Communications – Stephen Scott Trundle, Alison Jane Slavin, Jean-Paul Martin, Alarm com Inc
Abstract for “Alarm signaling technology
“Techniques can be used to handle an event in which a control panel or alarm signaling device is tampered or destroyed by a disablement tactic (e.g. a crash and smash intrusion).
Background for “Alarm signaling technology
Security systems can be implemented using wired or wireless sensors within the property being protected. These sensors can include door contacts, window contacts and glass-break detectors. They also may be used to detect intrusions and environmental sensors such as smoke, carbon monoxide and flood. The system can sound a siren or notify an offsite station about the event when a sensor is tripped. The type of sensor that was tripped may dictate how long the system waits before sounding an alarm or notifying the host station. This will allow the property manager or owner to disarm the system. The Security Industry Association (SIA), which is trying to reduce the false alarm rate in the industry, has recommended that all residential security systems include an automatic alarm signaling delay for intrusion alarms. This will allow homeowners more time to cancel false alarms. Many security control panels may ship today with a SIA recommended?dialer delay? feature enabled. Monitored security systems are alarm systems that notify the host station of an alarm. These systems notify the host station (e.g.?central station?) of an alarm using telephone lines. However, these systems can be disabled by cutting or disabling the property’s line connection. The system will not notify the host station if the connection to the property has been cut prior to or immediately after an intruder attempts to enter the property.
Some security systems can be upgraded to transmit alarm signals via wireless radio to the host station to counter line disconnection. The security system cannot be disabled simply by cutting the landline connection to the house or business that receives wireless signaling from its security system to the station. However, wireless radio-signaling devices can still be susceptible to attack. Intruders use a common tactic called the “crash and smash” tactic. technique.”
“In order to implement the?crash? and smash? technique, A skilled intruder can disable phone lines or other wired connections before an alarm system can contact the user. The?crash-and-smash? technique is used. The?crash and smash? technique is where the intruder crashes through a locked door. The system designer usually sets the delay to give the homeowner or property manager time to disarm the security system before the alarm sounds or the host station gets notified. The system is in limbo during this delay period. These delay periods usually last around one minute. However, due to high false alarm rates, high fines for false alarms and high penalties for false alarms these delay periods may be longer. Many systems are programmed with signaling delays that can be used for all intrusion alarms. The delay period gives the intruder enough time for him to smash through the door and destroy the security panel and wireless signaling device. This is while the control panel is waiting to disarm or trying to establish an analog (dial up) phone connection to the host station. This defeats the security system.
“Techniques can be used to handle an event in which a control panel or alarm signaling device is tampered or destroyed by a disablement tactic (e.g. a crash and smash intrusion).
A typical alarm system reports an alarm signal using a phone connection. The latency of a phone line-based signal is due to (a) the need for capturing the phone connection, (b) time needed to auto-dial the number and wait for an answer and then establish a handshake between the receiver and the sender. These drawbacks aside, most security system installations still use the telephone line as their primary signaling channel.
“In some cases, the system can transmit an alarm immediately to a remote location via wired or wireless signals. The system could use either a wired TCP/IP or wireless message. Messages sent via a wireless radio or active TCP/IP channel can be sent faster than the alarm signal that must be sent over the telephone line. The escrow site might then wait to receive a confirmation that the alarm signal was sent through the appropriate channel or communication path. This is usually done through the telephone line to the host station. It may also be used for notification updates that the alarm has been cancelled or that the primary signaling channel has become disabled. The escrow site may receive updates about the signal’s status via the wireless radio or the TCP/IP messaging channel. The escrow site might not receive an update confirming that the alarm was successfully transmitted or cancelled. This could indicate that the signaling device and control panel were damaged in the intrusion. The escrow site will forward the updated to the host station in order to alert the public about the alarm situation. The escrow site may also forward an update to the host station if the update indicates that the phone line is down or damaged.
“In certain cases, real-time event analytics may also be used to protect against ‘crash and smash? intrusions. This is where monitor data from one or several sensors located in a protected area may be collected and forwarded to an escrow location for real-time expected events analysis. The software at the remote escrow station identifies anomalies in event sequences which could indicate tampering. It compares the actual monitor data with expected data. If a security system is set up to send alarms and is open, it would expect to see an event that indicates that the system has been disarmed or that the alarm was triggered by the system not being disarmed within the time limit. If the software receives an event that indicates that a door sensor has been triggered, but does not receive any subsequent events indicating disarming or alarm, the software will conclude that the alarm signaling device or security control panel have been disabled. Remote escrow sites can be any location, usually an offsite secure location, that is not controlled by the security control panel. A notification message can be sent to the property owner or manager, emergency authorities, host station, or any other person if an anomaly is detected. This will indicate that there has been a “crash and smash?” “Intrusion is possible in progress.”
“Additional benefits will be described in part in this description. Part will be obvious from the description or can be learned through practice. You can realize these benefits by using the combinations and instruments that are specifically mentioned below.
“The accompanying drawings are included in and constitute part of this specification. They illustrate different implementations.”
“Techniques can be used to transmit an alarm to a remote alarm signal site. This is to provide alarm signaling in case a control panel or alarm signaling device is tampered with, or destroyed, by a disablement tactic. These types of intrusions are increasing in frequency. An intruder might recognize that an alarm signal can be sent via a phone line, or wireless radio from the property. A phone line or other wired connections may be disabled before an intrusion. Wireless signaling devices are more difficult to compromise but an intruder can still disable them if he/she locates the control panel or signaling device and destroys it before the alarm signal is sent.
“To successfully execute a crash and smash, you must first identify the door or doors that will be used to enter the protected premise. An intruder may attempt to identify which door or doors a property owner or manager uses to enter the protected premises when the alarm system is activated. Many times, these doors can be programmed to allow the property manager or owner to enter the premises and access a control panel with, e.g., touchpads. They may then disarm or cancel alarm system before it triggers. You may also identify other entry points, such as garage doors, back doors, and any other entrances. Many alarm systems have a time limit that allows you to disarm it after entering through a designated portal. Many alarm systems are programmed with a significant delay between the alarm-signaling event and the trigger alarm state. This allows for accidental false alarms to be cancelled and police dispatches can be avoided. An alarm could be set if the system isn’t properly disarmed within the allotted time. An alarm may be triggered if an intruder cuts off the phone line before entering the system. This is because many security control panels, such as the GE Simon control panel, may attempt to transmit their signal over the phone line repeatedly. There may be additional signaling delays due to repeated attempts to send an alarm signal via wired connections before a system attempts wireless radio. An intruder might be able to see these delays and use them to their advantage by attacking the property or crashing through the door that was programmed with a delay. Security companies are known for installing high delays to reduce false alarms and then going to the control panel to destroy or smash it. In some cases, he or she might also damage the alarm signaling equipment. This could happen even before the alarm delay expires. The premeditated attack could give an intruder a few minutes of intrusion time. You may also consider other variations of the intrusion described above.
“When an alarm situation arises, a message can also be sent immediately via a second connection path like a wireless radio channel or a TCP/IP signal channel. This will send a message to a remote alarm signal?escrow site. Even if the panel is programmed to transmit alarms (e.g. an alarm signal) via the phone line, it can still be used. One implementation may have the escrow site as a Network Operations Center (NOC). An update may be sent to the escrow by the wireless radio or signaling device. The update could include information about the alarm signal being sent through the primary connection of the telephone line or wireless radio, acknowledgement that it was transmitted successfully, and confirmation that the signal was cancelled. Other similar situations may also be identified by the update. The escrow site might not be notified that the alarm signal was transmitted successfully. This could indicate that the control panel or signaling device were damaged in the intrusion. The escrow site might forward an update to the host station informing them of the alarm situation. The update may also indicate that the phone line is damaged or disabled. In this case, the escrow site will send an update to the host station. If the alarm signal was transmitted successfully or if the property manager or owner has properly disarmed the alarm signal, the remote alarm signal escrow station may not transmit an update to the host site.
“FIG. FIG. 1 is a graphic representation of an example security system 100. Specifically, FIG. FIG. 1 shows an exemplary diagram that illustrates an alarm signaling system. A security system 100 could include multiple monitor devices of different types that transmit data to the control panel 120. These may be combined with or separated from a control panels or similar devices. Monitor devices include contact 110, sensor 112, motion detectors, 114, video recorder, 116, and/or any other device 118. Monitor devices can be located in the same place, at an affiliated location, or remotely. Monitor devices can be spread across multiple subscribers or across multiple locations.
“Control panel 120 could transmit alarm information to host station 130. The host station 130, also known as a “central monitoring station”, may transmit alarm information to the control panel 120. The host station 130 (also known as a?central monitoring station?) may process alarm data, status data, and/or any other relevant information. The control panel 120 can be located near or far from sensors. In this case, the control panel 120 interprets sensor data to determine whether user actions or sensor data constitute an alarm condition. The control panel 120 can gather monitor data and transmit it to the host station 130. The control panel 120 can also function as a message hub, buffering monitor data and facilitating data transmission. The control panel 120 can transmit monitor data using a variety of communication methods, such as wireless communication, broadband, WiMax and others. There are many ways to communicate. One example is a radio modem, such as the CreataLink2XT radio modem, which transmits radio waves at a predetermined frequency (e.g. 900 MHz). These radio waves can then be received at the host station 130, or at an intermediary device that relays it over a secondary communication channel (e.g. TCP/IP system), to host station 130. Other modes of communication include POTS (plain old phone service), cable modem (digital subscriber lines), wireless (two way pager, packet switched), telephone cellular network, GSM mobile networks, CDMA cell networks, and others. Another device 118 could also include a user interfacebox, which is connected via a long-range network to host station 130 or control panel 120.
“Escrow site (or NOC 125) may be notified by the control panel 120 in order to transmit the alarm to the host station 130. In this implementation, the escrow site125 acts as a secondary transmission line for the control panel 120 in order to communicate with host station 130. The software program that the escrow site uses to track activities and analyze sequences of system events may be used by the host station 130. The host station 130 can then receive data from control panel 120, escrow site 125, and/or an additional program to indicate a smash intrusion and crash.
“According another implementation, monitor devices can transmit data directly to host station 130, bypassing the control panel 120. Monitor devices (e.g. sensors 110, contacts 112, motion detection 114, video/or other device 128, etc.) They may communicate with the host station 130 individually via various communication methods, including wireless communication and/or wired broadband. They can also communicate directly with the escrow server 125 Devices (e.g., sensors, monitors, etc.) Devices (e.g., sensors, monitors etc.) may be used to monitor activity and can be controlled from multiple locations via one or more interfaces. The host station 130 can receive data from remote devices to compile, process and/or respond. In response to these data, other actions can also be taken.
“Databases 140 and 142 can store the relevant information to process the monitor data as requested by a subscriber. Examples of database information include user information, alarm sequences, reports, sensor event sequences and/or any other information. Although these databases are shown separately, it is important to understand that they may be combined and stored on different data storage systems. You can obtain user information from the user database 140.
