Printer Friendly

On the line with data transmission.

SECURITY MEASURES ARE NEEDED to protect alarm systems, just as alarm systems are needed to protect assets. Since alarm systems typically convey alarm signals along communications lines, a key element of alarm security is the integrity of data transmission.

Line supervision helps ensure the integrity of a data communications line by monitoring a characteristic of the line. Detection of a line short (when someone trying to break in connects across the wires with another wire), an open line (when the cable is cut), or an attempt to substitute a bogus signal for the legitimate "no alarm" signal is annunciated as a line supervision alarm.

Line supervision methods are applied to each communications path between the sensor and the annunciator in the central alarm station. These methods are related to the protection of various segments of a total alarm system.

Security measures for alarm systems also include physical protection, access controls, redundant features, testing, and annunciation and response to system alarms. The extent to which any or all of these measures are used to protect security-related equipment from unauthorized access should be consistent with the importance of the asset being protected.

For protection of high-value assets, all detection and alarm devices, including transmission lines to annunciators, should be failure- and tamper-indicating while activated (secure mode) and while deactivated (access mode). For lower-value assets protected by alarm systems, system components should be protected based on a cost and benefit analysis.

Physical protection encompasses location of system components within security areas, use of conduit for alarm communications lines, and type of data transmission media. Access controls incorporate locks and tamper switches for junction boxes and equipment enclosures. Such controls also require two individuals for system component testing and maintenance.

Redundant features include independently routed communications lines, sensors, and power supplies. Testing covers manual testing by people, automatic testing by the security computer, and sensor self-testing. Response to system alarms includes using compensatory measures, such as posting security officers, until the nature of the alarm has been determined and corrective actions have been completed as required.

Some measures, such as using locks and tamper switches on enclosures, are basic features for any alarm system application. Other alternatives can be used, depending on the asset being protected. Several measures are optional, depending on the combination of features employed.

The highest, most cost-effective security for system data communications consists of a combination of protection measures, but the right combination depends on the site and its requirements.

Alarm systems used to protect significant assets include several types of data communications lines, from sensor to data-gathering panel (DGP), from DGP to DGP or alarm system computer, and between alarm system computers and computer peripherals.

Digital data communications techniques are one way to accomplish line supervision. The technique that is most effective depends on a number of factors. These include

* the amount of information transmitted at one time,

* the time allowed for transmittal of a single data point versus the time allowed for transmittal of all information to be transmitted.

* the availability of data for retransmission in the event of a transmission problem,

* the magnitude of errors anticipated due to background noise superimposed on the communications line,

* the duration of a single data point,

* the expected frequency of data input,

* the time allowed for system response or output as a result of the input, and

* routing of information over different types of lines.

The right techniques for one situation could be the worst techniques for another situation. For example, the transmission of large files between computers would normally be accomplished with data organized into a number of fixed-size blocks. Information on the number of blocks for transmission, the size of each block, the number of each block transmitted, an integrity check for each data point (parity bit), an integrity check for each block (longitudinal parity check and check sum, and an integrity check for the entire file are all appropriate.

Different provisions for retransmission in the event of an error are also appropriate. In special cases where retransmissions are not possible, elaborate data coding schemes are appropriate to recover lost information. These techniques are grossly inefficient, however, for transmitting a single data point that may be easily retransmitted.

Information transmitted over a data communications line between an intrusion sensor and a DGP designated as sensor line is normally limited to a single, simple state: alarm or no alarm. Alarm system lines between DGPs--also called multiplexers and transponders--from DGPs to alarm system computers, between computers, and from computers to displays, printers, and other computer peripherals transmit packets of digital data.

Normally, relatively small blocks of information, such as the status of intrusion sensors connected to a DGP, are transmitted between DGPs and between DGPs and alarm system computers. Larger blocks of information are typically transmitted between computers, displays, printers, and other peripherals.

Alarm systems are data-gathering and control systems. Communications lines connect various remote sensors to DGPs and, ultimately, to a host computer. The host computer, coupled with its peripheral devices, performs alarm annunciation and facilitates various human interface functions. Commonly used computer peripherals include a video monitor, a mouse, a keyboard, and a printer.

Some examples of operator and computer interface functions include activating and deactivating alarm sensors for day and night operation and controlling remote television cameras, lights, and sirens. Due to the diversity of subsystem components and functional requirements, various physical lines and data communication techniques are used by an alarm system.

The most common interface between a sensor and an alarm system is a simple electrical relay or mechanical microswitch integrated within the sensor. The opening and closing of the simple switch modifies a resistive network added between the sensor and the DGP and causes a voltage or current change that can be detected by the DGP. With such a technique, a sensor can transmit its alarm status (no alarm or alarm) to the DGP. Thus, the communication data line between the sensor and the DGP is analog.

Multiple alarm input lines and output control lines are normally connected to a DGP. The DGP functions like a data hub and provides the sensing voltage necessary to interface with sensors. A DGP provides digital data communications with a central alarm processing computer. The communication data lines among the DGPs and between the DGPs and the central computer are digital.

A modern DGP is commonly designed with several serial data communication ports that perform two-way communication with the central computer through a data network. This data network usually involves a loop or parallel multidrop-type of bus configuration.

Line supervision classes. A number of widely accepted specifications exist for line supervision. Many government facilities use classes of line supervision presented in Federal Specification W-A-450B, dated February 16, 1973, with Class B supervision as the most common specification.

Classes A, AB, B, and C are specified in W-A-450B. Definitions of line supervision classes in W-A-450B are in specific, measurable terms. For example, Class B line supervision is defined in terms of an allowable percentage variation of line current for different ranges of line current. An alarm occurs when current fluctuation occurs outside this range for one second.

The draft revision to this federal specification--W-A-450C, dated November 1991--defines line supervision classes A, B, C, D, E, and F. Unfortunately, the revised specification uses performance-based definitions, with no correspondence between the old and new line supervision classes.

Similar problems exist in consistency with line supervision classes defined in other government sponsored standards, such as DIAM 50-3 (classes A and B).

Classes of line supervision as defined in the final draft of W-A-450C, dated November 1991, are provided in Exhibit 1, with examples given for each class.

For consistency in application, the following interpretations may be used. Classes A through C apply to digital transmission of bytes of data. In general, classes A through C apply to alarm lines between DGPs, between DGP and central alarm computers or alarm annunciator panels, and between computers. The information transmitted over this line is in the form of data packets.

Typically, a data packet would include a message source or destination address, one or more bytes of status or control information, and one or more bytes for verifying the integrity of the data packet.

Classes D through F apply to transmission of information through changes in the analog signal. In general, classes D through F apply to alarm lines between a sensor and a DGP. A DGP encompasses equipment, such as multiplexers, transponders, and alarm panels.

The sensor information transmitted over this line is in the form of an analog signal, which is typically supplied by the DGP circuitry. The DGP converts this information to a digital form for further transmission. More sophisticated techniques do exist for transmission of sensor status between a sensor and DGP, but these techniques are substantially more expensive and the increase in actual security level is not proportional to the increase in cost.

Alarm line supervision. Options for different classes of line supervision depending on frequency and type of testing are given in Exhibit 2. Testing provides assurance that the line or data link is capable of transmitting an alarm signal and has not been compromised.

Different combinations of line supervision and testing are used depending on line routing. Three cases are presented for the two primary segments of alarm data transmission, which are from sensor to DGP and from DGP to DGP or CPU. These three cases are: an alarm line remaining within the security area of the asset being protected, an alarm line going through a lower security area, and an alarm line going through an unsecured area.

Alarm line assurance. A regularly applied test and maintenance program ensures an effective, operable system. Two levels of testing provide a cost-effective program--a simple, operability test and a comprehensive effectiveness test.

Operability testing provides a basic measure of integrity on a frequent basis. Operability testing ensures that opening a door will produce an alarm. Effectiveness testing ensures integrity under all conditions of expected operation and is performed on a random basis.

Effectiveness testing ensures that opening a door more than 1 inch produces an alarm. Each type of testing is conducted under both secure and access modes of operation.

Testing specified in Exhibit 2 applies to operability testing to ensure that the correct alarm data is communicated over the data communications lines from the intrusion sensor to the alarm display.

For the data communications line between an intrusion sensor and a DGP, manual testing should be performed by actual intrusion into the alarmed area. Alarms caused by the opening and closing of areas by operating personnel in the normal performance of their activities are acceptable tests.

For data communications lines between DGPs or CPUs, automatic testing should be performed through polling of each DGP and any alternative computers that may be used by the master alarm computer. The normal process of interrogation and response, which is an integral part of most communications protocols, provides acceptable testing.

To ensure that natural failures or degradation have not impaired alarm communications, automatic data line tests should be performed at least hourly.

Options are provided for frequency of testing, based on class of line supervision and implementation of self-test features in intrusion sensors. Where self-test features are used to reduce frequency of manual testing, the self-test simulation of alarms should be initiated by the master alarm computer and conducted hourly. Self-test options are available for several high-end models of intrusion sensors.

Detailed functional requirements should be tested through effectiveness tests after each inoperative state, after repairs, and annually. An inoperative state for an alarm system or component exists when the power is disconnected to perform maintenance, when both primary and backup power sources fail, or when power is applied and one or more components fail.

Placing a properly operating alarm system in the access mode would not constitute an inoperative state unless accompanied or followed by any of these three conditions. The transient disconnection of power to a transmitter unit of a transmitter and receiver pair to test detection capability of the receiver, as done in self-testing of bistatic microwave sensors, does not constitute an inoperative state.

Alarm annunciation. Line supervision alarms should be annunciated in all alarm stations indicating the type and location of the alarm source. For protective force response, a line supervision alarm should be treated the same as an intrusion alarm for the area protected.

Loss of alarm reporting capability from a DGP should be detected, annunciated, and treated as intrusion alarms for each sensor connected to the DGP. In the event of disabled data lines between intrusion sensors and DGPs, compensatory measures should be provided to ensure continuous intrusion detection and assessment of protected areas.

Compensatory measures should be implemented at the time of alarm response and maintained until the data line and DGP have been repaired and revalidated with effectiveness testing. Corrective maintenance should be initiated within 72 hours of failure.

All alarm systems may be compromised, but protective measures, such as line supervision, can increase the chances that a breach of system integrity is detected before security problems arise.

Ronald J. Sentell is principal engineer with Westinghouse Hanford Company in Germantown, MD. He is vice chairman of the ASIS Standing Committee on Security Architecture and Engineering.
COPYRIGHT 1992 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1992 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:importance of data transmission in security measures
Author:Sentell, Ronald J.
Publication:Security Management
Date:Nov 1, 1992
Previous Article:Protection Officer Training Manual Fifth Edition.
Next Article:The perils of preemployment screening.

Related Articles
How Digital Data Transmission Technology Is Determining the Direction of the Future.
Computer-Security Encryptors Help Halt Hackers.
Program Emulation Role in Satellite Delay Compensation.
On the line with DES.
How safe are your data transmissions?
Tank data monitoring by Web-based remote transmission of data.
Simulating a TDR: as long as you have access to any version of SPICE, you too can simulate a TDR.
DDR SDRAM characteristic impedance and PCB design: how much impedance variation can a DDR SDRAM interface tolerate before going out of spec?

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters