One document matched: draft-rfced-info-ryckman-00.txt
Category: Informational S. Ryckman
SIMS, Inc.
Security Industry Protocol for Alarm Transmission (SIPAT)
<draft-rfced-info-ryckman-00.txt>
Status of this Memo
This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress".
To learn the current status of any Internet-Draft, please check the
"1id-abstract.txt" listing contained in the Internet-Drafts Shadow
Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe),
munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or
ftp.isi.edu (US West Coast).
Abstract
This document suggests a method for delivering alarm information over
the Internet. All communication shall use an encryption algorithm
for transmission of the data. An immediate response from the host
will be used for verification of receipt of the message.
This transmission method may be use as a backup transmission method
to traditional dial-up or leased line methods, or as a primary
transmission method with traditional methods becomming the backup.
Due to the required security of the data being transmitted, the
encryption algorithm used will only be released on a need to know
basis to software developers in the Alarm/Security Industry.
A non-disclosure agreement will be required. Terms and conditions
of the licensing will depend on the intended purpose for use and
may require a non-competition agreement or licensing fees.
The Internet Assigned Numbers Authority (IANA) has assigned port
1733 for the registered use of SIPAT transmissions.
1. Introduction
This transmission protocol was developed to eliminate the need
for dial-up communications to send short data bursts of alarm
information. Many times, the amount of time it takes to seize
the dial-up phone line, dial the number and wait for an answer
by the alarm receiving equipment is much greater than the amount
of time it takes to transmit the data itself (even at 300 baud).
Since many corporations and government agencies as well as alarm
companies already have dedicated Internet connections, it seems
resonable that it could be used as a quick transmission method.
Due to the inherent probability of failures of the network at
some point between origination and reception of the alarm signal,
it should NOT be used for the sole transmission path for any
signal. This transmission method can be treated with the same
concerns as a typical radio alarm transmission, quick but not
entirely absolute.
Throughout the remainder of this document the following terms
will be used.
Port/Socket - Used interchangably to refer to the logical
connection created when the client software polls the host
on a particular port number, in this case port 1733.
SIPAT - Security Industry Protocol for Alarm Transmission
(Pronounced Si-Pay).
Port/Socket - Used interchangably to refer to the logical
connection created when the client software polls the host
on a particular port number, in this case port 1733.
SIPAT - Security Industry Protocol for Alarm Transmission
(Pronounced Si-Pay).
Server - The software running at the Alarm Company which is
connected to the Internet and monitoring an IP address port.
Subscriber - The software/device at the protected location.
2. System Philosophy
Proposing an alternative method of transportation of alarm signals
is not as easy to implement as it sounds. A very simple adoption
of such a feat could be accomplished with normal Email. This would
not provide immediate notification of receipt however, and would
open the system up to tampering from external sources. Clearly a
secured encryption routine must be used, to prevent people from
creating false signals or using the protocol for sending non-alarm
information, as is possible with existing transmission formats.
The principle of SIPAT is to provide security to the alarm transmission
process not found currently. This is security both for the originator
of the alarm signal (increased transmission speed) and for the
alarm company (reduction of false signals due to tampering).
Until every home has it's own direct connection to the Internet,
SIPAT can not be used for every alarm system. It's primary purpose
is for commercial applications or where the alarm signal may
originate from a non-customary device such as a program on a
computer used for monitoring network or environmental conditions,
home automation/access control computerized systems or from
radio network providers for vehicle location/tracking purposes.
SIPAT itself does not include definition for the equipment on either
end of the transmission, only the format of the data in between.
Normal implementation of SIPAT will include a dedicated machine to
act as the server. Our initial implementation involves a P.C.
running OS/2 v3.00 running a REXX application for the socket work.
The configuration and foreground work is performed by either a
DOS application written in PowerBasic or an OS/2 application written
in VisualAge Basic. The REXX application spawns seperate threads
as required to handle concurrent requests. The foreground application
takes the messages received from the REXX memory buffer and passes
them over serial port to a computerized automation software. The
format of this serial data transfer is identical to that of existing
dial-up phone line receiving equipment, eliminating the need for
the alarm companies software package to be changed.
