Alarms-over-IP: an alternative vision for users

There’s little doubt that industry at large harbours major concerns when it comes to delivering secure, integrated and seamless solutions for alarm monitoring. It’s hardly surprising, then, that The Jericho Foundation – part of the OpenGroup Forum (www.opengroup.org) and ‘staffed’ by a collection of leading chief executives – has been actively lobbying the IT systems and equipment vendors to provide secure, interoperable networks and solutions.

On that note, is IP a secure answer? Not inherently, it seems, as there are no open standards for providing security on IP networks. At present, security must be ‘designed-in’ to each IP network from the ground up on a case-by-case basis. IP does deliver wonderful flexibility and versatility, that’s true, but in doing so it also presents an enormous security headache.

That flexibility and versatility is partly derived from what becomes a network security issue, which is the fact that the data and network control co-exist at many levels. In essence, an IP router – at its default configuration – allows end user access to command and control of the network. Misused or blatantly abused, this can effectively take down an entire network. If the network then has any external connectivity this issue becomes acute because anyone with Internet access could become a potential threat.

From a telecommunications point of view, this would be the equivalent of someone being able to programme the telephone exchange and PSTN network from your telephone handset at home.

Adding layers of security

To effectively address the issue, secure IP networks need to be battened down and layers of security added. However, a lack of formal standards, differing proprietary security products and solutions and ever-evolving operating systems make this a difficult task.

Once complete, those networks also require minute and ongoing network management (and change control) to keep them secure and up-to-date against the latest risks and thefts. Completed incorrectly, that management can leave an insecure IP network open to malicious or mischievous attack, or errant failure.

As I write, I have just been reading an article in The Times (issue dated Saturday 15 October) describing the various ways in which one might access video files on some network video solutions. Was this some trivial service being hacked? No. It demonstrated access to one of the world’s pre-eminent suppliers of networked video solutions used in both the public and private sectors. Was it some sophisticated ‘hack’ perpetrated with tools downloaded from a hacking web site? No. A text string entered into Google brings up a host of available locations. Another mouse click and you are streaming live video of a petrol station forecourt, with full PTZ control and access to the video server’s configuration!

To be honest, I’m not too sure what is more amazing… The complete lack of security and authentication, or finding out about it in The Times’ magazine?!

Supplier versus provider

Central to the whole security debate is the fact that most IP signalling solutions do not control the complete signalling path, end-to-end, from customer STU to Alarm Receiving Centre (ARC) front end. Instead, the IP ‘bit in the middle’ is actually operated by a whole variety of different, independent service providers (some of whose systems may not be UK-based, or even subject to UK laws).

IP signalling solutions providers tend to like to position themselves as alarm transmission system (ATS) providers when, in truth, they are little more than alarm transmission equipment (ATE) component providers.

An ATE manufacturer offers a piece of equipment for the end user’s alarm monitoring panel, in addition to some kind of polling engine for the ARC. Here, the network sitting in the middle is someone else’s responsibility.

At present, security must be ‘designed-in’ to each IP network from the ground up on a case-by-case basis. IP does deliver wonderful flexibility and versatility, but in doing so it also presents an enormous security headache for all

The network is very much the critical element that actually delivers the message. The ATE doesn’t deliver a single message, but sends a message into a given third party network and must hope that it’s delivered. The equipment supplier has no control whatsoever of this critical element, nor ownership of it.

Given that we’re an ATS supplier, BT redcare offers full end-to-end service and management of the entire process. If an alarm message leaves our STU, we take full responsibility for delivering it to the ARC across our network.

Compare and contrast this scenario with the ATE supplier. Their equipment generates a signal into the network and hopes that it reaches the other end. If it doesn’t, will the ATE supplier take ownership or responsibility? Or is it the end user, their network provider or their IT provider who will take responsibility?

If this is an ongoing fault or issue, who is going to investigate and fix it? When the network in the middle is taken out of service for maintenance, who informs the ARC of the flood of alarms they are about to experience?

And just who do the ARC officers attempt to call at 3.00 am on a Sunday to remedy the situation? The question of who assumes responsibility when matters go awry is very important, and must not be overlooked.

IP EN Grading conformity

The way in which the newly-introduced EN Standards are playing out allows ATE manufacturers to make self-certifying claims of EN Grade compliance that include the IP network – over which they have no ownership and precious little influence – with the explicit assumption (for the purposes of Grading classification) that the network is operating at 100% all of the time. This regime is fundamentally flawed.

The current regime allows equipment manufacturers to look the same as the ATS supplier when in reality they are quite different.

There is no question that IP signalling solutions can be cost-effective, particularly when ‘piggybacked’ off existing, well-designed and secure corporate IT LAN and WAN networks. However, there are complex technological and operational factors that must be addressed with great care in order to ensure that alarm signalling security is not compromised at any time.

End users and installers who are considering the deployment of an IP signalling solution should always question in detail the claims of the ATE provider of any EN Grade compliance. These claims may well be based on a premise that includes the IP network, and which makes the assumption that the system will always be operating at 100%. Query whether this compliance is also effective if one of the signalling paths fails or is compromised, and question the ATS rating of the remaining path when left in isolation.

In addition, the client should attempt to find out if any of the following will accept any liability for signals that do not reach the ARC – the ATE provider, the network provider, the installer, the end user, the Information Technology manager or indeed the ARC’s own management team.