timestamp, the originating device or operator, and the affected user or door where applicable.

19 Testing and Commissioning

Acceptance Test Scopecheckbox
Every controlled opening tested individually (default)
Sampling acceptable (large projects, per Engineer)
19.1 Acceptance testing shall be performed by the Contractor, witnessed by the Engineer or the Owner's designated representative, and documented on the project test forms.
19.2 Testing shall not begin until installation is complete and the system has operated under normal conditions for a burn-in period of not less than seven calendar days.

19.3 Per-Opening Acceptance Test

19.3.1 For each controlled opening, the acceptance test shall verify the following:
  • Valid credential read results in lock release, door opens freely, DPS reports open, REX (if motion-based) suppresses forced-open during egress, lock re-secures on door close
  • Invalid credential is denied and logged with the reason
  • Forced-open condition (door opened without valid credential or REX) generates an alarm at the head-end and logs the event
  • Held-open condition generates an alarm at the configured timer and logs the event
  • Tamper at the controller or reader is detected and logged
  • Loss of head-end connectivity at the controller does not interrupt access decisions for credentials in the controller cache
  • Fire alarm dry contact, when actuated, releases every lock required to release per the sequence of operations, within the time required by the AHJ
  • Battery backup at each power supply maintains the system for the specified standby duration during a simulated AC failure
  • OSDP Secure Channel is confirmed enabled on every reader and the installation-mode keys have been replaced
Burn-In Period Before Acceptancerange
days
330
71430
Default: 7 days

19.4 Correction and Report

19.4.1 Test failures shall be corrected and the affected items re-tested.
19.4.2 The acceptance test report shall record the test method, the result, and the corrective action for any failed item.
19.4.3 The Owner's representative shall sign the report at acceptance.

20 Installation

20.1 Coordination and Sequencing

20.1.1 Access control rough-in shall be coordinated with Doors Frames And Hardware so that frame preparations, hardware mortise cutouts, electric power transfer hinges or door loops, and lock body conduits are correctly sized and located before frames and doors are delivered to the site.
20.1.2 Cable rough-in shall be completed before finished ceilings are installed and before walls are closed.
20.1.3 Controller cabinet and power supply locations shall be confirmed against the head-end architecture drawing before equipment is mounted.
NOTE Late discovery of a missed frame preparation typically requires field cutting that compromises the fire rating, the finish, or the structural integrity of the frame. (20.1.4)

20.2 Mounting

20.2.1 Readers shall be mounted plumb and square, at the height specified above, and secured to a backbox or to the frame with the manufacturer's hardware.
20.2.2 Surface-mounted readers shall be installed with weatherstripping or a gasket at exterior openings to prevent water and pest intrusion.
20.2.3 Controllers and power supplies shall be wall-mounted in lockable enclosures in secure equipment closets.
20.2.4 Enclosure penetrations shall be made with listed cable connectors or grommets; conduit stubs into controller enclosures shall be sealed.
20.2.5 DPS magnets and contacts shall be aligned within the manufacturer's tolerance and shall be tested for actuation at the maximum gap before the frame is finished.

20.3 Terminations

20.3.1 Terminations at controllers, readers, and power supplies shall be made by personnel trained in the manufacturer's wiring methods.
20.3.2 Conductor jackets shall be stripped to the minimum length required and stranded conductors shall be terminated in approved ferrules or directly under screw terminals per the manufacturer's instructions; bare twisted strands shall not be terminated under screw terminals.
20.3.3 Shields on reader cables shall be terminated at the controller end only, with the shield grounded at a single point per the manufacturer's instructions.
NOTE Floating both ends or grounding both ends creates ground loops that introduce noise on the OSDP line. (20.3.4)

20.4 Protection During Construction

20.4.1 Equipment installed before the building is secure shall be protected against dust, water, and physical damage by other trades.
20.4.2 Readers installed at exterior openings before the building envelope is closed shall be temporarily covered.
20.4.3 Energization of locks and other electrified hardware shall not occur until acceptance testing is scheduled and the system is ready for commissioning.

