failure rates for electronic locks?

[Lock Jock]

I'm curious if these specs on the all-electronic and hybrid models are known to anyone outside of the companies who make/market the products.

The iLOQ has no mechanical fail-safe and systems like the Mul-T-Lock with Cliq are fail-secure (can't be opened if the lock circuitry fails), although perhaps worse is that they could potentially fail open, so MCBF is important.

Considering that hybrids (other than log-only) can't be opened if the lock circuitry develops a fault (unless it fails open) and the manufacturers tout the superior security of their encryption, why do they even bother putting pins in the things?? Is the only reason to cover the possibility of a fail-open?
If the electronics are so great, the locks don't need pins, and if the pins are set properly but the lock circuitry fails, the lock is dead, most likely resulting in a lockout and the customer is screwed.
In such hybrids, pins would generally seem to be little more than dead weight for show with possibly some additional marketing hype value -- although, the company could just as easily ditch the pins and hype the thing as state-of-the-art electronic with fewer moving parts to wear out, pick proof, bump proof, reduced complexity, reduced cost, etc.

Can someone link me a relevant standard for electronic models that manufacturers must meet or exceed and a list of certified and non-certified models?

[shadow11612]

why do they even bother putting pins in the things?? Is the only reason to cover the possibility of a fail-open?
If the electronics are so great, the locks don't need pins, and if the pins are set properly but the lock circuitry fails, the lock is dead, most likely resulting in a lockout and the customer is screwed.
In such hybrids, pins would generally seem to be little more than dead weight for show with possibly some additional marketing hype value -- although, the company could just as easily ditch the pins and hype the thing as state-of-the-art electronic with fewer moving parts to wear out, pick proof, bump proof, reduced complexity, reduced cost, etc.

I can talk a little about the Medeco products. With the Medeco Logic, which uses the Cliq technology, the reason for also having pins is cross cylinder use. I have doors with a standard M3 cylinders and some with Logic cylinders, so the Logic key will open both. Basically, with the Logic system you can install Logic cylinders into an existing standard keyed system.

I do not have any experience with it, but Medeco also has their NexgenXT, which is a total electronic system without any traditional key or pinstack.

[Lock Jock]

Nexgen has supposedly been defeated by Tobias and crew.
It's briefly shown at the very end of an old DefCon17 video: http://www.youtube.com/watch?v=wsvQtIuM5a4
I dunno if the XT shares the same vulnerabilities, though. Maybe Medeco fixed it.

[Evan]

Considering that hybrids (other than log-only) can't be opened if the lock circuitry develops a fault (unless it fails open) and the manufacturers tout the superior security of their encryption, why do they even bother putting pins in the things?? Is the only reason to cover the possibility of a fail-open?
If the electronics are so great, the locks don't need pins, and if the pins are set properly but the lock circuitry fails, the lock is dead, most likely resulting in a lockout and the customer is screwed.
In such hybrids, pins would generally seem to be little more than dead weight for show with possibly some additional marketing hype value -- although, the company could just as easily ditch the pins and hype the thing as state-of-the-art electronic with fewer moving parts to wear out, pick proof, bump proof, reduced complexity, reduced cost, etc.

@Lock Jock:

The hybrid (self-contained electromechanical lock cylinders) have pins in them because they are designed and intended to be a retrofit application for existing mechanical keying systems where the keying system administrator wishes to add an audit trail for key use...

Someone who knows what they are doing in the security world would never spec a hybrid electromechanical cylinder in a new construction application... In a new building situation the system would be an on-line access control type system where the building occupants would never see a mechanical key for the keyed override cylinders... If other locks in the building were keyed and building occupants needed to access them like for individual office doors it is likely such keys would be a different keyway...

Someone manipulating the keyed override cylinder on an access control device is a concern, however in most applications there is someone monitoring a system control console and a manual mechanical key event whether by key or by pick triggers an alarm event for investigation when the lock opens mechanically... Whether this is by a special tamper sensor in the lock case activated by the cylinder cam or by means of system programming using the door position switch to trigger that event whenever the door opens without a credential being scanned or the Request-to-Exit circuit being activated by manual station or motion sensor inside the protected opening the results are the same...

Retrofit applications can be useful for some clients who aren't going to upgrade an entire building with keyed lock openings numbering in the thousands to provide an additional level of security for only a small percentage of them...

Think of Schlage Primus or Sargent Signature high security products... While they can be used 100% on brand new keying systems, part of the design intention was to be backward compatible with existing keying systems so that owners of those older systems could selectively upgrade certain locks within their otherwise totally open master key system to a higher security level without having to replace every cylinder in the facility...

~~ Evan

[Lock Jock]

True, I did have in mind new installations when I posted that and overlooked limited upgrades.

But, couldn't the organization just replace a desired master cylinder with all-electronic while still using a physical key that operates lower level cylinders without using pins in said master?
The effect is the same. The organization gets auditing, better key control (for the electronic master) and enhanced security of electronics w/o replacing the lower level (or less-critical master) cylinders, and the master still opens the lower level locks (which can be rekeyed for the new master or the new master cut to match the existing lower levels).

One would think the manufacturing and, therefore, end user cost would be less per lock if the extra hardware (and the R&D that went into enhancing the mechanics) were absent.

[Lock Jock]

while still using a physical key that operates lower level cylinders

Just to clarify, I mean the blade of the electronic key, not a separate physical key.

[Lock Jock]

Btw, I was clearly thinking mid-upper levels > lowers only. The higher levels (GM, GGM, etc.) couldn't use the mid-level master locks w/o also converting to all-electronic, since the mid-level wouldn't have pins.

If a master is converted, he could use his lock and change-level locks with his keyed blade and have his all-electronic cylinder, but the GM and up couldn't use the all-electronic master w/o also converting to all-electronic.

So, I get it, but I was assuming all levels above the master in question would also be converted, since it wouldn't make much sense to want improved security for mid-level masters but not for his superiors.