Databases 140 and 142 can also contain relevant information to personalize alarm services. Alarm events database 142 may contain alarm events and other information. Reports can be generated by users based on historical or other data. These reports may be stored in the reports database 144. Other information can be accessed or stored in another database 146. Subscribers and/or designated recipients (as shown by contacts 160-162) may also be notified about certain events, triggers and reports via preferred modes. These include POTS, cable modems, DSL and wireless broadband. Based on the user’s preferences and other information, different communication methods may be used to notify the user. These options are specified in the user?s profile and preferences information. Alert notifications can be sent via the Internet, POTS or wireless communication portals, voice portals and/or other means. The user can also notify 160-162 contact persons and entities in an order that is determined by him. Pre-determination of the contact order and actions is possible. The user can also select the contact order and/or other actions via menu options during an alarm situation notification. Alert information may also be sent to emergency entities such as fire department and police.
“A user can register different types of security devices with the host station 130, including those that are associated with property and personal property. Property can include the user’s house, office, vacation home or other places. A security system can also be applied to personal property such as a vehicle, boat, or other mobile property. Personal security devices, such as panic devices, can be included in a security system. You may also be protected by other objects, locations, or property.
“Various security devices can be associated with each individual, location, personal item, or person within the security network. Security devices can include detectors, sensors and/or other devices to detect alarm situations. Security devices for individuals may include a panic alarm or another similar device. The system may also include other security devices.
“In some cases, security devices can be wireless and communicate with each other over short-range radios or other communication modes. The control panel and each sensor (or group) could be equipped both with a transmitter or a receiver. The control panel can receive status information from sensors, and be alerted when there is an alarm. Other information may be sent to the control panel. Regular status information may be transmitted at predetermined intervals. The sensors might send digital data packets containing status information and other data at intervals of 10 seconds, for instance. The escrow site 130 and/or the host station 130 may also receive information about on/off status.
“FIG. “FIG. A number of sensors 210, 212, 214 could indicate an alarm event (e.g., door opening). Sensors 210-212 and 214 can be found within one unit (e.g. a house) or across multiple locations, such as a chain of stores. The control panel 220 can send an alarm signal over a first communication pathway, e.g. a telephone line or other wired connection, in response to alarm situations detected by one or more sensors (210,212, or 214). Other control panels may be represented by 222.
“The alarm signal could be sent to a host radio station 230 as illustrated by 250. The message 252 can be sent by wireless radio. The message can be sent via wireless radio to another alarm signal escrow station 240 or NOC as indicated by 252. The escrow station 240 can be located far away or close to the host station. The message can be sent at the same time as the alarm signal, or just before or after it. An update 254 may be sent by the wireless radio that contains information about the alarm event. The update 254 could include data such as the successful transmission of an alarm signal, detection that the telephone line or any other wired connection has been cut by an intruder, or cancellation of the alarm message.
“If the escrow station 240 does not receive any messages or the message indicating that the wired connections have been disabled, the site may forward the update to host station 230. As shown by 256 to indicate the possibility of a crash and smash intruder. The alarm signal may not be received at the host station 230 as illustrated by 250. The escrow site may not receive the update, but it could be that the alarm signal was transmitted successfully or cancelled. The host station 230 could then respond in the same manner.”
“While the control panel is supposed to be able communicate with the host stations directly, some implementations have the control panel not communicating directly with the station. These implementations use the escrow site as the primary communication channel between the control panel (or host station) and the control panel. These implementations ensure that all alarm signaling from control panels goes through the escrow station regardless of whether it is a typical alarm event, a crash and smash intrusion, or any other type of alarm.
“FIG. “FIG. An alarm situation can be identified at step 310. An alarm situation could include the entry of a primary or other entryways into a protected area. A primary door could be the one through which a property manager, owner, or another delegate enters the alarm system before it is disarmed. Another alarm situation may include sensors or monitors in multiple locations. In these cases, cancellation of an alarm system might be necessary. A location could include a subset of a location, such as a room within a house, or one or several locations, such as stores in different areas. A passcode, key, or other appropriate mechanism can be used to disarm an alarm system and disable it. You may also use voice recognition, retina scanning or fingerprint identifications to disarm the alarm system. A predetermined delay can be used by property owners or managers to cancel alarm signals.
“At step 321, an alarm signal can be sent from the control panel to a station via a first communications path, e.g. a phone line or other similar connection, in response to an alarm situation 310. An alarm signal can be sent to a station.
“At step 333, a message can be sent using a second communication route, such as a wireless radio or other similar connection. The message can be sent from the control panel or individual monitor devices to a remote alarm signal site or NOC. The message can be sent at the same time as the alarm signal, or just before or after it.
“At step 341 the wireless radio can also send an update that identifies the situation. The update could indicate, for example, that the alarm signal via the first communication pathway has been transmitted successfully, that the control panel has detected that the phone or other wired connection has been disconnected (e.g. by an intruder) or that the alarm signal has been cancelled. The message may also indicate other events or situations.
“At step 350, the message can be transmitted to host station in response the message received from the escrow site. The escrow site can transmit the update to the host station if it does not receive any messages or the message indicating that the wired connections have been disconnected. The escrow site may not send any further signals if it receives the update that the alarm signal has been transmitted successfully or cancelled effectively.
“FIG. “FIG.4” is another example flowchart that illustrates an example of alarm signaling at an escrow site. Step 410 may identify an alarm situation at a specific location. The escrow site might receive a message at step 420 from the control panel, or one or more monitors, indicating the alarm condition.
“At step 433, the escrow site might also receive a message that identifies the situation. The message could indicate, for example, that the alarm signal was transmitted successfully, that the control panel detected that the phone line, or any other wired connection, e.g. broadband, had been cut by an intruder, or that the alarm signal cancellation has occurred. The message may also indicate other events or situations.
“At step 443, the escrow station may transmit or forward an update to the host site to indicate a smash intrusion or crash if it fails to receive any messages or receives the message that indicates that the wired connection is disabled.”
“Real-time analysis can also help protect against smash and crash events. An offsite system, such as in an office or home, is used here. As described in FIG. 1 may be capable to monitoring and reporting every important sensor and keypad event in a property prior and during an alarm event. All or some of the system events, such as 110, 112,114, 116 and 118, may be reported. One or more messages may be sent immediately via broadband connection or wireless signaling, either to a control panel 120, or an NOC125. There sensors can be monitored and sequences of system events analyzed to identify signs of a crash or smash attack.
According to one example, when a security system is activated and a door is opened that has been programmed for a delayed alarm, a message can be sent immediately to NOC 125 or 120 to inform them that the alarm system was activated. It may be expected that the host station 130 will receive a notification within a set time that the alarm system is disarmed or that the alarm has not been properly disarmed. The host station 130 may then be informed if it does not receive notification within the time limit that either the alarm system or signaling device have been disarmed. An alarm event notification about an intrusion may be sent to the escrow office 125 and to property owners.
According to another implementation, sensors may just send their state (or any other information) to a host system and the?security? system. It is basically a set of sensors that transmit their unique identification and/or other information to the host station over a network (e.g. wireless, broadband, etc.). One sensor can be used in multiple security systems simultaneously. Sensors 4, 5, 6, and 7 could be used together to secure a stockroom, while sensors 6, 8, 9, 10, 11 and 12 may be used to secure a building’s security system. Both systems may not require a traditional control panel as sensors communicate their state and unique identities directly to the escrow station and/or host station, or to software that is operating at a central NOC, which may be capable to service multiple systems simultaneously.
“Wireless” is a generic term that can be used to describe wireless networks. “Wireless” can refer to long-range wireless radio, local wireless network such 802.11 based protocols or wireless wide area network (such as WiMax) and/or similar applications.
“In some cases, the average signal strength of a secured location can be used to calculate the wait time for an alarm signal that has been sent from the secure location that is under escrow. These implementations analyze the history of communications with the secure location to determine the average signal strength of alarm signals coming from the secured area. This is used to determine an intelligent wait time in escrow for alarm signals that account for the calculated average signal strength. A first secured location with a high average signal strength may have a shorter wait time (2 minutes), while a second secured location with a lower average signal strength may have a longer wait time (3 minutes). This may allow for faster detection of an alarm destruction incident at the first secured location. The first secured location is more likely to have a high quality signal and less likely to experience a communication error. The second secured location may have a lower chance of false alarm destruction events due to communication errors. This is because the second secured location has a longer wait to receive the signal.
“FIG. “FIG. 6” illustrates an example 600 process for alarm signal destruction detection and alarm signal escrowing at a secured location with a dynamically-set escrow period. The system 200 is responsible for the operation of the 600. One component of system 200, e.g. the escrow service 240, can perform the operations of the 600. Or any combination of components of system 200. One of the 100 components (e.g. the escrowsite 125), or any combination of components may perform the operations of 600. In some cases, the operation of the process 600 can be carried out by one or more processors embedded in one or more electronic devices.
“The system 200 monitors alarm signaling from a secure location over time (610). The system 200, for example, tracks alarm signals from a security system at the secure location and measures the characteristics of these alarm signals to determine the quality of the alarm signals. The system 200 could measure the signal strength, latency, and other characteristics of alarm signals from the secure location.
“The system 200 may also track the reliability of communications with the secure location. The system 200, for example, may monitor whether an alarm signaling communication leads to an error in communication.
“In some examples, the system 200 tracks each alarm signal (or other communication/message) from the security system or alarm signaling device at the secured location and stores data associated with each alarm signal in a log. These examples may include information such as the time and date of each alarm, the source of the alarm, the signal strength, signal to noise ratio, and whether there was a communication problem. If so, the type of error. The log may also contain any other types of alarm signaling quality information.
“The system 200 may track alarm signals (or other communications/messages) from the secured location over an extended period of time (e.g., months, years). The system 200 also may track alarm signals (or other communications/messages) for multiple (e.g., many), different secured locations and develop an alarm signaling quality profile for each of the secured locations tracked.”
Based on the monitoring (620), “The system 200 calculates one or more alarm signaling statistics for the secured place. The system 200 could use the monitored data from the secure location to calculate alarm signaling quality statistics. The system 200 could analyze logs of alarm signaling data to determine different types of statistics about the secure location. The system 200 can determine the average or median signal strength for alarms sent to the secured location by tracking signal strength. The system 200 can also track latency of alarm signal exchanges with secured locations. This means that the system 200 could determine the average (or median), latency of alarm signals being exchanged with secured locations. The system 200 can track the signal-to noise ratio of alarm signals that are exchanged with the secure location. This could allow the system 200 to determine the average or median signal-to?noise ratio between alarm signals sent to the secured location. The system 200 can track communication errors in alarm signals that are exchanged with the secure location. This could allow the system 200 to determine the alarm signal error rate. Other statistics related to the quality of alarm signals could also be collected.”