21 Training

21.1 The Contractor shall provide training to the Owner's designated administrators and operators before substantial completion. Training shall include the following:
  • Head-end operation: log in, navigate the user interface, monitor real-time events, respond to alarms
  • User and credential management: enroll a user, issue a credential, assign roles, modify access privileges, suspend and revoke a credential, issue and recover a lost credential
  • Reporting: generate and export audit reports, query events by user, door, time range, and event type
  • Time schedule and holiday management
  • Lockdown and emergency procedures: initiate a building lockdown, release a lockdown, override an individual door
  • Routine system health checks: review system status, check controller and reader online state, review power supply and battery status, review pending firmware updates
  • Backup and recovery: confirm a backup ran, perform a restore drill
Training Hoursrange
hours
440
48162440
Default: 8 hours
21.1.1 Training shall be delivered on the installed system, not on a generic demonstration platform, so that the Owner's personnel are trained on the actual configuration, naming conventions, and door schedule of the project.
21.1.2 Training materials shall be left with the Owner.

22 Delivery, Storage, and Handling

22.1 Access control equipment shall be delivered in the manufacturer's original packaging with listing marks and serial numbers intact.
22.2 Equipment shall be stored indoors in a clean, dry, conditioned space until installation.
22.3 Credentials shall be stored in a locked container with controlled access; the credential inventory log shall be maintained from receipt through issuance.
22.5 Batteries shall not be allowed to discharge below the manufacturer's storage voltage during construction.

23 Warranty

Installation Warranty Periodselect
1 year from substantial completion
2 years from substantial completion
3 years from substantial completion
Software Support and Maintenance Agreementradio
Manufacturer software maintenance for 1 year (default; includes firmware updates and security patches)
Manufacturer software maintenance for 3 years
Owner self-maintains after substantial completion (perpetual license only)
23.1 The Contractor shall warrant the system installation, including all wiring, terminations, programming, and integration, for a minimum of 1 year from substantial completion.
23.2 Manufacturer warranties on individual products (controllers, readers, power supplies, batteries) shall be passed through to the Owner.
23.3 The software maintenance term shall include firmware updates for controllers and readers, security patches for the head-end, and access to technical support.
NOTE Lapsed maintenance has been the cause of unresolved vulnerabilities on installed systems; the Owner shall be advised at turnover of the renewal schedule. (23.4)

24 Spare Parts

24.1 The Contractor shall deliver to the Owner at substantial completion the spare parts inventory below. Spare parts shall be of the same manufacturer and model as the installed equipment and shall be packaged and labeled for storage.
Spare Parts Inventorycheckbox
One reader per installed reader model (minimum one)
One door position switch (concealed and surface, as installed)
One REX device per installed type
One power supply per installed model
One battery per installed power supply
10 percent overage on credentials (minimum 25)
One controller per installed model (large projects)
24.2 Spare parts shall be stored by the Owner in the equipment room or designated storage area with the system documentation.
24.3 The spare parts list shall be included in the closeout package.

Edit this page

SynC Standards are reference material provided for informational purposes only and as a guide. They are not engineering, architectural, or legal advice and are not a substitute for the judgment of a licensed design professional. It is the responsibility of the user to determine the applicability of any standard to a specific project and to verify all requirements against the governing codes, manufacturer data, and project conditions. SynC does not render professional services and forms no professional relationship by publishing this content. Provided "as is," without warranty of any kind, including fitness for a particular purpose. See our Terms of Use for the complete terms.

This standard is published by SynC and licensed under Creative Commons Attribution-ShareAlike 4.0. You may share and adapt it, including commercially, provided you give credit, link to the license, indicate any changes, and license your adaptations under the same terms. Keep the attribution and notice below with any copy — it includes the warranty disclaimer the license requires you to retain.

Attribution & reuse notice — keep this with any copy:
"Access Control Systems." SynC Standards. Licensed under CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0/). Source: https://synergyinconstruction.com/wiki/sync/access-control-systems — reference material only; not professional engineering advice and provided without warranty. Verify against governing codes and have a licensed professional review before use.