The field of the invention relates to security systems and more particularly to methods of simplifying security systems.
Security systems are generally known. Such systems typically consist of some form of intrusion detection of a secured area coupled with an alarm panel. Where the secured area is a building, the intrusion detectors may be simply be provided in the form of door or window switches.
In more sophisticated systems, intrusion detection of a building's interior may be provided in the form of motion sensors. Motion sensors can be infrared or ultrasonic.
In addition to motion detectors, many homes are also protected through the use of glass breakage detectors. In this case, the glass breakage detectors are especially constructed to respond to the specific frequencies associated with breaking glass.
In each case, the intrusion detectors are connected to an alarm panel. The alarm panel, in turn, may be provided with an audible alarm to alert authorized occupants to the presence of intruders.
The alarm panel may, in turn, be connected to a remotely located monitoring station. The monitoring station has the additional advantage of being able to summon police even when the normal occupants of a secured area are not present.
While exiting security systems are effective, they are expensive to install and can be unreliable. Once installed, security systems often require a separate control panel that detracts from the appearance of most homes. Because of the importance of security systems, a need exists for more reliable systems that are and inexpensive to install and operate.
The security sensors 16, 18 may be any appropriate sensing device (e.g., window or switches, motion detectors, security camera etc.). The security processor 12 may communicate with the security devices 16, 18 through a radio frequency (RF) transceiver 100 and antenna 14.
While the primary communication connection between the security processor 12 and central station 24 may be through the network interface 28 and Internet 26, local requirements may necessitate a secondary connection. The secondary connection may be provided by a cell phone 20. In this case, the transceiver 100 may operate as a Bluetooth device communicating with the cell phone 20 (e.g., a model 7845i-GSM communicator with integrated Bluetooth radio) under a Bluetooth format. The cell phone 20, in turn, may forward messages from the security processor 12 to the central monitoring station 24 through the public switch telephone network (PSTN) 22.
The network interface 28 may be any appropriate network device (e.g., television set-top box, digital video recorder, DSL modem, fiber-optic modem, VSAT satellite transceiver, personal computer, etc.) with a broadband network connection. While the network connection is shown as being established through the Internet 26, it should be understood that the network connection may also include any public or private network, the PSTN or cable TV distribution system.
In general, the security system 10 incorporates existing high speed connections within a user's home to provide a low-cost, reliable security system. For example, in the case of a set-top box 28, a processor within the set-top box 28 often contains considerable processing power along with a broad band network connection. Moreover, many set-top boxes have an integral universal serial bus (USB) connection (e.g., receptacle) 34. Although other connector types (e.g., PCMCIA cardbus, ISO7816 smartcard slots, FireWire port, etc.) may also be present on the set-top box.
The set-top box 28 typically contains an operating system and a middleware layer that insulates application software from the operating system. The middleware layer is typically an interpretive runtime interface (e.g., one or more JAVA applications) with custom classes to control the special hardware present on the system. Third party applications can be installed into this middleware layer.
The security processor 12 consists of a miniature board containing a microcontroller 104, a host interface (USB in this example) 106, a mass-storage device (e.g., a NAND flash array) 108, the short-range radio receiver 102 and an optional Bluetooth transceiver 100. In some jurisdictions, the device may also require its own backup battery 110 for power supply if the host experiences a power failure.
The security processor 12 is designed to be plugged (or inserted, or internally integrated as a factory-installed option) into a host device, assumed to be either a proprietary set-top box (STB), a media player appliance such as Apple TV or a Windows Media PC, a standalone Network Attached Storage (NAS) device such as Apple Time Capsule or Buffalo Linkstation, a game console such as Playstation 3, or a standard desktop PC. Normally, the security processor 12 is powered from the host and the battery (if any) is kept charged from this power supply. In the event of a failure of primary power, the security processor 12 can function for a certain predetermined minimum backup period operating off the battery.
It should be noted that the microcontroller 104 presents a dual, hybrid personality to the host 12. One side of this personality is a communications class device, essentially a virtual serial port. The other side of this personality is a mass-storage device. Both of these devices are represented by standard USB classes; any operating system (embedded or consumer device) that supports the appropriate class devices will support any compliant USB device without the need for additional proprietary drivers.
The NAND flash array 108 stores three sets of data files including system configuration data (SDD) 116, one or more software applications (APPs) 118 and a user interface (UI) 120. For example, the SDD 116 may include the serial numbers of the installed peripherals, site serial number, user names, I18N (internationalization) files, and so forth. A power-on reset (POR) software application 114 is also provided that is designed to run on the microcontroller 104 during initialization. At POR, the microcontroller 104 runs an internal bootloader application which verifies the integrity of the files (e.g., APP, UI, etc.) against a factory-programmed digital signature key 112.
The APP files 118 may contain one or more processors 36 that provide the functionality of the security system. The APP processors 36 operate in conjunction with the data within the SDD files 116 to detect activation of the sensors 16, 18 and to send alarms to the central station 24.
The UI files contain one or more applications designed to operate within the network interface 28 to provide a user interface with the security processor 12 using the graphical user interface (GUI) of the network interface 28. These may consist of several different packages according to the middleware within the network interface 28 that is to be supported. A filesystem utility within the UI files 120 may contain an “autorun.inf” file and corresponding autorun executable, to be run automatically on a processor 34 (e.g., Windows hosts, a collection of Java classes (or .jar) to be run on a Java-based solution, etc.) within the network interface 28.
All three of these data sets or files 116, 118, 120 are visible as files in the storage device 108 if the security processor 12 is inserted into or connected to a standard PC. Thus, software upgrades or a change of language can be offered to customers with a simple “drag and drop” mechanism. Obviously, upgrades can also be “pushed” to the security processor 12 over the broadband connection 36 of the network interface 28.
In general, the security processor 12 may be inserted into or simply connected to the network interface 28. Connection may be accomplished by inserting a USB plug 106 of the security processor 12 into a USB receptacle of the network interface 28. When the plug 12 is inserted, the following sequence of events occurs. First, the security processor 104 executes the bootloader 104. The bootloader 104 verifies the integrity of the SDD 116, the APP 118 and UI files 120 by calculating a digital signature for each and comparing the respective signature with a reference signature 112.
Next, the processor (host) 34 will discover the COMM interface 124 and storage (STG) class interfaces 126 within the security processor 12 through the USB connector 106. Through the STG interface 126, the processor 34 will find the autorun application 122 and, in response, automatically executes the autoex application. The autoex application locates and loads the APP and UI applications into the processors 34, 36 and automatically configures a security application 40 within one or both of the processors 34, 36 substantially without any user input.
In this case, one processor 34, 36 may be a user interface application that controls the GUI through which the user interacts with the security system 10. The other processor 34, 36 may perform the security functions of detecting the activation of sensors 16, 18 and reporting such activations to the central monitoring station 24.
The UI code of the UI applications is, as far as the security processor 12 is concerned, simply a file of binary data in flash memory 108. It is transferred verbatim to the host 28, and automatically installed by the host 28 in accordance with the contents of the executive file. It can be updated at any time.
Given standardized middleware between hosts 12, 28, the security processor 12 operates simply as a plug-and-play across different STB vendor platforms 28. Thus it is immune to any need for changes required by different communication formats (e.g. ADSL vs. cable vs. fiber optic).
The UI code executing within the processor 34 communicates with the security processor 12 using the COMM interface 124. The security processor 12 may operate to drive the short range radio 102 and Bluetooth interfaces 100 (the COMM and STG code for radios 100, 102 is almost negligible in size and can be taken more or less verbatim from vendor application notes). Therefore it is not necessary to have complex video and audio codecs, or an immensely powerful processor, in the security processor 12.
Once the UI applications and APP applications have been installed into the processors 34, 36, the system 10 may display a set up screen on a display 30 for the benefit of the user. In this case, the user may use a remote control device (e.g., a TV remote where the user interface 28 is a set-top box to set up the security system 10. Setting up the security system 10 may include entry of a name of the user and an address of the secured area.
The user may also enter identifiers of each of the sensors 16, 18. For example, if a sensor (e.g., 16) is associated with a front door of a home of the user, then the user may enter the alphanumeric indicator “door1” or “front door.”
Upon completion of entry, the user may activate an ENTER key. Upon activation of the ENTER key, the processor 34, 36 may save the entered data to the SDD file 116 within the security processor 12. The processor 34, 36 may also retrieve a start up Internet address (e.g., a universal resource locator (URL), universal resource indicator (URI), etc.) of the remote monitoring center 24. The processor 34, 36 may send an initial registration message to the remote monitoring center 24.
In response, a processor (not shown) within the remote monitoring center 24 may use the address of the user to identify a closer remote monitoring center 24 and reply with the Internet URL or URI of a more convenient remote monitoring center 24. The processor 34, 36 may receive the URL or URI of the more convenient remote monitoring center 24 in the SDD file 116.
The user may activate and deactivate the security system 10 through a keypad (not shown) associated with one of the sensors 16, 18. Alternatively, the user could use a security icon display on the TV 30 to access an ON and OFF feature of the security system through the GUI of the network interface 28.
In the event of an intrusion into the secured area, the intrusion may activate one or more of the sensors 16, 18. In response, the security application 40 operating on the processor 34 may detect the activation through the security processor 12. The security 40 may compose a message to the remote monitoring station 24 notifying the remote station 24 of the security breach including a name and address of the user as well as an identifier of the sensor 16, 18. The security processor 40 may also activate a local audible alarm 38.
Note that if the POR digital signature test discussed above should fail, the security processor 12 can revert into a fallback mode. In this mode, it presents a limited filesystem to the host, containing only a “recovery” application. This recovery application is resident in ROM 128 to guarantee availability. The only function of the recovery application is to connect to the alarm central station 24 and force the network interface 28 to download a good copy of the SCD, APP and UI to refresh a corrupted NAND flash.
The general software architecture running on the network interface 28 with an inserted security processor 12 can be approximated by the diagram of
Other applications, not necessarily limited to security, can be supported in the same manner. Essentially, the security processor 12 becomes a turnkey device that, when inserted into an network interface 28, immediately adds functionality to the network interface 28. Other possible applications include HVAC, remote site monitoring, scientific data collection, and so forth.
The scope of the system 10 also covers situations where the security application software is delivered by other methods. For example, the system 10 may be used for remote provisioning (of a cable/DSL/fiber optic set-top box, by the cable provider or a third party with access to the provider's systems). In such a case the application software to support the security processor 12 is delivered to the end-user's hardware via a “push” mechanism in the same manner that firmware upgrades may be installed by the service provider. Manually-initiated installation of the software on the network interface 28, e.g. by the installer using a “secret” menu item in the network interface's menu structure to force the box to download updated software from the network or from a removable media device. Software may also be downloaded over the Internet, or installed from a CD or other removable media, in the case where the “set top box” is a general-purpose PC.
A specific embodiment of method and apparatus for providing a system during startup has been described for the purpose of illustrating the manner in which the invention is made and used. It should be understood that the implementation of other variations and modifications of the invention and its various aspects will be apparent to one skilled in the art, and that the invention is not limited by the specific embodiments described. Therefore, it is contemplated to cover the present invention and any and all modifications, variations, or equivalents that fall within the true spirit and scope of the basic underlying principles disclosed and claimed herein.