3. Why use the Internet to send alarm messages ?
Every day, more and more alarm companies are changing from small
"mom and pop" companies, to nationwide or global monitoring stations.
With the ever increasing competition from other companies, an alarm
company must remain unique to remain in business. Switching from
a local geopgraphical area of coverage to a larger scale brings
with it increased advantages, but also increased problems. Using
customary techniques requires either the use of "800" numbers at
the alarm company (at great expense to the company) or long distance
calls from the subscriber (where they eat the cost of the phone call).
As contracts between large corporations and a single alarm company
continue, the ability of one central location to monitor a chain
of stores around the world becomes more and more expensive. Sending
open and close activity reports from a panel around the world could
easily add up to the hundreds or thousands of dollars a month in
customary phone long distance charages. Because of this expense
most sites do not implement test supervision signals unless maybe
they are only once a day. With SIPAT supervision is a two-way
street with the alarm company able to "inquiry" the status of a
particular system at any moment, even every couple seconds if
high-security warrants it.
4. The SIPAT Protocol
The SIPAT protocol is a sequence of commands and replies, and is based
loosely on the design of many other Internet protocols currently
in use. Please note that the protocol as described does not take
into consideration the encryption process which occurs before the
data is actually transferred across the Internet.
SIPAT has several input commands (the first 6 characters of each are
significant) that solicit various server responses. A "burst mode"
transmission is also supported whereas the entire authentication
and alarm message can be sent on the initial request for the socket.
SIPAT also supports several status commands which can be used by the
server to check the status of a subscriber at any time.
The messages the subscriber equipment may send vary depending on the
equipment in use. Not all subscriber equipment may be capable of
or have need to transmit all the various types of messages. All
servers should be capable of receiving them all however.
Each message transmitted is prefixed by an STX character (Ascii 2)
followed by a two character alphabetic 'Message Type' code. The
Message Type determines what the remainder of the message contains
as well as the length of the entire message. All messages will
conform to the following message format:
<stx> - Start of Transmission identifier (Ascii 2).
msg type - Two character Message Type.
length - Two digit length of variable data to follow (01-99).
data - Raw data message of length characters total.
<etx> - End of Transmission identifier (Ascii 3).
The server sends replies or status inquiries prefixed by an ENQ char-
acter (Ascii 5) and terminated by an EOT (Ascii 4).
The messages the server should be expected to return are grouped in
the following catagories to make it easier for the subscriber equipment
to determine the necessary action based solely on the first character.
1xxx - Success, Proceed, Verified
2xxx - Accepted but Incomplete
3xxx - Authentication Error
4xxx - Protocol Error
5xxx - Duplicate Transmission
8xxx - Network Busy/Error
9xxx - Status Inquiries
Typically, the subscriber initiates the connection with the server.
Upon opening the connection, the server issues a "1RDY" message
(indicating the willingness of the server to accept SIPAT commands).
At that point, the subscriber sends it's data stream and awaits
a response from the server indicating the success or failure of
the transmission. The subscribers unit should also be capable
of determining no response within a set time frame and resort to
customary alarm transmision paths or attempt to contact a differant
server at a differant IP address.
Status messages can be initiated by the server if the subscriber
unit supports it. Each subscriber unit shall at minimum support
the type 9999 server response for inquires. The subscriber unit
simply needs to respond with a status message with no variable
length data supplied. This signifies to the server that this
host does not support/want additional status messages to be
performed against it. If the subscriber unit supports additional
status messages, it will respond with the types of the status
messages that it supports in the variable data. This allows for
multiple vendors equipments with differant capabilities or for
the subscriber to limit the status inquires that can be performed
on their unit.
4.1 Examples of "simple" SIPAT Transmissions
The following are two examples of how an alarm message may be
sent to the server using SIPAT. Note that the data transferred
between subscriber and server is encrypted before it is sent
which is not shown in these examples.
Both these examples show the authentication of site 1234 with a
password of PASSWORD. Two alarm messages are being sent for the
alarm account number of 5555, one is a code 99 and the other is
a code 1. Remember that the data format in the variable data
depends entirely upon the subscriber unit and software that
the server is connected to at the alarm company and is not a part
of the SIPAT specification.