“In some cases, the system 200 might compute standard deviations in alarm signaling quality characteristics or compute averages for a certain number (e.g. ten) of highest outlier events for previous alarm signals from the secure location. These examples may include statistics and standard deviations that can be computed for outlier events. This could be used to evaluate network latency.
“In some cases, the system 200 can calculate an alarm signaling score that takes into account several types of alarm signaling statistics. The system 200 could calculate an alarm signaling score that takes into account the average signal strength, average latency, alarm signal-to-noise ratio, alarm signals sent to the secured place, and the error rate of alarm signals sent to the secure location. The alarm signaling score may be calculated by the system 200 as a weighted combination these factors. Weights are assigned to each factor based on their relative importance in assessing signal quality. Alarm signaling quality can reflect multiple types of measurements. It may also be used to measure signal quality at the secure location.
“In some cases, the system 200 might adjust one or more alarm signaling statistics over time. The system 200 could compute new alarm signaling statistics on a regular basis (e.g. once per month) or compute new alarm signals quality statistics every time an alarm signal is received from a secured location. Recent alarm signals may be weighed more heavily by the system 200 than older alarm signals. Alarm signaling quality statistics can change over time. They are most indicative of alarm signals that have been exchanged with the secure location. The system 200 might quickly adjust the alarm signaling statistics to reflect the decrease in quality. The system 200 can also adapt alarm signaling statistics quickly to reflect an improvement in alarm signaling.
Based on one or more alarm signaling statistics (630), the system 200 dynamically determines an escrow period to allow alarm signals to be sent from the secured location. The system 200, for example, may establish an escrow period to account for alarm signaling quality at the secured location. The system 200 might set a short escrow period if the alarm signaling quality statistics for the secured location indicate that the alarm signaling quality is high. The system 200 can set a short escrow period because the alarm signaling quality at the secured location is high. Failure to receive an alarm signal from this location will have a low probability of being due to a communication error. This will allow for faster detection of alarm destruction events at the secured location. It may also provide better service in cases involving a smash intrusion or crash.
“In addition, the system 200 could set a long escrow period if the alarm signaling quality statistics for the secured location indicate that alarm signaling is of low quality. The alarm signaling quality at the secured location is very poor so the system 200 allows for a longer time to receive communications from the secured site. Failure to receive an alarm signal from secured location can be a sign of a communication problem. This allows for better detection of alarm destruction events at the secured location (e.g. less false alarms), and also ensures that an alarm signal does not go unreceived due to a communication error.
The system 200 can dynamically set the escrow period based on any combination of alarm signaling quality statistics mentioned throughout this disclosure. The system 200 can apply one or more rules for the alarm signaling statistics and determine the escrow period according to their application. The system 200 might calculate the escrow time (e.g. wait time) when it computes the alarm signaling score. This is done by applying the alarm signaling score to an equation that produces the escrow amount. Another example is that the system 200 might compare the alarm signaling score to a set thresholds and dynamically set escrow to the specific escrow periods associated with each threshold (e.g. set the timer to four minutes for scores between zero and one, three minutes for scores between one and two and two minutes for scores greater than two),
“When the system 200 calculates standard deviations or statistics related to extreme events, the system200 may use these standard deviations or statistics related to extreme events to determine the escrow period. The system 200 might set a shorter escrow period if the system 200 detects few outlier events (e.g. none). The system 200, however, may set a longer escrow period if it detects outlier timestamps that indicate more frequent outlier events.
In some cases, the system 200 might adjust the escrow periods dynamically over time. The system 200 could set a new period every month, or it may adjust the escrow period when new alarm signaling statistics are calculated. Recent alarm signaling statistics may be weighed more heavily by the system 200 than older alarm signaling statistics. The escrow period is a reflection of the alarm signals that are currently being exchanged with the secure location. It can change over time. To reflect a decrease in alarm signaling quality at the secured location, the system 200 could quickly increase the escrow time. The system 200 could also decrease the escrow time if alarm signaling quality improves at the secured location.
“The system 200 handles alarm system destruction detection and alarm signal escrowing for the secured location. It uses the dynamically-set escrow period (640). The system 200, for example, uses the dynamically-set escrow period in order to determine the time it takes to make a determination about an alarm system destruction event. The system 200 can notify the central monitoring system and/or the user associated with the secure location of an alarm system destruction event. You can use any of the methods described in this disclosure to handle alarm signal escrowing or alarm system destruction detection. The escrow period is dynamically determined.
“The techniques described in FIG. 6 are not applicable to the secured location. “Though the methods described above with respect to FIG. 6 were used to dynamically set an escrow period, they can also be used for handling alarm signal destruction detection and alarm signal escrowing. Based on one or more alarm signaling statistics, the system 200 might determine whether additional measures should be taken to reduce false alarms. The system 200 might require confirmation pinging sequences (see FIG. If the alarm signaling quality statistics of the secured location indicate that alarm signaling is poor, the system 200 may require a confirmation pinging sequence (see FIG. If the alarm signaling quality statistics for the secured location indicate alarm signaling quality is high, then the system 200 might not need to issue an alarm system destruction signal (e.g. crash and smash).
“FIG. “FIG.7” illustrates an example 700 process for alarm system destruction detection at a secure location. It is based on analysis and exchanged pinging communication. The system 200 is responsible for the operation of process 700. One component of system 200, e.g. the escrow service 240, can perform the operations of process 700. Or any combination of components of system 200. One of the 100 components (e.g. the escrow website 125), or any combination of components may perform the operations of process 700. One or more processors may be used to perform the operations of process 700 in some implementations.
“The system 200 exchanges secure location pinging communications (710) The system 200, for example, facilitates the exchange of pinging communication between a security system at the secured location or an alarm signaling device at the secure location and a server located at an escrow. The pinging communication may indicate that the device is functioning properly and can receive/send communications. The security system, alarm signaling device or server at the escrow location may initiate the pinging communications.
“In some cases, the security system/alarm signaling device at a secured location might initiate a pinging communications that indicates that it is functioning properly and is awake. These examples may result in the server at the Escrow Site acknowledging that the pinging communications were received.
“In some cases, the server at escrow may initiate a request for status from the security system at the secured site. These examples show that the secure location’s security system or alarm signaling devices responds to the pinging communications with its status once it has received the communication.
The system 200 can exchange pinging communications via any network described in this disclosure. Because pinging over Internet-protocol-based networks are relatively inexpensive and can be exchanged at a high frequency, the system 200 could leverage an Internet protocol based network (e.g. the Internet).
“In some implementations, system 200 may ping communications periodically during operation. These implementations may have pinging communications that are either persistent or continuous throughout the operation of system 200. The pinging communications could be used as a heartbeat signal, with pinging communications being exchanged at an extremely fast frequency (e.g. one pinging communication per minute or faster). A repeated message of “I’m awake” may be sent by the alarm signaling device or security system at the secure location. ?I’m awake,? etc. pinging communications so that the server at the Escrow Site can closely monitor the status the security system or alarm signaling devices at the secured location. A potential alarm or alarm event may trigger persistent or continuous pinging.
“In some cases, the system 200 may initiate pinging communications to the secured location in response alarm signaling events. These examples show that the system 200 can initiate pinging communications at the secured location to respond to an alarm signal. In response to expiring escrow periods, the system 200 may initiate communications to secure location. The system 200 might attempt to ping the secure location to indicate that an alarm destruction event occurred.
“The system 200 analyses the exchanged Pinging Communications (720). The system 200 might analyze whether pinging communications are occurring as expected. The system 200 can analyze whether pinging communications are being initiated by the security device or alarm signaling devices at the secure location. This could include analyzing the frequency at which the security device or alarm signaling system initiates pinging communication. The system 200 can analyze the acknowledgments received by the security system at the secured location when the server at the Escrow Site initiates pinging communication.
“In some cases, the system 200 might track the time of the last communication between the security system/alarm signaling device at the secured site and the server at escrow. The system 200 may also track the number and/or quality of any pinging communications (e.g. acknowledgements) not received or received.
“The system 200 is responsible for alarm system destruction detection at the secured location using the analysis of the pinging communications (730). The system 200, for example, detects alarm system destruction at the secured location based upon whether or not pinging messages are being exchanged as expected. Based on analysis of the pinging communications, the system 200 can either start, stop or reset the escrow period. It may also detect alarm destruction events based upon the analysis of the pinging communications.
“Some implementations use pinging communications to delay the onset of a timer which measures an escrow period in an alarm signal. These implementations initiate pinging communications when there is a potential alarm signal. Each time a pinging message is exchanged, the system 200 can reset the start time of the escrow. The system 200 can also determine when an alarm signaling device or security system at the secure location stopped functioning properly (e.g. was disabled) and calculate the escrow period starting from the latest communication.
“In some cases, the system 200 may detect an alarm system destruction event by counting the number of missed messages. The system 200 can determine if a certain number of pinging communication (e.g., expected pinging messages the security system will initiate or acknowledgements to the escrow site have been initiated) has been missed. If the system 200 detects that a particular number of pinging communication have been missed, it will determine that an alarm system destruction has occurred. The system 200 can then handle the alarm system destruction event in the appropriate manner, using any of these techniques.
“FIG. “FIG. 8” illustrates an example process 800 that handles alarm signal destruction detection and alarm signal escrowing for potential alarm events using a dynamically-set escrow period. The system 200 performs the operations of the process 800. One component of the system 200, e.g. the escrow location 240, can perform the operations of the 800. Or any combination of components of system 200. One of the 100 components (e.g. the escrow website 125), or any combination of components may perform the operations of process 800. One or more processors may be used to perform the operations of process 800 in some implementations.
“The system 200 detects the sensor that generated the potential alarm signal (810) and sends it back to the security system. A server located at an escrow location may receive, via a network, an alarm signaling device or security system signal that monitors a secured area. The security system that monitors the secure location may contain multiple sensors (e.g. door contact sensors and window contact sensors as well as glass break sensors and motion sensors). The potential alarm event signal can be sent to at least one sensor that detects an event that could indicate an alarm event.
“The system 200 may also start tracking an entry delay period when at least one sensor detects an event that could be a potential alarm. This allows a user to cancel the alarm event (e.g. by entering a passcode to the security system), so that no alarm event is detected. The sensor that detected the alarm event may have a different entry delay period. A front door sensor might have a delay period of 30 seconds due to its proximity to the door. This allows the panel to cancel the potential alarm event in a short time. A garage door sensor, on the other hand may have a five minute entry delay period because the alarm panel is far away from the garage door. This means that input is required to cancel the alarm event.
“In some cases, the potential alarm signal may include data (e.g. garage door, front door, hallway motion sensor etc.). Indicates which sensor caused the alarm event. These implementations allow the server at the Escrow Site to analyze the potential alarm signal to extract sensor identification data and then use that data to determine which sensor was responsible for the alarm event. The communication may include the sensor identification data, which can be separate from the potential alarm signal. A delay time may also be included in the sensor identification data.
“The system 200 dynamically determines the escrow period for potential alarm signal. It is determined by the sensor that generated the alarm signal (830). The system 200 might set an escrow period to account for the potential alarm signal’s source. The system 200 might set a short escrow period if the identified sensor has a short entry delay and is close to the control panel that allows for potential alarm event cancellation. When the identified sensor has a long entry delay and is not close to the control panel, the system 200 might set a longer escrow period. This allows for potential cancellation of alarm events. The system 200 can adjust the escrow period to reflect which sensor caused the alarm event. This will reduce false detection rates.
“Some implementations store a data structure (e.g. a table) that maps sensors and escrow periods. These implementations compare the identified sensor with the data structure, and identify the escrow period that corresponds to the identified sensor using the comparison. The system 200 dynamically sets an alarm period to match the period that was mapped to the data structure. The data structure can be used to define the escrow periods. However, the system 200 may also set them by alarm companies.
One example is that a home security system could include both a front and garage door sensors. The entry delay period for the front sensor could be 60 seconds. This is because the alarm panel is located close to the front doors and it takes only a short time to cancel the alarm event. The entry delay period for the garage door sensor could be five minutes. This is because the alarm panel is far away from the garage doors and input takes a long time to cancel the potential alarm event. The entry delay period that corresponds to the detection of an alarm event may be used as the basis for the escrow period. The escrow period could be extended by 30 seconds if the entry delay is longer. The escrow period will be set to ninety seconds after the front door sensor detects a potential alarm event. It will then be set to five minutes, thirty seconds when it detects the potential event at the garage door. Another example is that the escrow period can be set to a multiple the entry delay period (e.g. one and a quarter times or two-times the entry delay). The escrow time is set to one-and-a half times the length of the entry delay period. It is ninety seconds after the front door sensor detects an alarm event. The escrow time is then set to seven minutes, thirty seconds after the garage door detects that potential alarm event.
The system 200 may also set escrow periods based upon a history of interactions with specific sensors. The system 200 might track the average time it takes to receive a cancellation signal from a sensor that detects an alarm event. A user may also provide input to cancel the alarm event. The system 200 could use the average time taken to receive the cancellation signal in order to set the escrow periods. This may allow faster detection of alarm system destruction events. Imagine a front door sensor with a delay of sixty seconds. However, the system 200 detects that cancellation signals for possible alarm events based on the first sensor are received in an average of forty-five seconds. The system 200 could set the escrow time to be thirty seconds longer than the cancellation signal time. Therefore, the escrow duration would be seventy-five second. When using the entry delay to set the escrow time, the seventy-five second period is shorter than that of the ninety seconds. The system 200 can use the history of interactions with specific sensors to determine escrow periods. This is even when cancellation signals are received fairly quickly.
“The system 200 handles alarm signal destruction detection and alarm signal escrowing using the dynamically-set escrow period (840). The system 200, for example, uses the dynamically-set escrow period in order to determine how long it takes to make a determination about an alarm system destruction event. The system 200 can notify the central monitoring system and/or the user associated with the secure location of an alarm system destruction event. You can use any of the methods described in this disclosure to handle alarm signal escrowing or alarm system destruction detection. The escrow period is dynamically determined.
“FIG. “FIG. 9 illustrates an example of process 900 to identify alarm system destruction detection events. The system 200 is responsible for the operation of process 900. One component of the system 200, e.g. the escrow location 240, can perform the operations of the process. Or any combination of components of system 200. One of the 100 components (e.g. the escrowsite 125), or any combination of components may perform the operations of process 900. One or more processors may be used in some implementations to perform the operations of the process 9000.
“The system 200 aggregates alarm system destruction detection (910) data. The system 200 can receive alarm system data from multiple monitored locations. It may identify alarm systems data associated with alarm system destruction detection (910) instances, correctly detected alarm system destruction events, or instances where alarm system destruction was not detected. The system 200 could track alarm system data to determine if it is associated with particular types of alarm system destruction events (e.g. correctly detected, incorrectly detected or not detected). System 200 can aggregate data across geographic regions in order to identify patterns in alarm system destruction events within a particular geographic area. System 200 may also aggregate data from other alarm events to try to predict alarm system destruction events. For example, a large number regular alarm events could be used to foreshadow alarm system events as the criminals who complete regular alarm events can become more sophisticated. Other types of data that may be related to alarm system destruction events may also be tracked by the system 200 (e.g. crime incident data, which is used to predict alarm system destruction events). All data may be stored in a database by the system 200.
“The system 200 creates a pattern that is representative of successful alarm system destruction detection event based on the aggregated information (920). The system 200, for example, analyzes the data and finds one or more patterns that are indicative or correlate with alarm system destruction events. To detect patterns that are associated with specific regions, the pattern can be regionalized. The system 200 can consider successful detections in generating the pattern and may identify similar alarm system behavior in those successful detections. The system 200 may also consider unsuccessful detections. It will attempt to identify alarm system behavior that is similar in unsuccessful detections, and then discount the identified behavior in generating the pattern. As new data is gathered and analyzed, the system 200 can update the pattern. The system 200 can update the pattern continually to account for any recent changes, adapt to new techniques of alarm system destruction, and even create crime enterprises.
“The system 200 uses the generated pattern to match future alarm system destruction detection events (930). The system 200, for example, compares the generated pattern with future alarm system behavior patterns in order to identify similar patterns that could indicate alarm system destruction events. The system 200 might be able to detect alarm system destruction events faster because it has a large number of data.
The system 200 may also use the generated pattern in order to alter certain parameters for detecting alarm system destruction events. The system 200 can reduce the escrow period of alarm signals from the alarm systems in a region if the generated pattern indicates an increase in alarm system destruction events. This will allow for faster detection of alarm events in that region.
“In certain implementations, system 200 may require a double sensor requirement to detect an alarm system destruction event. In some security systems, the user might have to activate multiple sensors in order to enter a building that is monitored by the system. A building may have a front door sensor as well as a motion sensor to detect motion in a hallway leading from it. An alarm signaling part of the security system might be placed in a building so that an intruder who enters through the front door must go through the hallway with the motion sensor in order to reach the alarm signaling element and disable or destroy it. The system 200 will detect an intrusion through the front door, triggering the motion sensor, and then destroy the alarm signaling part. The system 200 can determine if the motion sensor triggers an alarm and may also detect an alarm system destruction event if the sensor triggers simultaneously with the front door sensor. The double sensor requirement can help reduce false alarm system destruction events. For example, if a weather condition (e.g. high wind or lightning strike) triggers a first sensor, and renders the alarm signaling device inoperative (e.g. due to power failure or communication loss) at the same time, this may be a false alarm event. The double sensor requirement would stop the weather conditions from triggering the motion sensor. Therefore, the system 200 wouldn’t detect an alarm system failure even though it has stopped communicating with the alarm signaling part. The system 200 can take appropriate actions to handle this situation, such as alerting the user and/or the authorities. However, the system 200 is not equipped to deal with an alarm system destruction situation in the extreme. The system 200 can monitor and report on weather conditions to increase detection of false alarms.
“In some cases, a security systems may have multiple transmission points (e.g. wireless and/or wireline) that are outside of the building. These transmission points allow the security system to communicate with an alarm server or a central monitoring station. These examples show how the security system can use the techniques described in this disclosure to escrow alarm signal and detect alarm system destruction events within a building. A secondary transmission component, for example, may communicate with the primary transmission component to perform similar operations as the escrow site. The secondary transmission component can detect if the primary transmission component is disabled or destroyed and may take over communication with the central monitoring station. Multiple transmission components are used to transmit alarm data outside of buildings. This makes it more difficult to disable or destroy alarm system communications from buildings.
The described methods, systems and techniques can be implemented in digital electronic circuitry or computer hardware, firmware, code, or a combination of these elements. These techniques can be implemented using appropriate input and output devices, a processor and a computer program product that is machine-readable and stored in a storage device. This allows for the processor to execute it. The programmable processor executes a set of instructions that performs desired functions, operating on input data and producing appropriate output. These techniques can be implemented in one to several computer programs that run on a programmable platform. This system includes at least one processor, which is able to receive and transmit data from, as well as instructions to, a data storage device, at least 1 input device, and at most one output device. A computer program can be implemented in either a high-level procedural, object-oriented, or assembly language. It may also be written in interpreted or compiled languages. A variety of general and special-purpose microprocessors are suitable processors. A processor will generally receive instructions and data from either a read-only or random access memory. All forms of non-volatile memory are suitable for tangibly storing computer program instructions and/or data, including flash memory devices like the Erasable Programmable Read-Only Memory, Electrically Erasable Programmable Read-Only Memory, and flash memory. Any of the foregoing may be supplemented by, or incorporated in, specially-designed ASICs (application-specific integrated circuits).”
It will be clear that modifications can be made. You could, for example, use other methods if the steps of the disclosed procedures were not performed in the correct order or if the components in the disclosed systems were rearranged and/or replaced by other components. Other implementations fall within the scope of this disclosure.
Summary for “Alarm signaling technology
Security systems can be implemented using wired or wireless sensors within the property being protected. These sensors can include door contacts, window contacts and glass-break detectors. They also may be used to detect intrusions and environmental sensors such as smoke, carbon monoxide and flood. The system can sound a siren or notify an offsite station about the event when a sensor is tripped. The type of sensor that was tripped may dictate how long the system waits before sounding an alarm or notifying the host station. This will allow the property manager or owner to disarm the system. The Security Industry Association (SIA), which is trying to reduce the false alarm rate in the industry, has recommended that all residential security systems include an automatic alarm signaling delay for intrusion alarms. This will allow homeowners more time to cancel false alarms. Many security control panels may ship today with a SIA recommended?dialer delay? feature enabled. Monitored security systems are alarm systems that notify the host station of an alarm. These systems notify the host station (e.g.?central station?) of an alarm using telephone lines. However, these systems can be disabled by cutting or disabling the property’s line connection. The system will not notify the host station if the connection to the property has been cut prior to or immediately after an intruder attempts to enter the property.
Some security systems can be upgraded to transmit alarm signals via wireless radio to the host station to counter line disconnection. The security system cannot be disabled simply by cutting the landline connection to the house or business that receives wireless signaling from its security system to the station. However, wireless radio-signaling devices can still be susceptible to attack. Intruders use a common tactic called the “crash and smash” tactic. technique.”
“In order to implement the?crash? and smash? technique, A skilled intruder can disable phone lines or other wired connections before an alarm system can contact the user. The?crash-and-smash? technique is used. The?crash and smash? technique is where the intruder crashes through a locked door. The system designer usually sets the delay to give the homeowner or property manager time to disarm the security system before the alarm sounds or the host station gets notified. The system is in limbo during this delay period. These delay periods usually last around one minute. However, due to high false alarm rates, high fines for false alarms and high penalties for false alarms these delay periods may be longer. Many systems are programmed with signaling delays that can be used for all intrusion alarms. The delay period gives the intruder enough time for him to smash through the door and destroy the security panel and wireless signaling device. This is while the control panel is waiting to disarm or trying to establish an analog (dial up) phone connection to the host station. This defeats the security system.
