-
Posts
42 -
Joined
-
Last visited
About ccbrennan
- Birthday 28/02/1970
Contact Methods
-
Website URL
http://www.webwayone.co.uk
Profile Information
-
Gender
Male
-
Location
Newbury
-
Interests
Road and Mountain bike riding, horse racing, business management
Location
-
Location
Newbury
ccbrennan's Achievements
Newbie (1/14)
0
Reputation
-
Leave Security To The Experts?...
ccbrennan commented on Joe Harris's blog entry in Electronic Security & Technology
EN signalling standards require the device to be protected from substitution. Messages and polls also need to be substitution and encrypted which the UK and European test houses can approve products to. You can go further and get your solution penetration tested too. If your buying products which havent been tested under the EN framework then your going to be vulnerable. Make sure your installing products that have been tested to "do what they say on the tin". -
That's a novel approach. Certainly AMS software is proven to handle hundreds of thousands of connections - you only have to look at the scale of systems in the US where an ARC literally monitors millions of connections. The ability to route alarms is not a simple task - though is built into ATS providers receivers (because ATS providers have hosted and direct architectures for alarm delivery to AMS systems). In the UK we are seeing more and more smaller ARCs started by installers who have enough connection volume to warrant providing their own services - a remote architecture and software for them to use/manage would certainly be an option.
- 2 comments
-
Convergence - Where Will It Lead?
ccbrennan commented on Joe Harris's blog entry in Electronic Security & Technology
Convergence requires integration of diverse products at the premises and delivery of the data from each of those systems to an operator screen or diagnostic platform. If you go the route of using an individual "manufacturers own" comms device for every panel, DVR, camera etc you won't get the "integrated" feel/performance needed for confirmation and management. You'll also get variances in the way these comms systems operate, protect the data (i.e. many different types of encryption and key management), are supported and approved. Asking the AMS at the ARC to "manage" the comms (polling, encryption/decryption, statistics, fault flood control etc) for every type of manufacturers device is a big task - and possibly undesirable. ARCs could end up with AMS software which is bloated, requires ever more regular updates and hardware improvements to manage such a diverse set of tasks. Using ATS providers to deliver the integration at the premises (i.e. a communicator with multiple data interfaces to legacy and modern equipment such as panels, DVRs, cameras etc) also requires a receiver or management platform in a hosted environment or at the ARC. The disadvantage for ARCs is that there is more equipment to manage, but the advantage is that those receivers are dedicated to a specialised task - taken the burden off the AMS which was designed specifically for event management. For installers, using an ATS provider to deliver a comms path for UDL to diverse platforms means that the security and dial up costs are taken care of - as well as the complexity of access to the site (either via a call or via the firewall). If using individual comms devices to achieve this the firewall configuration (or number of different types of modem) becomes unweildy, difficult to manage and undesirable for the end customer. A hard subject to convey everything in "text", but if our view is that if you want all your information delivered to an operator screen, and you want secure remote access to your devices then an integrated ATS provider approach can deliver you the "signalling architecture" you need.- 2 comments
-
- Technology
- CIE
-
(and 5 more)
Tagged with:
-
Single path signaling solutions This blog aims to outline the options for single path signaling. To avoid continuous repetition of “network polling, alarms, UDL, diagnostics etc this document will refer to these features as “ATS functions”. Network polling is the transmission of data between a transmitter located at the protected premises and the alarm receiving centre for the purposes of identifying the loss of an end to end route over the network. Alarms are events generated by either pin/channels or SIA events from the security system (intruder or fire). UDL refers to Upload/Download of data to and from the security system or transmitter for the purposes of management and maintenance. Diagnostics refers to troubleshooting security system, transmitter or network problems remotely over the network. Technologies There are 5 methods used to provide single path signaling today using standard, non proprietary communications methods. Standard PSTN (Public Switched Telephone Network) Dial up (Digi modem) Modem data over wireless GSM (Global System for Mobile Communications) IP over fixed line xDSL/fibre/other (Digital Subscriber Line - Asymmetrical, Symmetrical upstream and downsream options) IP over wireless GPRS/3G/other (General Packet Radio System, 3rd Generation, LTE (Long Term Evolution) Billing Each technology incurs communications costs (not including ARC monitoring fees). In the security application costs are incurred by network polls, alarm delivery and remote service. With certain technologies the cost is paid by the end user to the telecoms service provider. Other technologies are billed via the ARC by the ATS provider. Some ATS providers do enable the end user to procure their own SIM for either GSM data or GPRS, however in general: Standard PSTN End user pays Proprietary PSTN ATS provider charge via ARC Modem data over wireless ATS provider charge via ARC IP over fixed line ATS provider charge via ARC IP over wireless ATS