4.1.1 Standard Transmission
Subscriber Server
-------------------------- -----------------------------------
Open Connection -->
<-- 1RDY17ABC ALARM COMPANYv1.00
ID041234 -->
<-- 1PW?14Enter Password
PW08PASSWORD -->
<-- 1BGN18Begin Transmission
AM075555C99 -->
<-- 1RCV09AM5555C99
CC -->
<-- 1SNT152 Messages Rcvd
Close Connection
4.1.2 Burst Transmission
When a burst transmission is sent, all the data is sent on one
stream. This stream can occur at the time of opening the connection
or after the 1RDY message is returned depending on the subscriber
unit and it's capabilities.
Subscriber Server
-------------------------- -----------------------------------
Open Connection -->
<-- 1RDY17ABC ALARM COMPANYv1.00
!!ID041234PW08PASSWORDAM075555C99AM065555C1CC
<-- 1SNT152 Messages Rcvd
Close Connection
4.2 Subscriber Messages
The following sections briefly describe the possible messages that
a subscriber unit can send. All these messages are prefixed by
an STX character (Ascii 2) and terminated by an ETX (Ascii 3).
4.2.1 "ID" Messages - Logon Information
Each transmission must be authenticated against a table the server
maintains to ensure that no tampering is being attempted. Therefore
each transmission must include an ID type message before actual
messages will be acknowledged from the subscriber unit.
ID - Message Code.
xx - Length of ID to follow (01-99).
..... - Actual ID transmitted.
4.2.2 "PW" Messages - Password Authentication
In order to determine that a random ID wasn't guessed, a password
associated with each ID must also be sent. Whether the server
actually verifies this information or not is normally configurable.
PW - Message Code.
xx - Length of Password to follow (01-99).
...... - Actual Password transmitted.
4.2.3 "MA", "MS" and "MV" Messages - Alarm Messages
Transmission of actual data is done with Alarm Messages. The three
differant types of alarm messages allows the server to sort the
messages by priority before sending them to the host computer system.
MA - Message Code. (Alarm Messages)
or MS (Status Messages)
or MV (Verification Messages)
xx - Length of Raw Alarm Data (01-99).
........ - Actual Raw Data.
4.2.4 "CC" Message - Close Connection
Requests a summary from the server and once received closes the
connection. All subsequent transmissions from the subscriber on
this socket are ignored.
4.2.5 "??" Message - Subscriber Status
The server must have sent a type 9 Status Inquiry in order for
this message to be generated. When the server wishes to inquire
on a subscriber, it opens the socket with the subscriber at the
subscribers IP address and port and sends out a 9999 response.
At that point the subscriber unit sends out a type ?? message
indicating it's abilities for further commands.
?? - Message Code.
xx - Length of available commands (04-96)
yyyy - Number of the Server Inquiry that this
subscriber is capable of. This is always
a four digit number (9000-9999) that repeats.
Ie:9990999199929993 would mean that this
subscriber is capable of type 9990-9993
status inquiries.
4.2.6 "CL" Message - Cancel Last Message
When this message is received by the server, the last M type
message received is thrown away. This is used by subscriber
units that detect the data sent back on the 1RCV message from
the server was not the same as it sent. Once a subscriber
sends this message, it can then begin to retransmit the message.
4.3 Server Responses
The following sections explain the various responses that a
server can sent to the subscriber. All these transmissions are
started with an ENQ character (Ascii 5) and terminated with
an EOT character (Ascii 4).
1xxx - Success, Proceed, Verified
2xxx - Accepted but Incomplete
3xxx - Authentication Error
4xxx - Protocol Error
5xxx - Duplicate Transmission
8xxx - Network Busy/Error
9xxx - Status Inquiries
4.3.1 - Success, Proceed, Verified
1RDY - Tells the subscriber that the server is ready to accept
data and provides basic information about the server
including the servers name and SIPAT version number.
1PW? - Asks the subscriber unit for a password if required by
the server.