“Techniques can be used to handle an event in which a control panel or alarm signaling device is tampered or destroyed by a disablement tactic (e.g. a crash and smash intrusion).
A typical alarm system reports an alarm signal using a phone connection. The latency of a phone line-based signal is due to (a) the need for capturing the phone connection, (b) time needed to auto-dial the number and wait for an answer and then establish a handshake between the receiver and the sender. These drawbacks aside, most security system installations still use the telephone line as their primary signaling channel.
“In some cases, the system can transmit an alarm immediately to a remote location via wired or wireless signals. The system could use either a wired TCP/IP or wireless message. Messages sent via a wireless radio or active TCP/IP channel can be sent faster than the alarm signal that must be sent over the telephone line. The escrow site might then wait to receive a confirmation that the alarm signal was sent through the appropriate channel or communication path. This is usually done through the telephone line to the host station. It may also be used for notification updates that the alarm has been cancelled or that the primary signaling channel has become disabled. The escrow site may receive updates about the signal’s status via the wireless radio or the TCP/IP messaging channel. The escrow site might not receive an update confirming that the alarm was successfully transmitted or cancelled. This could indicate that the signaling device and control panel were damaged in the intrusion. The escrow site will forward the updated to the host station in order to alert the public about the alarm situation. The escrow site may also forward an update to the host station if the update indicates that the phone line is down or damaged.
“In certain cases, real-time event analytics may also be used to protect against ‘crash and smash? intrusions. This is where monitor data from one or several sensors located in a protected area may be collected and forwarded to an escrow location for real-time expected events analysis. The software at the remote escrow station identifies anomalies in event sequences which could indicate tampering. It compares the actual monitor data with expected data. If a security system is set up to send alarms and is open, it would expect to see an event that indicates that the system has been disarmed or that the alarm was triggered by the system not being disarmed within the time limit. If the software receives an event that indicates that a door sensor has been triggered, but does not receive any subsequent events indicating disarming or alarm, the software will conclude that the alarm signaling device or security control panel have been disabled. Remote escrow sites can be any location, usually an offsite secure location, that is not controlled by the security control panel. A notification message can be sent to the property owner or manager, emergency authorities, host station, or any other person if an anomaly is detected. This will indicate that there has been a “crash and smash?” “Intrusion is possible in progress.”
“Additional benefits will be described in part in this description. Part will be obvious from the description or can be learned through practice. You can realize these benefits by using the combinations and instruments that are specifically mentioned below.
“The accompanying drawings are included in and constitute part of this specification. They illustrate different implementations.”
“Techniques can be used to transmit an alarm to a remote alarm signal site. This is to provide alarm signaling in case a control panel or alarm signaling device is tampered with, or destroyed, by a disablement tactic. These types of intrusions are increasing in frequency. An intruder might recognize that an alarm signal can be sent via a phone line, or wireless radio from the property. A phone line or other wired connections may be disabled before an intrusion. Wireless signaling devices are more difficult to compromise but an intruder can still disable them if he/she locates the control panel or signaling device and destroys it before the alarm signal is sent.
“To successfully execute a crash and smash, you must first identify the door or doors that will be used to enter the protected premise. An intruder may attempt to identify which door or doors a property owner or manager uses to enter the protected premises when the alarm system is activated. Many times, these doors can be programmed to allow the property manager or owner to enter the premises and access a control panel with, e.g., touchpads. They may then disarm or cancel alarm system before it triggers. You may also identify other entry points, such as garage doors, back doors, and any other entrances. Many alarm systems have a time limit that allows you to disarm it after entering through a designated portal. Many alarm systems are programmed with a significant delay between the alarm-signaling event and the trigger alarm state. This allows for accidental false alarms to be cancelled and police dispatches can be avoided. An alarm could be set if the system isn’t properly disarmed within the allotted time. An alarm may be triggered if an intruder cuts off the phone line before entering the system. This is because many security control panels, such as the GE Simon control panel, may attempt to transmit their signal over the phone line repeatedly. There may be additional signaling delays due to repeated attempts to send an alarm signal via wired connections before a system attempts wireless radio. An intruder might be able to see these delays and use them to their advantage by attacking the property or crashing through the door that was programmed with a delay. Security companies are known for installing high delays to reduce false alarms and then going to the control panel to destroy or smash it. In some cases, he or she might also damage the alarm signaling equipment. This could happen even before the alarm delay expires. The premeditated attack could give an intruder a few minutes of intrusion time. You may also consider other variations of the intrusion described above.
“When an alarm situation arises, a message can also be sent immediately via a second connection path like a wireless radio channel or a TCP/IP signal channel. This will send a message to a remote alarm signal?escrow site. Even if the panel is programmed to transmit alarms (e.g. an alarm signal) via the phone line, it can still be used. One implementation may have the escrow site as a Network Operations Center (NOC). An update may be sent to the escrow by the wireless radio or signaling device. The update could include information about the alarm signal being sent through the primary connection of the telephone line or wireless radio, acknowledgement that it was transmitted successfully, and confirmation that the signal was cancelled. Other similar situations may also be identified by the update. The escrow site might not be notified that the alarm signal was transmitted successfully. This could indicate that the control panel or signaling device were damaged in the intrusion. The escrow site might forward an update to the host station informing them of the alarm situation. The update may also indicate that the phone line is damaged or disabled. In this case, the escrow site will send an update to the host station. If the alarm signal was transmitted successfully or if the property manager or owner has properly disarmed the alarm signal, the remote alarm signal escrow station may not transmit an update to the host site.
“FIG. FIG. 1 is a graphic representation of an example security system 100. Specifically, FIG. FIG. 1 shows an exemplary diagram that illustrates an alarm signaling system. A security system 100 could include multiple monitor devices of different types that transmit data to the control panel 120. These may be combined with or separated from a control panels or similar devices. Monitor devices include contact 110, sensor 112, motion detectors, 114, video recorder, 116, and/or any other device 118. Monitor devices can be located in the same place, at an affiliated location, or remotely. Monitor devices can be spread across multiple subscribers or across multiple locations.
“Control panel 120 could transmit alarm information to host station 130. The host station 130, also known as a “central monitoring station”, may transmit alarm information to the control panel 120. The host station 130 (also known as a?central monitoring station?) may process alarm data, status data, and/or any other relevant information. The control panel 120 can be located near or far from sensors. In this case, the control panel 120 interprets sensor data to determine whether user actions or sensor data constitute an alarm condition. The control panel 120 can gather monitor data and transmit it to the host station 130. The control panel 120 can also function as a message hub, buffering monitor data and facilitating data transmission. The control panel 120 can transmit monitor data using a variety of communication methods, such as wireless communication, broadband, WiMax and others. There are many ways to communicate. One example is a radio modem, such as the CreataLink2XT radio modem, which transmits radio waves at a predetermined frequency (e.g. 900 MHz). These radio waves can then be received at the host station 130, or at an intermediary device that relays it over a secondary communication channel (e.g. TCP/IP system), to host station 130. Other modes of communication include POTS (plain old phone service), cable modem (digital subscriber lines), wireless (two way pager, packet switched), telephone cellular network, GSM mobile networks, CDMA cell networks, and others. Another device 118 could also include a user interfacebox, which is connected via a long-range network to host station 130 or control panel 120.
“Escrow site (or NOC 125) may be notified by the control panel 120 in order to transmit the alarm to the host station 130. In this implementation, the escrow site125 acts as a secondary transmission line for the control panel 120 in order to communicate with host station 130. The software program that the escrow site uses to track activities and analyze sequences of system events may be used by the host station 130. The host station 130 can then receive data from control panel 120, escrow site 125, and/or an additional program to indicate a smash intrusion and crash.
“According another implementation, monitor devices can transmit data directly to host station 130, bypassing the control panel 120. Monitor devices (e.g. sensors 110, contacts 112, motion detection 114, video/or other device 128, etc.) They may communicate with the host station 130 individually via various communication methods, including wireless communication and/or wired broadband. They can also communicate directly with the escrow server 125 Devices (e.g., sensors, monitors, etc.) Devices (e.g., sensors, monitors etc.) may be used to monitor activity and can be controlled from multiple locations via one or more interfaces. The host station 130 can receive data from remote devices to compile, process and/or respond. In response to these data, other actions can also be taken.
“Databases 140 and 142 can store the relevant information to process the monitor data as requested by a subscriber. Examples of database information include user information, alarm sequences, reports, sensor event sequences and/or any other information. Although these databases are shown separately, it is important to understand that they may be combined and stored on different data storage systems. You can obtain user information from the user database 140.
Databases 140 and 142 can also contain relevant information to personalize alarm services. Alarm events database 142 may contain alarm events and other information. Reports can be generated by users based on historical or other data. These reports may be stored in the reports database 144. Other information can be accessed or stored in another database 146. Subscribers and/or designated recipients (as shown by contacts 160-162) may also be notified about certain events, triggers and reports via preferred modes. These include POTS, cable modems, DSL and wireless broadband. Based on the user’s preferences and other information, different communication methods may be used to notify the user. These options are specified in the user?s profile and preferences information. Alert notifications can be sent via the Internet, POTS or wireless communication portals, voice portals and/or other means. The user can also notify 160-162 contact persons and entities in an order that is determined by him. Pre-determination of the contact order and actions is possible. The user can also select the contact order and/or other actions via menu options during an alarm situation notification. Alert information may also be sent to emergency entities such as fire department and police.
“A user can register different types of security devices with the host station 130, including those that are associated with property and personal property. Property can include the user’s house, office, vacation home or other places. A security system can also be applied to personal property such as a vehicle, boat, or other mobile property. Personal security devices, such as panic devices, can be included in a security system. You may also be protected by other objects, locations, or property.
“Various security devices can be associated with each individual, location, personal item, or person within the security network. Security devices can include detectors, sensors and/or other devices to detect alarm situations. Security devices for individuals may include a panic alarm or another similar device. The system may also include other security devices.
“In some cases, security devices can be wireless and communicate with each other over short-range radios or other communication modes. The control panel and each sensor (or group) could be equipped both with a transmitter or a receiver. The control panel can receive status information from sensors, and be alerted when there is an alarm. Other information may be sent to the control panel. Regular status information may be transmitted at predetermined intervals. The sensors might send digital data packets containing status information and other data at intervals of 10 seconds, for instance. The escrow site 130 and/or the host station 130 may also receive information about on/off status.
“FIG. “FIG. A number of sensors 210, 212, 214 could indicate an alarm event (e.g., door opening). Sensors 210-212 and 214 can be found within one unit (e.g. a house) or across multiple locations, such as a chain of stores. The control panel 220 can send an alarm signal over a first communication pathway, e.g. a telephone line or other wired connection, in response to alarm situations detected by one or more sensors (210,212, or 214). Other control panels may be represented by 222.
“The alarm signal could be sent to a host radio station 230 as illustrated by 250. The message 252 can be sent by wireless radio. The message can be sent via wireless radio to another alarm signal escrow station 240 or NOC as indicated by 252. The escrow station 240 can be located far away or close to the host station. The message can be sent at the same time as the alarm signal, or just before or after it. An update 254 may be sent by the wireless radio that contains information about the alarm event. The update 254 could include data such as the successful transmission of an alarm signal, detection that the telephone line or any other wired connection has been cut by an intruder, or cancellation of the alarm message.
“If the escrow station 240 does not receive any messages or the message indicating that the wired connections have been disabled, the site may forward the update to host station 230. As shown by 256 to indicate the possibility of a crash and smash intruder. The alarm signal may not be received at the host station 230 as illustrated by 250. The escrow site may not receive the update, but it could be that the alarm signal was transmitted successfully or cancelled. The host station 230 could then respond in the same manner.”
“While the control panel is supposed to be able communicate with the host stations directly, some implementations have the control panel not communicating directly with the station. These implementations use the escrow site as the primary communication channel between the control panel (or host station) and the control panel. These implementations ensure that all alarm signaling from control panels goes through the escrow station regardless of whether it is a typical alarm event, a crash and smash intrusion, or any other type of alarm.
“FIG. “FIG. An alarm situation can be identified at step 310. An alarm situation could include the entry of a primary or other entryways into a protected area. A primary door could be the one through which a property manager, owner, or another delegate enters the alarm system before it is disarmed. Another alarm situation may include sensors or monitors in multiple locations. In these cases, cancellation of an alarm system might be necessary. A location could include a subset of a location, such as a room within a house, or one or several locations, such as stores in different areas. A passcode, key, or other appropriate mechanism can be used to disarm an alarm system and disable it. You may also use voice recognition, retina scanning or fingerprint identifications to disarm the alarm system. A predetermined delay can be used by property owners or managers to cancel alarm signals.
“At step 321, an alarm signal can be sent from the control panel to a station via a first communications path, e.g. a phone line or other similar connection, in response to an alarm situation 310. An alarm signal can be sent to a station.
“At step 333, a message can be sent using a second communication route, such as a wireless radio or other similar connection. The message can be sent from the control panel or individual monitor devices to a remote alarm signal site or NOC. The message can be sent at the same time as the alarm signal, or just before or after it.
“At step 341 the wireless radio can also send an update that identifies the situation. The update could indicate, for example, that the alarm signal via the first communication pathway has been transmitted successfully, that the control panel has detected that the phone or other wired connection has been disconnected (e.g. by an intruder) or that the alarm signal has been cancelled. The message may also indicate other events or situations.
“At step 350, the message can be transmitted to host station in response the message received from the escrow site. The escrow site can transmit the update to the host station if it does not receive any messages or the message indicating that the wired connections have been disconnected. The escrow site may not send any further signals if it receives the update that the alarm signal has been transmitted successfully or cancelled effectively.
“FIG. “FIG.4” is another example flowchart that illustrates an example of alarm signaling at an escrow site. Step 410 may identify an alarm situation at a specific location. The escrow site might receive a message at step 420 from the control panel, or one or more monitors, indicating the alarm condition.
“At step 433, the escrow site might also receive a message that identifies the situation. The message could indicate, for example, that the alarm signal was transmitted successfully, that the control panel detected that the phone line, or any other wired connection, e.g. broadband, had been cut by an intruder, or that the alarm signal cancellation has occurred. The message may also indicate other events or situations.
“At step 443, the escrow station may transmit or forward an update to the host site to indicate a smash intrusion or crash if it fails to receive any messages or receives the message that indicates that the wired connection is disabled.”
“Real-time analysis can also help protect against smash and crash events. An offsite system, such as in an office or home, is used here. As described in FIG. 1 may be capable to monitoring and reporting every important sensor and keypad event in a property prior and during an alarm event. All or some of the system events, such as 110, 112,114, 116 and 118, may be reported. One or more messages may be sent immediately via broadband connection or wireless signaling, either to a control panel 120, or an NOC125. There sensors can be monitored and sequences of system events analyzed to identify signs of a crash or smash attack.
According to one example, when a security system is activated and a door is opened that has been programmed for a delayed alarm, a message can be sent immediately to NOC 125 or 120 to inform them that the alarm system was activated. It may be expected that the host station 130 will receive a notification within a set time that the alarm system is disarmed or that the alarm has not been properly disarmed. The host station 130 may then be informed if it does not receive notification within the time limit that either the alarm system or signaling device have been disarmed. An alarm event notification about an intrusion may be sent to the escrow office 125 and to property owners.
According to another implementation, sensors may just send their state (or any other information) to a host system and the?security? system. It is basically a set of sensors that transmit their unique identification and/or other information to the host station over a network (e.g. wireless, broadband, etc.). One sensor can be used in multiple security systems simultaneously. Sensors 4, 5, 6, and 7 could be used together to secure a stockroom, while sensors 6, 8, 9, 10, 11 and 12 may be used to secure a building’s security system. Both systems may not require a traditional control panel as sensors communicate their state and unique identities directly to the escrow station and/or host station, or to software that is operating at a central NOC, which may be capable to service multiple systems simultaneously.
“Wireless” is a generic term that can be used to describe wireless networks. “Wireless” can refer to long-range wireless radio, local wireless network such 802.11 based protocols or wireless wide area network (such as WiMax) and/or similar applications.
“In some cases, the average signal strength of a secured location can be used to calculate the wait time for an alarm signal that has been sent from the secure location that is under escrow. These implementations analyze the history of communications with the secure location to determine the average signal strength of alarm signals coming from the secured area. This is used to determine an intelligent wait time in escrow for alarm signals that account for the calculated average signal strength. A first secured location with a high average signal strength may have a shorter wait time (2 minutes), while a second secured location with a lower average signal strength may have a longer wait time (3 minutes). This may allow for faster detection of an alarm destruction incident at the first secured location. The first secured location is more likely to have a high quality signal and less likely to experience a communication error. The second secured location may have a lower chance of false alarm destruction events due to communication errors. This is because the second secured location has a longer wait to receive the signal.
“FIG. “FIG. 6” illustrates an example 600 process for alarm signal destruction detection and alarm signal escrowing at a secured location with a dynamically-set escrow period. The system 200 is responsible for the operation of the 600. One component of system 200, e.g. the escrow service 240, can perform the operations of the 600. Or any combination of components of system 200. One of the 100 components (e.g. the escrowsite 125), or any combination of components may perform the operations of 600. In some cases, the operation of the process 600 can be carried out by one or more processors embedded in one or more electronic devices.
“The system 200 monitors alarm signaling from a secure location over time (610). The system 200, for example, tracks alarm signals from a security system at the secure location and measures the characteristics of these alarm signals to determine the quality of the alarm signals. The system 200 could measure the signal strength, latency, and other characteristics of alarm signals from the secure location.
“The system 200 may also track the reliability of communications with the secure location. The system 200, for example, may monitor whether an alarm signaling communication leads to an error in communication.
“In some examples, the system 200 tracks each alarm signal (or other communication/message) from the security system or alarm signaling device at the secured location and stores data associated with each alarm signal in a log. These examples may include information such as the time and date of each alarm, the source of the alarm, the signal strength, signal to noise ratio, and whether there was a communication problem. If so, the type of error. The log may also contain any other types of alarm signaling quality information.
“The system 200 may track alarm signals (or other communications/messages) from the secured location over an extended period of time (e.g., months, years). The system 200 also may track alarm signals (or other communications/messages) for multiple (e.g., many), different secured locations and develop an alarm signaling quality profile for each of the secured locations tracked.”
Based on the monitoring (620), “The system 200 calculates one or more alarm signaling statistics for the secured place. The system 200 could use the monitored data from the secure location to calculate alarm signaling quality statistics. The system 200 could analyze logs of alarm signaling data to determine different types of statistics about the secure location. The system 200 can determine the average or median signal strength for alarms sent to the secured location by tracking signal strength. The system 200 can also track latency of alarm signal exchanges with secured locations. This means that the system 200 could determine the average (or median), latency of alarm signals being exchanged with secured locations. The system 200 can track the signal-to noise ratio of alarm signals that are exchanged with the secure location. This could allow the system 200 to determine the average or median signal-to?noise ratio between alarm signals sent to the secured location. The system 200 can track communication errors in alarm signals that are exchanged with the secure location. This could allow the system 200 to determine the alarm signal error rate. Other statistics related to the quality of alarm signals could also be collected.”
“In some cases, the system 200 might compute standard deviations in alarm signaling quality characteristics or compute averages for a certain number (e.g. ten) of highest outlier events for previous alarm signals from the secure location. These examples may include statistics and standard deviations that can be computed for outlier events. This could be used to evaluate network latency.
“In some cases, the system 200 can calculate an alarm signaling score that takes into account several types of alarm signaling statistics. The system 200 could calculate an alarm signaling score that takes into account the average signal strength, average latency, alarm signal-to-noise ratio, alarm signals sent to the secured place, and the error rate of alarm signals sent to the secure location. The alarm signaling score may be calculated by the system 200 as a weighted combination these factors. Weights are assigned to each factor based on their relative importance in assessing signal quality. Alarm signaling quality can reflect multiple types of measurements. It may also be used to measure signal quality at the secure location.
“In some cases, the system 200 might adjust one or more alarm signaling statistics over time. The system 200 could compute new alarm signaling statistics on a regular basis (e.g. once per month) or compute new alarm signals quality statistics every time an alarm signal is received from a secured location. Recent alarm signals may be weighed more heavily by the system 200 than older alarm signals. Alarm signaling quality statistics can change over time. They are most indicative of alarm signals that have been exchanged with the secure location. The system 200 might quickly adjust the alarm signaling statistics to reflect the decrease in quality. The system 200 can also adapt alarm signaling statistics quickly to reflect an improvement in alarm signaling.
Based on one or more alarm signaling statistics (630), the system 200 dynamically determines an escrow period to allow alarm signals to be sent from the secured location. The system 200, for example, may establish an escrow period to account for alarm signaling quality at the secured location. The system 200 might set a short escrow period if the alarm signaling quality statistics for the secured location indicate that the alarm signaling quality is high. The system 200 can set a short escrow period because the alarm signaling quality at the secured location is high. Failure to receive an alarm signal from this location will have a low probability of being due to a communication error. This will allow for faster detection of alarm destruction events at the secured location. It may also provide better service in cases involving a smash intrusion or crash.
“In addition, the system 200 could set a long escrow period if the alarm signaling quality statistics for the secured location indicate that alarm signaling is of low quality. The alarm signaling quality at the secured location is very poor so the system 200 allows for a longer time to receive communications from the secured site. Failure to receive an alarm signal from secured location can be a sign of a communication problem. This allows for better detection of alarm destruction events at the secured location (e.g. less false alarms), and also ensures that an alarm signal does not go unreceived due to a communication error.
The system 200 can dynamically set the escrow period based on any combination of alarm signaling quality statistics mentioned throughout this disclosure. The system 200 can apply one or more rules for the alarm signaling statistics and determine the escrow period according to their application. The system 200 might calculate the escrow time (e.g. wait time) when it computes the alarm signaling score. This is done by applying the alarm signaling score to an equation that produces the escrow amount. Another example is that the system 200 might compare the alarm signaling score to a set thresholds and dynamically set escrow to the specific escrow periods associated with each threshold (e.g. set the timer to four minutes for scores between zero and one, three minutes for scores between one and two and two minutes for scores greater than two),
“When the system 200 calculates standard deviations or statistics related to extreme events, the system200 may use these standard deviations or statistics related to extreme events to determine the escrow period. The system 200 might set a shorter escrow period if the system 200 detects few outlier events (e.g. none). The system 200, however, may set a longer escrow period if it detects outlier timestamps that indicate more frequent outlier events.
In some cases, the system 200 might adjust the escrow periods dynamically over time. The system 200 could set a new period every month, or it may adjust the escrow period when new alarm signaling statistics are calculated. Recent alarm signaling statistics may be weighed more heavily by the system 200 than older alarm signaling statistics. The escrow period is a reflection of the alarm signals that are currently being exchanged with the secure location. It can change over time. To reflect a decrease in alarm signaling quality at the secured location, the system 200 could quickly increase the escrow time. The system 200 could also decrease the escrow time if alarm signaling quality improves at the secured location.
“The system 200 handles alarm system destruction detection and alarm signal escrowing for the secured location. It uses the dynamically-set escrow period (640). The system 200, for example, uses the dynamically-set escrow period in order to determine the time it takes to make a determination about an alarm system destruction event. The system 200 can notify the central monitoring system and/or the user associated with the secure location of an alarm system destruction event. You can use any of the methods described in this disclosure to handle alarm signal escrowing or alarm system destruction detection. The escrow period is dynamically determined.
“The techniques described in FIG. 6 are not applicable to the secured location. “Though the methods described above with respect to FIG. 6 were used to dynamically set an escrow period, they can also be used for handling alarm signal destruction detection and alarm signal escrowing. Based on one or more alarm signaling statistics, the system 200 might determine whether additional measures should be taken to reduce false alarms. The system 200 might require confirmation pinging sequences (see FIG. If the alarm signaling quality statistics of the secured location indicate that alarm signaling is poor, the system 200 may require a confirmation pinging sequence (see FIG. If the alarm signaling quality statistics for the secured location indicate alarm signaling quality is high, then the system 200 might not need to issue an alarm system destruction signal (e.g. crash and smash).
“FIG. “FIG.7” illustrates an example 700 process for alarm system destruction detection at a secure location. It is based on analysis and exchanged pinging communication. The system 200 is responsible for the operation of process 700. One component of system 200, e.g. the escrow service 240, can perform the operations of process 700. Or any combination of components of system 200. One of the 100 components (e.g. the escrow website 125), or any combination of components may perform the operations of process 700. One or more processors may be used to perform the operations of process 700 in some implementations.
“The system 200 exchanges secure location pinging communications (710) The system 200, for example, facilitates the exchange of pinging communication between a security system at the secured location or an alarm signaling device at the secure location and a server located at an escrow. The pinging communication may indicate that the device is functioning properly and can receive/send communications. The security system, alarm signaling device or server at the escrow location may initiate the pinging communications.
“In some cases, the security system/alarm signaling device at a secured location might initiate a pinging communications that indicates that it is functioning properly and is awake. These examples may result in the server at the Escrow Site acknowledging that the pinging communications were received.
“In some cases, the server at escrow may initiate a request for status from the security system at the secured site. These examples show that the secure location’s security system or alarm signaling devices responds to the pinging communications with its status once it has received the communication.
The system 200 can exchange pinging communications via any network described in this disclosure. Because pinging over Internet-protocol-based networks are relatively inexpensive and can be exchanged at a high frequency, the system 200 could leverage an Internet protocol based network (e.g. the Internet).
“In some implementations, system 200 may ping communications periodically during operation. These implementations may have pinging communications that are either persistent or continuous throughout the operation of system 200. The pinging communications could be used as a heartbeat signal, with pinging communications being exchanged at an extremely fast frequency (e.g. one pinging communication per minute or faster). A repeated message of “I’m awake” may be sent by the alarm signaling device or security system at the secure location. ?I’m awake,? etc. pinging communications so that the server at the Escrow Site can closely monitor the status the security system or alarm signaling devices at the secured location. A potential alarm or alarm event may trigger persistent or continuous pinging.
“In some cases, the system 200 may initiate pinging communications to the secured location in response alarm signaling events. These examples show that the system 200 can initiate pinging communications at the secured location to respond to an alarm signal. In response to expiring escrow periods, the system 200 may initiate communications to secure location. The system 200 might attempt to ping the secure location to indicate that an alarm destruction event occurred.
“The system 200 analyses the exchanged Pinging Communications (720). The system 200 might analyze whether pinging communications are occurring as expected. The system 200 can analyze whether pinging communications are being initiated by the security device or alarm signaling devices at the secure location. This could include analyzing the frequency at which the security device or alarm signaling system initiates pinging communication. The system 200 can analyze the acknowledgments received by the security system at the secured location when the server at the Escrow Site initiates pinging communication.
“In some cases, the system 200 might track the time of the last communication between the security system/alarm signaling device at the secured site and the server at escrow. The system 200 may also track the number and/or quality of any pinging communications (e.g. acknowledgements) not received or received.
“The system 200 is responsible for alarm system destruction detection at the secured location using the analysis of the pinging communications (730). The system 200, for example, detects alarm system destruction at the secured location based upon whether or not pinging messages are being exchanged as expected. Based on analysis of the pinging communications, the system 200 can either start, stop or reset the escrow period. It may also detect alarm destruction events based upon the analysis of the pinging communications.
“Some implementations use pinging communications to delay the onset of a timer which measures an escrow period in an alarm signal. These implementations initiate pinging communications when there is a potential alarm signal. Each time a pinging message is exchanged, the system 200 can reset the start time of the escrow. The system 200 can also determine when an alarm signaling device or security system at the secure location stopped functioning properly (e.g. was disabled) and calculate the escrow period starting from the latest communication.
“In some cases, the system 200 may detect an alarm system destruction event by counting the number of missed messages. The system 200 can determine if a certain number of pinging communication (e.g., expected pinging messages the security system will initiate or acknowledgements to the escrow site have been initiated) has been missed. If the system 200 detects that a particular number of pinging communication have been missed, it will determine that an alarm system destruction has occurred. The system 200 can then handle the alarm system destruction event in the appropriate manner, using any of these techniques.
“FIG. “FIG. 8” illustrates an example process 800 that handles alarm signal destruction detection and alarm signal escrowing for potential alarm events using a dynamically-set escrow period. The system 200 performs the operations of the process 800. One component of the system 200, e.g. the escrow location 240, can perform the operations of the 800. Or any combination of components of system 200. One of the 100 components (e.g. the escrow website 125), or any combination of components may perform the operations of process 800. One or more processors may be used to perform the operations of process 800 in some implementations.
“The system 200 detects the sensor that generated the potential alarm signal (810) and sends it back to the security system. A server located at an escrow location may receive, via a network, an alarm signaling device or security system signal that monitors a secured area. The security system that monitors the secure location may contain multiple sensors (e.g. door contact sensors and window contact sensors as well as glass break sensors and motion sensors). The potential alarm event signal can be sent to at least one sensor that detects an event that could indicate an alarm event.
“The system 200 may also start tracking an entry delay period when at least one sensor detects an event that could be a potential alarm. This allows a user to cancel the alarm event (e.g. by entering a passcode to the security system), so that no alarm event is detected. The sensor that detected the alarm event may have a different entry delay period. A front door sensor might have a delay period of 30 seconds due to its proximity to the door. This allows the panel to cancel the potential alarm event in a short time. A garage door sensor, on the other hand may have a five minute entry delay period because the alarm panel is far away from the garage door. This means that input is required to cancel the alarm event.
“In some cases, the potential alarm signal may include data (e.g. garage door, front door, hallway motion sensor etc.). Indicates which sensor caused the alarm event. These implementations allow the server at the Escrow Site to analyze the potential alarm signal to extract sensor identification data and then use that data to determine which sensor was responsible for the alarm event. The communication may include the sensor identification data, which can be separate from the potential alarm signal. A delay time may also be included in the sensor identification data.
“The system 200 dynamically determines the escrow period for potential alarm signal. It is determined by the sensor that generated the alarm signal (830). The system 200 might set an escrow period to account for the potential alarm signal’s source. The system 200 might set a short escrow period if the identified sensor has a short entry delay and is close to the control panel that allows for potential alarm event cancellation. When the identified sensor has a long entry delay and is not close to the control panel, the system 200 might set a longer escrow period. This allows for potential cancellation of alarm events. The system 200 can adjust the escrow period to reflect which sensor caused the alarm event. This will reduce false detection rates.
“Some implementations store a data structure (e.g. a table) that maps sensors and escrow periods. These implementations compare the identified sensor with the data structure, and identify the escrow period that corresponds to the identified sensor using the comparison. The system 200 dynamically sets an alarm period to match the period that was mapped to the data structure. The data structure can be used to define the escrow periods. However, the system 200 may also set them by alarm companies.
One example is that a home security system could include both a front and garage door sensors. The entry delay period for the front sensor could be 60 seconds. This is because the alarm panel is located close to the front doors and it takes only a short time to cancel the alarm event. The entry delay period for the garage door sensor could be five minutes. This is because the alarm panel is far away from the garage doors and input takes a long time to cancel the potential alarm event. The entry delay period that corresponds to the detection of an alarm event may be used as the basis for the escrow period. The escrow period could be extended by 30 seconds if the entry delay is longer. The escrow period will be set to ninety seconds after the front door sensor detects a potential alarm event. It will then be set to five minutes, thirty seconds when it detects the potential event at the garage door. Another example is that the escrow period can be set to a multiple the entry delay period (e.g. one and a quarter times or two-times the entry delay). The escrow time is set to one-and-a half times the length of the entry delay period. It is ninety seconds after the front door sensor detects an alarm event. The escrow time is then set to seven minutes, thirty seconds after the garage door detects that potential alarm event.
The system 200 may also set escrow periods based upon a history of interactions with specific sensors. The system 200 might track the average time it takes to receive a cancellation signal from a sensor that detects an alarm event. A user may also provide input to cancel the alarm event. The system 200 could use the average time taken to receive the cancellation signal in order to set the escrow periods. This may allow faster detection of alarm system destruction events. Imagine a front door sensor with a delay of sixty seconds. However, the system 200 detects that cancellation signals for possible alarm events based on the first sensor are received in an average of forty-five seconds. The system 200 could set the escrow time to be thirty seconds longer than the cancellation signal time. Therefore, the escrow duration would be seventy-five second. When using the entry delay to set the escrow time, the seventy-five second period is shorter than that of the ninety seconds. The system 200 can use the history of interactions with specific sensors to determine escrow periods. This is even when cancellation signals are received fairly quickly.
“The system 200 handles alarm signal destruction detection and alarm signal escrowing using the dynamically-set escrow period (840). The system 200, for example, uses the dynamically-set escrow period in order to determine how long it takes to make a determination about an alarm system destruction event. The system 200 can notify the central monitoring system and/or the user associated with the secure location of an alarm system destruction event. You can use any of the methods described in this disclosure to handle alarm signal escrowing or alarm system destruction detection. The escrow period is dynamically determined.
“FIG. “FIG. 9 illustrates an example of process 900 to identify alarm system destruction detection events. The system 200 is responsible for the operation of process 900. One component of the system 200, e.g. the escrow location 240, can perform the operations of the process. Or any combination of components of system 200. One of the 100 components (e.g. the escrowsite 125), or any combination of components may perform the operations of process 900. One or more processors may be used in some implementations to perform the operations of the process 9000.
“The system 200 aggregates alarm system destruction detection (910) data. The system 200 can receive alarm system data from multiple monitored locations. It may identify alarm systems data associated with alarm system destruction detection (910) instances, correctly detected alarm system destruction events, or instances where alarm system destruction was not detected. The system 200 could track alarm system data to determine if it is associated with particular types of alarm system destruction events (e.g. correctly detected, incorrectly detected or not detected). System 200 can aggregate data across geographic regions in order to identify patterns in alarm system destruction events within a particular geographic area. System 200 may also aggregate data from other alarm events to try to predict alarm system destruction events. For example, a large number regular alarm events could be used to foreshadow alarm system events as the criminals who complete regular alarm events can become more sophisticated. Other types of data that may be related to alarm system destruction events may also be tracked by the system 200 (e.g. crime incident data, which is used to predict alarm system destruction events). All data may be stored in a database by the system 200.
“The system 200 creates a pattern that is representative of successful alarm system destruction detection event based on the aggregated information (920). The system 200, for example, analyzes the data and finds one or more patterns that are indicative or correlate with alarm system destruction events. To detect patterns that are associated with specific regions, the pattern can be regionalized. The system 200 can consider successful detections in generating the pattern and may identify similar alarm system behavior in those successful detections. The system 200 may also consider unsuccessful detections. It will attempt to identify alarm system behavior that is similar in unsuccessful detections, and then discount the identified behavior in generating the pattern. As new data is gathered and analyzed, the system 200 can update the pattern. The system 200 can update the pattern continually to account for any recent changes, adapt to new techniques of alarm system destruction, and even create crime enterprises.
“The system 200 uses the generated pattern to match future alarm system destruction detection events (930). The system 200, for example, compares the generated pattern with future alarm system behavior patterns in order to identify similar patterns that could indicate alarm system destruction events. The system 200 might be able to detect alarm system destruction events faster because it has a large number of data.
The system 200 may also use the generated pattern in order to alter certain parameters for detecting alarm system destruction events. The system 200 can reduce the escrow period of alarm signals from the alarm systems in a region if the generated pattern indicates an increase in alarm system destruction events. This will allow for faster detection of alarm events in that region.
“In certain implementations, system 200 may require a double sensor requirement to detect an alarm system destruction event. In some security systems, the user might have to activate multiple sensors in order to enter a building that is monitored by the system. A building may have a front door sensor as well as a motion sensor to detect motion in a hallway leading from it. An alarm signaling part of the security system might be placed in a building so that an intruder who enters through the front door must go through the hallway with the motion sensor in order to reach the alarm signaling element and disable or destroy it. The system 200 will detect an intrusion through the front door, triggering the motion sensor, and then destroy the alarm signaling part. The system 200 can determine if the motion sensor triggers an alarm and may also detect an alarm system destruction event if the sensor triggers simultaneously with the front door sensor. The double sensor requirement can help reduce false alarm system destruction events. For example, if a weather condition (e.g. high wind or lightning strike) triggers a first sensor, and renders the alarm signaling device inoperative (e.g. due to power failure or communication loss) at the same time, this may be a false alarm event. The double sensor requirement would stop the weather conditions from triggering the motion sensor. Therefore, the system 200 wouldn’t detect an alarm system failure even though it has stopped communicating with the alarm signaling part. The system 200 can take appropriate actions to handle this situation, such as alerting the user and/or the authorities. However, the system 200 is not equipped to deal with an alarm system destruction situation in the extreme. The system 200 can monitor and report on weather conditions to increase detection of false alarms.
“In some cases, a security systems may have multiple transmission points (e.g. wireless and/or wireline) that are outside of the building. These transmission points allow the security system to communicate with an alarm server or a central monitoring station. These examples show how the security system can use the techniques described in this disclosure to escrow alarm signal and detect alarm system destruction events within a building. A secondary transmission component, for example, may communicate with the primary transmission component to perform similar operations as the escrow site. The secondary transmission component can detect if the primary transmission component is disabled or destroyed and may take over communication with the central monitoring station. Multiple transmission components are used to transmit alarm data outside of buildings. This makes it more difficult to disable or destroy alarm system communications from buildings.
The described methods, systems and techniques can be implemented in digital electronic circuitry or computer hardware, firmware, code, or a combination of these elements. These techniques can be implemented using appropriate input and output devices, a processor and a computer program product that is machine-readable and stored in a storage device. This allows for the processor to execute it. The programmable processor executes a set of instructions that performs desired functions, operating on input data and producing appropriate output. These techniques can be implemented in one to several computer programs that run on a programmable platform. This system includes at least one processor, which is able to receive and transmit data from, as well as instructions to, a data storage device, at least 1 input device, and at most one output device. A computer program can be implemented in either a high-level procedural, object-oriented, or assembly language. It may also be written in interpreted or compiled languages. A variety of general and special-purpose microprocessors are suitable processors. A processor will generally receive instructions and data from either a read-only or random access memory. All forms of non-volatile memory are suitable for tangibly storing computer program instructions and/or data, including flash memory devices like the Erasable Programmable Read-Only Memory, Electrically Erasable Programmable Read-Only Memory, and flash memory. Any of the foregoing may be supplemented by, or incorporated in, specially-designed ASICs (application-specific integrated circuits).”
It will be clear that modifications can be made. You could, for example, use other methods if the steps of the disclosed procedures were not performed in the correct order or if the components in the disclosed systems were rearranged and/or replaced by other components. Other implementations fall within the scope of this disclosure.
Click here to view the patent on Google Patents.How to Search for Patents
A patent search is the first step to getting your patent. You can do a google patent search or do a USPTO search. Patent-pending is the term for the product that has been covered by the patent application. You can search the public pair to find the patent application. After the patent office approves your application, you will be able to do a patent number look to locate the patent issued. Your product is now patentable. You can also use the USPTO search engine. See below for details. You can get help from a patent lawyer. Patents in the United States are granted by the US trademark and patent office or the United States Patent and Trademark office. This office also reviews trademark applications.
Are you interested in similar patents? These are the steps to follow:
1. Brainstorm terms to describe your invention, based on its purpose, composition, or use.
Write down a brief, but precise description of the invention. Don’t use generic terms such as “device”, “process,” or “system”. Consider synonyms for the terms you chose initially. Next, take note of important technical terms as well as keywords.
Use the questions below to help you identify keywords or concepts.
- What is the purpose of the invention Is it a utilitarian device or an ornamental design?
- Is invention a way to create something or perform a function? Is it a product?
- What is the composition and function of the invention? What is the physical composition of the invention?
- What’s the purpose of the invention
- What are the technical terms and keywords used to describe an invention’s nature? A technical dictionary can help you locate the right terms.
2. These terms will allow you to search for relevant Cooperative Patent Classifications at Classification Search Tool. If you are unable to find the right classification for your invention, scan through the classification’s class Schemas (class schedules) and try again. If you don’t get any results from the Classification Text Search, you might consider substituting your words to describe your invention with synonyms.
3. Check the CPC Classification Definition for confirmation of the CPC classification you found. If the selected classification title has a blue box with a “D” at its left, the hyperlink will take you to a CPC classification description. CPC classification definitions will help you determine the applicable classification’s scope so that you can choose the most relevant. These definitions may also include search tips or other suggestions that could be helpful for further research.
4. The Patents Full-Text Database and the Image Database allow you to retrieve patent documents that include the CPC classification. By focusing on the abstracts and representative drawings, you can narrow down your search for the most relevant patent publications.
5. This selection of patent publications is the best to look at for any similarities to your invention. Pay attention to the claims and specification. Refer to the applicant and patent examiner for additional patents.
6. You can retrieve published patent applications that match the CPC classification you chose in Step 3. You can also use the same search strategy that you used in Step 4 to narrow your search results to only the most relevant patent applications by reviewing the abstracts and representative drawings for each page. Next, examine all published patent applications carefully, paying special attention to the claims, and other drawings.
7. You can search for additional US patent publications by keyword searching in AppFT or PatFT databases, as well as classification searching of patents not from the United States per below. Also, you can use web search engines to search non-patent literature disclosures about inventions. Here are some examples:
- Add keywords to your search. Keyword searches may turn up documents that are not well-categorized or have missed classifications during Step 2. For example, US patent examiners often supplement their classification searches with keyword searches. Think about the use of technical engineering terminology rather than everyday words.
- Search for foreign patents using the CPC classification. Then, re-run the search using international patent office search engines such as Espacenet, the European Patent Office’s worldwide patent publication database of over 130 million patent publications. Other national databases include:
- European Patent Office (EPO) provides esp@cenet to access a network of Europe’s patent databases with access to machine translation of European patents.
- Japan Patent Office (JPO) – with access to machine translations of Japanese patents.
- World Intellectual Property Organization (WIPO) offers PATENTSCOPE with a full-text search of published international patent applications and machine translations for some documents, as well as a list of international patent databases.
- Korean Intellectual Property Rights Information Service (KIPRIS)
- State Intellectual Property Office (SIPO) with machine translation of Chinese patents.
- Other International Intellectual Property Offices with online patent databases include Australia, Canada, Denmark, Finland, France, Germany, Great Britain, India, Israel, Netherlands, Norway, Sweden, Switzerland, and Taiwan.
- Search non-patent literature. Inventions can be made public in many non-patent publications. It is recommended that you search journals, books, websites, technical catalogs, conference proceedings, and other print and electronic publications.
To review your search, you can hire a registered patent attorney to assist. A preliminary search will help one better prepare to talk about their invention and other related inventions with a professional patent attorney. In addition, the attorney will not spend too much time or money on patenting basics.
Download patent guide file – Click here