Nowadays most security systems have sensors to detect events that would trigger alarms. Old security systems had all the elements wired, from sensors to the supervision centre. To disconnect a system, in most cases it would be as simple as cutting the wires in order to prevent the alarm signal to reach the supervisor. Some more advanced systems would detect if the connection was broken and that would be enough to trigger the alarm.
A few years back, M2M wireless connections where adopted by some security systems to replace the wired connections. That change reduced the deployment cost of these systems, as it was no longer needed to spend on wire installations. But this change from wire to radio also offers an extra layer of security because it is harder to jam a wireless connection than cutting a cable. The problem with IT systems using wireless connections is to know when the signal is lost. Perhaps the network elements know the end-device is no longer active but rarely they pass that event to the application, in this case the security system console.
At Carriots we thought on how to upgrade legacy security system into a modern alarm solution using the cloud under the IOT concept. We came up with an interesting feature that can be easily implemented using Carriots platform to avoid thieves from disconnecting alarms or replacing them.
Here is how: Imagine you design a brand new alarm system where every element, every few seconds, sends a “heart-beat” to your central alarm system on the cloud. If the alarm system is capable of controlling the absence of heart-beats it would detect that an element or the whole system is compromised. It would then trigger the alarm, no matter if the thieves would attack the local electronics.
To prevent the alarm from triggering they would have to hack the cloud or imitate the heart-beat of the elements. But how easy is to imitate such a heart-beat? Well, it can be almost impossible if the heart-beats are well designed using the latest IT security features. If each of the streams is unique and uses public key infrastructure (PKI) to cypher and authenticate the data, sender and receiver, then the solution is extremely secure.
In Carriots we already have two features implemented so you can use them to design this type of advanced security system:
- We have a device supervision module capable of detecting changes in device status based on the absence of data (like missing heart-beats). We already talked about it on the blog. https://blog.carriots.com/status-device-supervision-for-better-iot-applications/ . With this feature you can trigger the alarm the minute after any of the elements is disconnected.
- If the heart-beats of the security system use our HTTPS REST API and Checksum feature to authenticate the data streams then it is almost impossible to tamper the system.
Obviously these features are improvements to any type of application where it is important to track if the system is online and unaltered like GPS tracking devices, fire detection systems or many other uses.