1BGN - Tells the subscriber that it has been authenticated and
it should begin transmitting signals.
1RCV - Repeats the data received back to the subscriber.
1CAN - The last message was cancelled as requested by a CL message.
4.3.2 - Accepted but Incomplete
2INC - The message sent was incomplete in some way but enough
information was received to pass it on. This is most
likely caused by a message length field being set longer
than the actual data received.
4.3.3 - Authentication Error
3BID - The ID sent is not on file or is blacklisted on this server.
3BPW - Bad or missing Password data was detected.
3BIP - The ID sent is configured to only be accepted from one IP
address, which was not the one this message was from.
4.3.4 - Protocol Error
4ERR - An invalid Message Code was received or a message was
missing relavent parts or incorrect data.
4TME - Too Many Errors, closing connection. This will only
occur during busy socket usage when the same socket
experiences more than three errors in a row.
4.3.5 - Duplicate Transmissions
5DUP - The message sent is exactly the same as the previous message
from this subscriber. This can be caused when a server
response is lost in replying to an alarm message and the
subscriber tries again. A time limit for expiration of this
feature can be set, or it can be disabled globally.
4.3.8 - Network/Busy Errors
8BSY - The server is too busy to handle the request now. This
could be performance related or by lack of sockets available.
Every server must be capable of at least 128 concurrent
sockets to be approved with SIPAT.
8HST - An error has occured with the host computer, thus making
it impossible for this server to pass on the alarm information.
8TIM - Timeout waiting for message from subscriber.
4.3.9 - Status Inquiries
All Status Inquiries with the exception of 9999 return type MS
messages. The format of the returned message varies depending
on what was requested. NOTE: The subscriber units shall normally
be configured to only accept status inquiries from a host which
has an IP address that the subscriber unit is programmed to send
messages to. This prevents anyone from being able to ask a
subscriber unit for it's status since only valid servers for that
subscriber can request it. Additionally, as proposed in the
optional extensions, programming information can be relayed upon
additional authentication of the server by the subscriber.
Items marked with an **** require additional authentication.
Items marked with an !!!! also require a secondary authentication.
9000 - Return subscriber name.
9001 - Check Alarm/Restore Status.
9002 - Check Open/Close Status.
9003 - Sends temporary message to subscriber to be displayed on keypad
(displayed until next keypad event occurs).
9004 - Changes the permanent keypad message.
9970 - Check Zone Status ****
9971 - Check Partition Status ****
9980 - Arms the system. **** !!!!
9981 - Disarms the system. **** !!!!
9982 - Bypass zones. **** !!!!
9994 - Return Configuration Switches. ****
9997 - Return IP address list. ****
9998 - Change the IP address list. **** !!!!
9999 - Ask the subscriber for it's capabilities. These are returned
in an ?? type message.
9GMT - Asks subscriber for GMT offset.
9PNG - Returns 'PING'.
9TM? - Returns the current date/time at subscriber unit.
9TMS - Sets the current date/time at subscriber unit.
9TST - Returns 'TEST'.
4.4 Illegal Commands
Should the subscriber issue an illegal command, the server may respond in
one of the two following ways:
4TME Too Many Errors
4ERR Invalid Message Code
4.5 Timeouts
The SIPAT server can optionally have an inactivity timeout
implemented. At the expiration of the allotted time, the server
responds "8TIM Timeout" and closes the connection.
5. Author
Steven M. Ryckman, Technical Supervisor
Security Information & Management Systems, Inc.
3112 Teakwood Lane - C.S.M. Division
Plano, Texas USA 75075
Voice: 214-964-7019
Fax: 214-964-0902
Email: sryckman@pobox.com
Note: The area code will be '972' after Sep. 15. 1996 for the above numbers.
6. Additional Information
For more information regarding SIPAT, contact Steve Ryckman by one of
the above listed methods (preferably by email). A "home page" has
also been established with additional information on SIPAT at
the following URL: http://pobox.com/~sims.support/sipat.html
Internet-Draft Expires: June 1997 Internet-Draft
| PAFTECH AB 2003-2026 | 2026-04-23 21:06:27 |