provider charge via ARC Costs Because single path signaling is generally only considered for low risk premises the end users expectation is for low cost/low functionality. Summary PSTN Dedicated line provides best functionality/security Dedicated lines are expensive Calls are expensive Security reduced by reducing call frequency Security reduced by implementing on shared line Test call and power fail should be configured at all times GSM data Less expensive than PSTN More expensive than GPRS and ADSL Same dial in security issues as PSTN Test call and power fail should be configured at all times GPRS data Very low cost support for all ATS functions More secure than PSTN and GSM (firewalled etc) Test call and power fail should be configured at all times Remote UDL has increased security Remote UDL can operate in internet/private APN modes Private APN is more elegant for any time access Private APN includes fixed IP address for SIMs Costs of APN/fixed IP is close to zero for ATS providers xDSL As a shared service cost of ATS functions is close to zero High polling frequency means anytime UDL possible High polling frequency means network reporting time can be reduced to identify power failure/faults more quickly, without undue stress on ARC More secure than PSTN and GSM Operates in dynamic or fixed IP address modes Detail PSTN PSTN is a point to point service, operating only one application to a dialed destination at any time (or inbound call). In the security context the most reliable and secure implementation is to use a dedicated PSTN line. A dedicated PSTN line can efficiently support all ATS functions, though generally at a lower frequency than other proprietary or IP based systems. Using a dedicated line ensures that the security service is not interruption by other dial up applications or compromised by “off hook” scenarios (which can also occur undetected during the Open and Set periods). However dedicated lines are expensive, prone to disconnection by finance departments because of their low useage profile and the trend in price remains on the increase. Because of the cost of PSTN lines and call charges many installers and end users have reduced the number of test calls and alarm traffic sent. This further reduces security and devalues the application. The potential trend for these systems, even without the network issues which occur from time to time, is for end users to cancel the services. Using shared PSTN lines reduces the line rental costs, but introduces the off hook risks. For installers that want to use remote UDL there is also the issue of the inbound call being answered (by fax or person) or that the line is busy. Generally the remote UDL over PSTN is insecure. There are very few measures to restrict a system dialing into a site (such as a firewall). Dial in/dial back for UDL does provide some security, but data is sent by the digi unencrypted and many installers enable dial in/common engineering codes for efficiency/simplicity. Modem data over wireless Sending ATS functions over GSM data networks removes the cost of a dedicated land line and is significantly cheaper. However GSM data useage is expensive compared to GPRS and xDSL services. GSM can be remotely dialed by the UDL package, but the security risks remain the same as PSTN dial up. GSM can be dialed just as PSTN is if you know the telephone number of the SIM. See security issues above for PSTN. GPRS During the past 8 years GPRS costs have dropped dramatically and it’s functionality has improved. Because GPRS is a “packet” based system which uses shared local access and network resources it is charged on a useage basis i.e the amount of bandwidth you use per month. M2M GPRS is procured on a contract basis and there are many commercial options open to ATS providers including pooled bandwidth, fractional billing, line rental with inclusive bandwidth etc. GPRS is suitable for all ATS functions and it has added security and encryption over GSM dial up data. Because the GPRS service uses IP technology to transport data the SIM/service is behind the network provider’s firewall systems. If the SIM is not sending data to a server (e.g. a receiver) it is not possible to send data directly to the SIM over GPRS when behind the public internet firewall. For single path ATS systems, if the remote device is polling very infrequently (e.g. every 24 hours) then remote connectivity for UDL is not possible. Other methods can be used to make the SIM send data to initiate two way communications, however they add (minor) cost and the UDL package may time out during the process. To maintain the security of the GPRS system (when used as a single path system) and allow anytime access for ATS functions, the most elegant solution is to provide the SIM with a Fixed IP address. To achieve this the ATS provider procures a dedicated APN/IPSEC tunnel(s) from the mobile provider. This creates a closed network group for the SIMs, fixed IP addressing etc. The cost of APN/IPSEC tunnels has reduced dramatically over the past 3 years making the cost implications to a volume ATS provider negligible/zero. xDSL Fixed line broadband internet connections are designed for high speed, shared application use. The cost of transmission is effectively zero (when operating on a shared circuit). The firewall does restrict unsolicited inbound access, providing a higher level of security than PSTN. This is overcome by ATS providers using network polling as the transport for all ATS functions. In the case of xDSL based systems, there is no need for a dedicated APN/IPSEC tunnel from the service provider because the bandwidth used is provided by the end user (at almost zero cost). Therefore the polling frequency on fixed line IP systems can be far higher than GPRS, enabling any time access all the time. ARC costs Digi modems communicate directly with the ARC into a receiver rack. PSTN/ISDN lines modems/terminal adapters are required and contention is high (we have seen digis contending 100-1 for ARC based resources). (PSTN traffic from ATS providers is generally delivered by a hosted system over IP connections or, in some cases, legacy kilostream services). GPRS and fixed line IP services are delivered into the ARC using high speed internet connections. These are more scalable and less contended than the PSTN infrastructure. (Statement holds for hosted or direct connections from ATS providers). Pros and cons of each technology Four elements effect the choice of single path signaling; frequency of polling, frequency of unconfirmed network faults reported, network maintenance and the affect of loss of power to the ATS communication/communications equipment/line. Network polling frequency Any single path system is compromised by the fact that an interruption in service cannot be detected quickly without high speed polling. Using dial up PSTN and GSM services, high speed polling can be expensive. Network fault reporting The downside of high speed polling is that short term network faults can be reported to the operator. Dependent on the technology used polling the network incurs cost. Network maintenance Every service is affected by network maintenance by the communications service provider, or the end user. In general maintenance outages are very short. Whilst the actual work may take some time, the implementation of the upgrade/work takes a few minutes whilst systems reboot. Signalling standards take care of this with a minimum 3 minute reporting time at Grade 4 and much longer at the lower Grades (3 and 2). The majority of network equipment either local or remote to the premises can be worked open without interrupting operation with the reboot taking less than 3 minutes. Power A loss of power can also stop a communications service operating. Loss of power using a Digi modem or GSM/GPRS system PSTN systems which use a copper path include a line voltage, driven by power at the exchange. However, the digi modem will only operate for the battery backup time of the alarm panel, hence the requirement to back up the panel for 24 hours using a battery. Once expended the modem will fail, but the line will stay in operation. The same power backup times apply to the operation of a GSM/GPRS modem. For systems which monitor power it remains possible to transmit a “Power failure” message to the ARC, but only if this has been configured in the panel or via a channel. If this alarm is not configured the ARC will be made aware only when the battery backup of the panel fails and the test call from the modem is not received, if the test call has been configured to be sent. Loss of power using fixed line or wireless IP single path systems Power loss will result in the loss of broadband and the ability to signal. Because of the fast polling times a fault can be recognized by the receiver quickly. The majority of power failures are short, but installers can choose from Grade 2 (24 hour), Grade 3 (5 hours) and Grade 4 (3 minute) reporting times. Some ATS providers enable a hybrid reporting time of 30 minutes to an hour, which is both logical and statistically proven to be a reasonable time to enable either a single path wireless or fixed line system to recover from the majority of network faults, maintenance or power outage issues. Additional reporting can employed to report a power fail over PSTN in either instance, creating an IP+PSTN or GPRS+PSTN solution. The use of VoIP for digi modems Many xDSL routers support the connection of an analogue modem. The router will convert the modem analogue signal to packet, but at the receiving end a router will need to convert the data stream back to analogue for receipt by a modem. The process is complex and in the security environment can introduce kiss off issues with the alarm panel – which is the very problem many ARCs are attempting to avoid. The future Fixed line Fixed line technologies such as fibre are already available. Changes the users will see are that transmission and download speeds will become faster and more symmetrical. Services will continue to converge applications over a single line at faster speeds of transmission and access giving remote control a continually improved “real time” feel. IPv6 introduces the concept of a fixed IP address for every device, this has advantages in terms of reducing the configuration required. Firewalls will remain a key element in protecting devices from malicious, unsolicited in bound attack, even when every device has it’s own IP address. Wireless The major changes to communications will be in wireless. 3G has been available for several years nationally, however the price of 3G hardware has restricted use of this technology in security. When 3G hardware costs reduce this will enable a more elegant solution for Imaging and CCTV transmission over wireless because of its increased upstream speed when compared with GPRS. LTE frequency auctions start in 2013. Networks will roll out during 2014. Speeds will be very high, but the technology will come with the same price of hardware/power consumption issues at first. This will then decline to be affordable/reliable/efficient in line with other digital technology trends. In general the wireless communications solutions will continue to evolve to a point where the airborne traffic is as fast and affordable as the fixed line traffic – eventually delivering a symmetrical service over any path, both operating at the same/very similar speeds. Coverage will continue to improve, but wireless will always be prone to signal strength issues due to geographical location, physical construct of the building and installation location within the premises.
-
The technology used to transmit alarm and UDL data from premises to ARC and installer is becoming ever more powerful. In this series of blog's we aim to provide you with unbiased information on subjects such as SIA transmission (this edition), standards and how the advance of communications technology will continue to benefit all stakeholders in security. In our business we love technology, but you won't hear from us "you can't do this" or "you shouldn't use x technology". There are horses for courses and it's essential for end users and installers to use the appropriate solution dependent on premises, risk etc. In this first edition we'll look at SIA alarm transmission. You can watch the video .Naturally, the security sector focuses on systems which detect risk local to a given premises, making effective use of intruder, fire, CCTV and access control solutions for the host organisation. Alarm transmission services help manage those risks ‘remotely’, ensuring that event information is sent to an operator who can detect that communication has failed and then summon the relevant emergency services (police, fire) and/or key holder, security installer/systems integrator). That said, transmission networks can also be the bottleneck, sometimes reducing the amount of data that the user would like to send/see. They might also compromise the security of the premises unless appropriate security measures are in place. In this regular monthly blog, we’ll appraise some of the key elements of signalling – and we’re going to begin by examining the prime uses (and benefits) of extended format alarm transmission. Extended format alarms: a quick summary Extended format alarms help those involved to save time and money. You can avoid site visits and interruption to the end user business as well as improve installer services, manage events and faults on a remote basis. There are also improvements to be had in terms of Alarm Receiving Centre (ARC) reports, adding value to the monitored service. The lowest cost transmission is via IP over radio (GPRS) or fixed line (ADSL/Internet). Even Grade 2 systems should use encryption (reference EN table 10, Option D). Why hasn’t the industry used SIA for so long? In the context of this discussion, ‘SIA’ is the Security Industry Association of America and not the Security Industry Authority you all know to be the Regulator for the UK’s private security world. The ‘SIA protocol’ we talk about next was developed to bring together many alarm transmission formats. Its benefits are detailed in due course. Sending every SIA alarm over an analogue telephone call is expensive. A system sending just an ‘Open’, ‘Close’ and ‘Test’ call in 2012 over a working year of 265 days could incur call charges of £100-plus (and certainly isn’t ‘for free’). To reduce costs the security sector turned to inputs/channels as the solution. Inputs relate many detectors to one transmitted event, the unforeseen consequence being the reduction in value of the security system and increased site visits. The event received is not the original event created by the panel, just a translation. As ‘Pins’ are a physical connection from the panel to the communications device, only a limited number of inputs/channels could be transmitted without making the device large in size. Generally speaking, up to 16 channels only will be supported (even for sites which could have dozens of zones or alarm types). Why use extended format alarms? Extended format alarms are not solely for the larger sites. Installers who implement SIA can provide a better level of service to domestic or business sector customers, identifying what has happened before visiting or otherwise eliminating a site visit altogether. We’ve seen the impact of the recession on loss prevention teams. Installers need to manage their bottom line closely as operating costs continue to increase in the recession. For their part, extended format alarms can help end users and installers alike to better manage their situations by providing detailed event information without having to visit a given site. The majority of alarm panels built in the last decade support the SIA protocol alarm format. That protocol includes site ID, date, time, the alarm type, zone, area, entry code and user (if programmed). A simple example is that a Pin 4 alarm for ‘Open’ now becomes ‘Open, J Smith’ or ‘Open, Cleaner’. BA (Burglar Alarm) is now ‘BA, Zone 2, Reception’ etc. By transmitting SIA to the ARC, reports become richer and more useful. Loss prevention professionals or installers now have access to the original data from the panel. This speeds up the understanding of an event, or helps the installer diagnose a fault without having to go to site. Why can the industry use SIA now? Using digital transmission technology, SIA can be sent more cheaply and securely than before. A hybrid alarm transmission systems is a solution which uses a radio IP path (GPRS) as the ‘Primary’ method to transmit alarms, network polls and provide UDL (Upload/Download, ie remote management/service) to the alarm panel. The cost of GPRS bandwidth to transmit every SIA event, UDL and network polling per annum is less than 15% of the cost of sending three alarms per day over PSTN dial-up. A pure digital alarm transmission system will use the IP fixed line path (ADSL) as its primary and radio IP (GPRS) as the back-up.
-
- Signalling
- Monitoring
-
(and 3 more)
Tagged with: