JP4919935B2 - Security system - Google Patents

Description

  The present invention relates to a security system including a center device and a plurality of security terminals connected to the center device via a network and transmitting an alarm indicating an abnormality in a monitoring area to be guarded to the center device.

  In the security system, a security terminal device installed in a security target building communicates with a security center device installed in a remote location via a network. For example, the security terminal device acquires an abnormal signal detected by a security sensor or the like installed in a security target building and transmits it to the security center device. In general, when a security terminal device acquires an abnormal signal from a security sensor or the like, the security terminal state transmits information indicating that to the security center device, and information indicating that even if an abnormal signal is acquired. There are two operating states: a security release state that is not transmitted to the device.

  In communication between the security terminal device and the security center device of the security system as described above, there is an increasing demand for users who want to use the Internet as a communication medium, which has a lower communication fee than dedicated lines and public telephone lines. Yes.

  However, the Internet is more likely to cause communication abnormalities and is less reliable than a communication medium such as a dedicated line or a public telephone line, which is equipped with an infrastructure for guaranteeing communication stability. Therefore, when the Internet is used as a communication medium in the security system, it is necessary to perform processing for monitoring the communication state between the security terminal device and the security center device at a higher frequency than when a dedicated line or a public telephone line is used. is there.

  Patent Document 1 discloses a distributed management system in which a plurality of agents connected to a manager in a network are grouped, and a representative agent in each group monitors the communication state of the agents in the group and notifies the manager of the monitoring result. Is disclosed. In the technique described in Patent Document 1, priorities are assigned in advance to agents included in each group, and the agent having the highest priority in the group is set as the representative agent of the group. According to the distributed management system described in Patent Document 1, for example, compared to a system in which a manager monitors the communication state of all agents, the degree of concentration of communication monitoring signals in the network section near the manager is low.

JP-A-9-172435

  However, in a system in which communication monitoring is performed by a representative terminal fixedly selected as in the technique described in Patent Document 1, signals for communication monitoring are concentrated in a network section near the terminal selected as the representative terminal. To do. Therefore, in such a system, a larger communication load is applied in a network section near the representative terminal than in a network section near a terminal other than the representative terminal.

  For example, in the security system as described above, if communication monitoring is performed by a representative terminal fixedly selected, a security terminal device of a certain user is selected as the representative terminal.

  Usually, in the security system as described above, when the security center device and the security terminal device are connected via the Internet, the security terminal device shares a communication band with other communication devices such as a PC (Personal Computer). . Therefore, when the security terminal device selected as the representative terminal consumes the communication band for communication monitoring, the communication band required by other communication devices may be compressed.

  Therefore, the user of the security terminal device selected as the representative terminal connects his / her PC or the like to the Internet in a state in which a larger communication load is applied compared to other users for communication monitoring processing by the security terminal device. It will be. Thus, a security system in which a specific user's security terminal device is a fixed representative terminal may cause unfairness to the user and is not desirable as a security system service.

  Furthermore, depending on the communication state of other communication devices that share the communication band with the security terminal device, the security terminal device selected as the representative terminal may not be able to secure a sufficient communication bandwidth for communication monitoring. .

  In the security system according to the present invention, a security terminal that monitors the occurrence of abnormality in a monitoring area and a center device that centrally monitors the plurality of security terminals are connected to be communicable via a network. A security system for monitoring a communication status of a security terminal, wherein the center device associates a terminal code including an address on the network of the security terminal with a security status indicating whether the current monitoring area is unmanned or manned. A center storage unit for storing, a center communication unit for communicating with the security terminal via the network, a security status update means for updating a security status of the security terminal upon receiving a security status from the security terminal, and the security Prioritize unmanned security terminals over manned security terminals as a representative terminal, and use security terminals other than the representative terminal as representative terminals. Subordinate to the representative terminal, group setting means for transmitting the terminal code of the guard terminal subordinate to the representative terminal to the representative terminal, and a display unit for notifying the confirmation result received from the guard terminal, The security terminal includes a terminal storage unit that stores the current security state of itself, a terminal communication unit that communicates with the center device and the other security terminals via the network, and security of the terminal storage unit A security status notification means for transmitting the status to the center device; and a response request signal is transmitted to the security terminal of the terminal code received from the center device and the reception of the response signal from the security terminal is confirmed. Subordinate terminal monitoring means for transmitting to the center device, and response means for returning the response signal to the transmission source of the response request signal when the response request signal is received. It is characterized in.

  Thereby, since the representative terminal is dynamically set according to the security state, the monitoring load is not biased to the specific security terminal. In addition, since the guard terminal in the guard set state that does not allow the presence of the user is preferentially set as the representative terminal, the influence on the communication device used by the user can be reduced.

  Further, in the security system according to the present invention, the center device transmits the response request signal to the representative terminal and confirms reception of the response signal from the representative terminal. Representative terminal monitoring means for informing the display section of communication abnormality of the representative terminal is further provided.

  Thereby, since the center apparatus can directly monitor the security terminal in the security set state that is highly likely to be notified to the center apparatus, the reliability of the security system is improved.

  In the security system according to the present invention, the center device acquires a communication path between the center device and the security terminal, and associates the acquired communication path with the security terminal in the center storage unit. Route information acquisition means for storing, wherein the group setting means compares the communication paths stored in the center storage unit, and sends a security terminal other than the representative terminal to the communication path of the security terminal. And subordinate to the representative terminal having the communication path with more overlapping portions.

  As a result, the monitoring target of the representative terminal and the representative terminal is close to the network, so that quick and reliable monitoring can be performed.

  Further, in the security system according to the present invention, the group setting means is a security terminal that cannot confirm the reception of the response signal in the confirmation result, or cannot confirm the reception of the response signal in the confirmation result. The security terminal and the security terminal that cannot confirm the reception of the response signal by the security terminal and the representative terminal monitoring means are not regarded as the representative terminal.

  Thereby, since the security terminal which can be communicated is set to a representative terminal, monitoring with high reliability can be continued.

  Further, in the security system according to the present invention, the center device may generate a communication abnormality for each security terminal based on the confirmation result or the confirmation result and the result of reception of the response signal in the representative terminal monitoring unit. An abnormality degree calculating means for calculating and storing in the center storage unit, wherein the group setting means is configured to increase the degree of occurrence of the communication abnormality when the number of selected representative terminals exceeds the predetermined number. A representative terminal adjusting unit that removes a high security terminal from the representative terminal or adds a security terminal having a lower degree of occurrence of the communication abnormality to the representative terminal;

  As a result, a security terminal that is unlikely to cause a communication abnormality is preferentially set as a representative terminal, so that highly continuous monitoring can be performed.

  According to the present invention, since the representative terminal that performs processing for communication monitoring is dynamically set, it is possible to reduce the bias of the monitoring load on some terminal devices. Further, according to the present invention, it is possible to perform communication monitoring with less influence on the use of the user's communication device.

  FIG. 1 is a block diagram showing an example of the configuration of a security system according to one embodiment of the present invention. Referring to FIG. 1, the security system 1 includes a security center device 4 and security terminal devices 2-1, 2-2, 2-3,... (Hereinafter “security terminal device 2” connected via the Internet 3. Are sometimes collectively referred to as “)”.

  The security terminal device 2 is generally installed in each building that is a monitoring area. The security center device 4 is usually installed in a security company in which a controller is stationed.

  The Internet 3 is composed of a plurality of sub-networks. In each sub-network, relay devices 5-1, 5-2, 5-3,... (Hereinafter may be collectively referred to as “relay device 5”) such as routers are installed. The relay device 5 forms a communication path that connects between the security terminal device 2 and the security center device 4 by relaying between the security terminal device 2, the security center device 4, and the sub-network according to a predetermined setting. To do.

  In the example shown in FIG. 1, the communication path connecting each of the security terminal devices 2-1, 2-2 and 2-3 and the security center device 4 is formed by the relay devices 5-2 and 5-1. A communication path connecting each of the security terminal devices 2-4 and 2-5 and the security center device 4 is formed by the relay devices 5-4, 5-3, and 5-1. Further, a communication path connecting each of the security terminal devices 2-6, 2-7, 2-8 and the security center device 4 is formed by the relay devices 5-5, 5-3, and 5-1.

  In addition, the connection between apparatuses shown by a solid line in FIG. 1 indicates a logical path through which communication data passes at a certain point in time.

  The settings of the relay device 5 may be changed by an operator of the sub-network, such as a setting for specifying which device the packet received by the relay device 5 is transmitted to. When the setting of the relay device 5 is changed, the communication path connecting the security terminal device 2 and the security center device 4 may change.

  In addition, when receiving an ICMP (Internet Control Message Protocol) Echo Request packet, the relay device 5 has a function of returning an ICMP Echo Reply packet to the transmission source of the Echo Request packet.

  In the following description, the reference numerals shown in parentheses in FIG. 1 represent an IP address that is an address for identifying each device on the Internet 3. In FIG. 1, the reference numerals shown in brackets indicate terminal IDs (identification information; terminal codes) uniquely assigned to the security terminal devices 2 in order to identify the security terminal devices 2 in the security center device 4. It shall represent. Referring to FIG. 1, the IP addresses of the relay devices 5-1, 5-2, 5-3, 5-4, and 5-5 are A, B, C, D, and E, respectively. -1,2-2,2-3,2-4,2-5,2-6,2-7,2-8 have IP addresses of TM1, TM2, TM3, TM4, TM5, TM6, TM7, respectively. , TM8. The terminal IDs of the security terminal devices 2-1, 2-2, 2-3, 2-4, 2-5, 2-6, 2-7, 2-8 are 1, 2, 3, 4 respectively. , 5, 6, 7, 8.

  Note that the actual security system 1 may be configured with more security terminal devices 2 and relay devices 5 than illustrated in FIG. For example, the security system 1 may include several thousand to several tens of thousands of security terminal devices 2. In general, the Internet 3 includes a large number of relay devices 5.

  In the security system 1 of the present embodiment, the security center device 4 manages the security terminal devices 2 in groups. The security center device 4 selects some of the plurality of security terminal devices 2 as representative terminals, and sets each of the security terminal devices 2 not selected as representative terminals as subordinate terminals subordinate to any of the representative terminals. Set. In this way, the security center device 4 groups the plurality of security terminal devices 2 into a plurality of groups corresponding to the plurality of representative terminals, respectively. The security terminal device 2 selected as the representative terminal in the security center device 4 monitors the communication state between the security terminal device 2 set as a subordinate terminal subordinate to the own device and the own device, and displays the result of the monitoring. The security center apparatus 4 is notified. The security center apparatus 4 directly monitors the state of communication between each representative terminal and the security center apparatus 4.

  Further, as a result of monitoring the communication status of the subordinate terminal by the representative terminal or monitoring the communication status of each representative terminal by the security center device 4, the security terminal device 2 in which a communication abnormality is detected (hereinafter referred to as "abnormal terminal"). The security center device 4 directly monitors the communication state, and confirms whether or not the abnormal terminal has been restored and the communication with the security terminal device 4 has been restored to the normal state.

  FIG. 2 is a block diagram illustrating an example of the configuration of the security terminal device 2.

  With reference to FIG. 2, the security terminal device 2 is connected to various sensors 6 via a sensor LAN (Local Area Network) 7. The sensor 6 is provided in a building that is a monitoring area, or at the entrance of the building. The sensor 6 may be a security sensor that outputs a detection signal when detecting an intrusion into the monitoring area, such as an infrared sensor, a magnet sensor, and a glass sensor. Further, for example, the sensor 6 may include a disaster prevention sensor that outputs a detection signal when a fire, a gas leak, or the like is detected, such as a heat sensor, a smoke sensor, and a gas sensor.

  The security terminal device 2 is connected to the Internet 3 via the home router 8. The home router 8 is a network communication relay device having a routing function and a gateway function. In addition to the security terminal device 2, various communication devices 9 are connected to the home router 8. The communication device 9 is a device that performs communication via the Internet 3, and is, for example, a PC, a television, a telephone, or the like. The security terminal device 2 and the communication device 9 share a communication band.

  Note that the security terminal device 2 has at least two operation states of a security set state and a security release state. The guard set state is an operation state in which, when a detection signal from the sensor 6 is received, an alarm signal indicating that an abnormality has occurred in the monitoring area is transmitted to the guard center device 4. The security release state is an operation state in which an alarm signal is not transmitted to the security center device 4 even when a detection signal from the sensor 6 is received. In the following description, the operation state of the security terminal device 2 is referred to as a “security state”.

  When the security state of the security terminal device 2 is set to the security set state, the monitoring area is usually unmanned and the communication device 9 is often not used. Conversely, when the security state of the security terminal device 2 is set to the security release state, the monitoring area is usually manned and the communication device 9 is likely to be used. Note that, for example, an operation in which the security state is set to the security set state while sleeping is performed, but this case can also be regarded as an unattended state where there is no active user.

  The security terminal device 2 includes a control unit 21, a storage unit 22 that is a terminal storage unit, a security state switching unit 23, a sensor LAN interface 24, and a LAN interface 25 that is a terminal communication unit.

  The control unit 21 is connected to the storage unit 22, the security state switching unit 23, the sensor LAN interface 24, and the LAN interface 25. The control unit 21 functions as a security state notification unit 211, a group setting acquisition unit 212, a slave terminal monitoring unit 213, a response unit 214, and an alarm transmission unit 215. The control unit 21 can be realized by an arithmetic device such as an MCU (Micro Control Unit), a CPU (Central Processing Unit), or a DSP (Digital Signal Processor). The control unit 21 can be realized by storing in the storage unit 22 a program describing the procedure of processing performed by each means of the control unit 21, and causing the arithmetic device as described above to read and execute the program. .

  The storage unit 22 stores information necessary for processing performed by the security terminal device 2, a program describing a procedure of processing performed by the control unit 21, and the like. Examples of information stored in the storage unit 22 include a terminal ID assigned to the own device (hereinafter also referred to as “own terminal ID”), an IP address of the security center device 4 (hereinafter also referred to as “center address”), Examples include the security status of the device itself, and terminal attributes (representative terminal or subordinate terminal). When the security terminal device 2 is set as a representative terminal in the security center device 4, dependent terminal information (for example, a terminal ID and an IP address) representing the dependent terminal is also stored in the storage unit 22. The storage unit 22 is realized by a storage device such as an EEPROM (Electrically Erasable Programmable Read Only Memory) and a flash memory.

  The security state switching unit 23 receives a security state switching operation of the security terminal device 2 by the user. The guard state switching unit 23 includes, for example, a switch, an LED (Light Emitting Diode), and an electronic circuit. In this example, the security state switching unit 23 receives a switching operation by the user at the switch, and outputs a signal indicating the result of the switching operation to the control unit 21 by an electronic circuit connected to the switch and the control unit 21. A signal representing the current security state is input / output to / from the control unit 21. Moreover, the current security state is displayed by the LED.

  The sensor LAN interface 24 is an interface circuit that connects the security terminal device 2 and the sensor LAN 7. The control unit 21 receives a detection signal from the sensor 6 using the sensor LAN interface 24.

  The LAN interface 25 is an interface circuit that connects the security terminal device 2 and the Internet 3. The security terminal device 2 uses the LAN interface 25 to communicate with devices such as the security center device 4 via the Internet 3.

  Furthermore, the security terminal device 2 includes clock means and timer means (not shown). The security terminal device 2 can acquire the current time by the clock means, and can measure the time at a predetermined interval by the timer means.

  The security status notifying means 211 reads the center address, the current security status of the own device and the terminal ID from the storage unit 22, acquires the current time (security status switching time) by the clock means, and sets the center address as the destination. A security status notification signal including the security status, the terminal ID, and the current time is generated, and the security status notification signal is transmitted using the LAN interface 25. In this example, the processing by the security status notification unit 211 is performed when a security status switching operation is detected.

  The group setting acquisition unit 212 extracts the terminal attribute and subordinate terminal information described above from the group setting signal received from the security center device 4 and stores them in the storage unit 22.

  The subordinate terminal monitoring unit 213 confirms the communication state of the subordinate terminal that is the monitoring target of the own device, and notifies the security center device 4 of the confirmation result.

  For this purpose, the slave terminal monitoring unit 213 first reads the IP address and the terminal ID of the slave terminal from the storage unit 22, and sends a response request signal (for example, an Echo Request packet) in which the read IP address is set as the destination to the LAN interface 25. And time measurement of a predetermined timeout time (for example, 10 seconds) is started using the timer means. Next, if the response signal (for example, Echo Reply packet) from the dependent terminal is not received via the LAN interface 25 within the timeout period, the dependent terminal monitoring unit 213 determines that a communication abnormality of the dependent terminal has been detected. If it is received, it is determined that the communication of the subordinate terminal is normal. The processing so far (polling processing) is performed for each subordinate terminal. The polling process can be realized by using a “ping” command used in various OSs such as UNIX (registered trademark) OS (Operating System) or Windows (registered trademark) OS.

  In this example, a communication abnormality of the subordinate terminal is notified as a confirmation result. That is, the subordinate terminal monitoring unit 213 reads the center address from the storage unit 22, generates a communication abnormality signal whose destination is the center address including the terminal ID of the subordinate terminal where the communication abnormality is detected, and generates the generated communication abnormality signal. Is transmitted using the LAN interface 25. The processing by the slave terminal monitoring unit 213 is periodically performed when the terminal attribute of the storage unit 22 is set to the representative terminal.

  When the response unit 214 receives a response request signal from the security center device 4 or the subordinate representative terminal, the response unit 214 extracts the IP address of the transmission source from the response request signal and sends a response signal with the extracted IP address as the destination. The response signal is transmitted using the LAN interface 25.

  The alarm transmission unit 215 transmits an alarm signal indicating that an abnormality has occurred in the monitoring area to the security center device 4. For this purpose, the alarm transmission unit 215 reads the center address and the terminal ID from the storage unit 22, generates an alarm signal including the terminal ID with the center address as the destination, and transmits the alarm signal using the LAN interface 25.

  FIG. 3 is a block diagram illustrating an example of the configuration of the security center device 4. The security center device 4 is realized by a general server computer. The security center device 4 includes a control unit 41, a storage unit 42 that is a center storage unit, an input unit 43, a LAN interface 44 that is a center communication unit, and a display unit 45.

  The control unit 41 is connected to the storage unit 42, the input unit 43, the LAN interface 44, and the display unit 45. The control unit 41 includes a terminal information editing unit 411, a security state update unit 412, a route information acquisition unit 413, a group monitoring unit 414, a representative terminal monitoring unit, an individual terminal monitoring unit 415 that is also an abnormal terminal monitoring unit, and a group setting unit 416. , And alarm processing means 417. The control unit 41 is realized by an arithmetic device such as a CPU of a computer. The control unit 41 can be realized by storing in the storage unit 42 a program describing the procedure of processing performed by each means of the control unit 41, and causing the CPU of the computer to read and execute the program.

  The storage unit 42 stores information necessary for processing performed by the control unit 41, a program describing a procedure of processing performed by the control unit 41, and the like. The storage unit 42 is realized by a storage device such as a semiconductor memory and an HDD (Hard Disk Drive).

  Referring to FIG. 3, the storage unit 42 includes a terminal information database 421. The terminal information database 421 is a database that stores information related to communication state monitoring in association with each guard terminal device 2.

  FIG. 4 shows an example of data contents of the terminal information database 421. One row of the table illustrated in FIG. 4 represents a record corresponding to each guard terminal device 2. Referring to FIG. 4, the record corresponding to each guard terminal device 2 includes a terminal ID, an IP address, a guard state, a guard state switching time, a terminal attribute, the number of occurrences of an abnormality, a subordinate terminal, route information, and a route confirmation flag. Each item is registered.

  Among the items of each record in the table illustrated in FIG. 4, the guard state switching time represents the time when each guard terminal device 2 is set to the current guard state. The terminal attribute items include “(representative / subordinate)” and “(abnormal / recovery)” items as subordinate items. The item “terminal attribute (representative / subordinate)” indicates whether each guard terminal device 2 is set as a representative terminal or a subordinate terminal. The item “terminal attribute (abnormal / recovery)” indicates whether or not each guard terminal device 2 is currently detected as an abnormal terminal. The number of abnormal occurrences indicates the number of times each guard terminal device 2 is detected as an abnormal terminal. In the subordinate terminal item, the terminal ID of the subordinate terminal subordinate to each representative terminal is registered. In the record corresponding to the security terminal device 2 set as the subordinate terminal, the value of the subordinate terminal item is empty. In the route information item, an IP address column in which the IP addresses of relay devices that form a communication route between each security terminal device 2 and the security center device 4 are arranged in the order closest to each security terminal device 2 is registered. The The route confirmation flag indicates whether or not processing for confirming whether or not there is a change in the communication route between each security terminal device 2 and the security center device 4 has been executed within a predetermined period. In the example of FIG. 4, if the value of the route confirmation flag item is “1”, the route change confirmation processing has been executed, and if it is “0”, the route change confirmation processing has not yet been executed. It shows that.

  Referring to FIG. 3 again, the storage unit 42 further stores a security target database (not shown). The security target database is associated with the terminal number of each security terminal device 2, and the monitoring area of the security terminal device 2 such as the address of the building where the security terminal device 2 is installed and the contact information of the owner of the building It is a database that stores information related to.

  The input unit 43 is realized by an input device such as a keyboard and a mouse. For example, the controller can input an instruction to the security center device 4 via the input unit 43.

  The LAN interface 44 is an interface circuit that connects the security center device 4 and the Internet 3. The security center device 4 communicates with the security terminal device 2 via the Internet 3 using the LAN interface 44.

  The display unit 45 displays an alarm received from the security terminal device 2 and information on the detected communication abnormality. The display unit 45 is realized by a liquid crystal display or a CRT (Cathode Ray Tube) display.

  Furthermore, the security center device 4 also includes a clock means and a timer means (not shown), and can acquire the current time from the clock means and measure a predetermined time by the timer means.

  The terminal information editing unit 411 registers and adds the security terminal device 2 to the terminal information database 421.

  When the registration request signal from the security terminal device 2 is received, the terminal information editing unit 411 first extracts the terminal ID, the security status, and the IP address of the transmission source from the signal, and the extracted IP address. The route information acquisition means 413 is specified and the route information between the security center device 4 and the security terminal device 2 that is the transmission source of the registration request signal is acquired. Next, the terminal information editing unit 411 updates the terminal information database 421 by adding a record that associates the extracted terminal ID and IP address, the acquired route information, and initial values of other items. Other items "security status", "security status switching time", "terminal attribute (representative / subordinate)", "terminal attribute (abnormal / recovery)", "number of abnormal occurrences", "subordinate terminal", "route confirmation flag The initial values of “” are “release”, current time, “representative”, none (null), 0, none (null), and 0, respectively.

  In addition, when a terminal deletion instruction is detected, the terminal information editing unit 411 performs an update to delete the terminal ID record included in the instruction from the terminal information database 421.

  The security status update unit 412 updates the security status and the security status switching time in the terminal information database 421. Specifically, when the security status update unit 412 receives the security status notification signal from the security terminal device 2, the security status update unit 412 extracts the terminal ID, the security status, and the security status switching time from the signal, and extracts them in the terminal information database 421. The security status and the security status switching time items of the record relating to the terminal ID are rewritten to the extracted security status and security status switching time, respectively.

  When the IP address of the security terminal device 2 is designated, the route information acquisition unit 413 acquires route information representing a communication route from the security center device 4 to the security terminal device 2.

  Specifically, the designated IP address is set as the destination, and the Echo Request packet designated while sequentially increasing from 1 the number of hops (the number of relay devices 5 through which the packet data can pass) is transmitted using the LAN interface 44. Transmitting and corresponding Echo Reply packets are sequentially received using the LAN interface 44. Through this communication, an Echo Reply packet from the relay device 5 corresponding to the specified number of hops or an Echo Reply packet from the security terminal device 2 is received. The transmission of the Echo Request packet is repeated until an Echo Reply packet from the security terminal device 2 is received. Then, the IP addresses of the relay device 5 or the security terminal device 2 included in the received Echo Reply packet are arranged in descending order of the number of hops, and an IP address sequence is generated by adding the IP address of the security terminal device 2 to the head of the IP address. . Such column information of the IP address is route information representing a communication route.

  The processing of the route information acquisition unit 413 can be realized using a “traceroute” command used in a UNIX (registered trademark) OS or a “tracert” command used in a Windows (registered trademark) OS.

  When the group monitoring unit 414 receives the confirmation result confirming the communication state of the subordinate terminal from the representative terminal, the group monitoring unit 414 updates the terminal information database 421 based on the confirmation result and causes the display unit 45 to display information regarding the abnormal terminal.

  For this purpose, the group monitoring unit 414 extracts the terminal ID of the abnormal terminal from the communication abnormality signal as the confirmation result, and sets the “terminal attribute (abnormal / recovery)” of the record relating to the extracted terminal ID to “abnormal” in the terminal information database 421. Update to increase the number of “abnormal occurrences” of the record by one.

  Further, the group monitoring means 414 extracts information associated with the terminal ID of the abnormal terminal from the terminal information database 421 and outputs the extracted information to the display unit 45, or the terminal ID of the abnormal terminal from the security target database. The information associated with is extracted, and the extracted information is output to the display unit 45.

  The individual monitoring means 415 polls the representative terminal and the abnormal terminal to monitor the communication state with these guard terminal devices 2.

  The individual monitoring unit 415 extracts the IP address and terminal ID of the record in which the value of the terminal attribute item is set to “representative” or “abnormal” from the terminal information database 421, and designates the extracted IP address as the destination. Then, a preset timeout time (for example, 10 seconds) is designated, and the polling process using the ping command is performed via the LAN interface 44.

  If a communication abnormality is detected by the polling process for the representative terminal, the individual monitoring unit 415 determines that a new abnormality is detected, and the individual monitoring unit 415 includes an item “terminal attribute (abnormal / recovery)” of the record related to the representative terminal in the terminal information database 421. Update to write “abnormality” in “1” and update to increase “number of occurrences of abnormality” by 1 in the same record. Further, the individual monitoring unit 415 extracts information associated with the representative terminal from the terminal information database 421 and displays the extracted information on the display unit 45 or associates the extracted information with the representative terminal from the security target database. The extracted information is extracted and the extracted information is displayed on the display unit 45.

  If no communication abnormality is detected by the polling process for the abnormal terminal, the individual monitoring unit 415 determines that the communication recovery is detected, and the individual monitoring unit 415 includes the item “terminal attribute (abnormal / recovery)” of the record relating to the abnormal terminal in the terminal information database 421. Update to clear.

  The group setting means 416 sets a group consisting of the representative terminal and the subordinate terminal by setting the security terminal device 2 as the representative terminal or a subordinate terminal that is the monitoring target of the representative terminal, and sets the group to the security terminal device 2. Notice. At this time, the abnormal terminal is excluded from the setting target of the representative terminal and the subordinate terminal.

  In setting the representative terminal, the group setting unit 416 refers to the terminal information database 421 and preferentially determines the guard terminal device 2 whose guard state is the guard set state as the representative terminal.

  An upper limit value and a lower limit value are set in advance for the number of representative terminals. When the number of representative terminals exceeds this range, the group setting unit 416 adjusts the number of representative terminals so that the number is within the range.

  One of the adjustment standards is the number of occurrences of abnormality stored in the terminal information database 421 (the degree of occurrence of communication abnormality in the present invention), and the group setting means 416 generates an abnormality in the security terminal device 2 with a small number of occurrences of abnormality. Adjustment is performed so as to preferentially select the security terminal device 2 having a large number of times. Another reference for adjustment is the guard state switching time (details will be described later).

  In setting the subordinate terminal, the group setting means 416 refers to the terminal information database 421 and selects the security terminal device 2 having a large overlap with the communication path of the representative terminal from the security terminal devices 2 not set as the representative terminal. The subordinate terminal of the representative terminal is determined with priority. An upper limit is set in advance for the number of subordinate terminals set for one group. If the upper limit is exceeded, adjustment is performed so that the subordinate terminal of the representative terminal having the next largest number of overlapping communication paths is determined again.

  The group setting unit 416 generates a group setting signal including information on the set terminal attributes and subordinate terminals, and transmits the group setting signal to the guard terminal device 2 via the LAN interface 44. Also, the set terminal attribute and subordinate terminal information are written in the terminal information database 421.

  When the alarm processing means 417 receives an alarm signal from the security terminal device 2, the alarm processing means 417 extracts the terminal ID from the alarm signal, refers to the security target database, and is associated with the terminal ID extracted from the alarm signal. The monitoring area information is acquired, and the alarm information including the information of the acquired monitoring area and the reception of the alarm signal is displayed on the display unit 45.

  FIG. 5 is a flowchart illustrating an example of a procedure of processing performed in the security terminal device 2. When the security terminal device 2 is connected to the Internet 3 and the sensor LAN 7 and the power is turned on, each unit and each means of the security terminal device 2 starts to operate, and the processing of the flowchart illustrated in FIG. 5 is started.

  First, initialization processing is performed (step S20). In the initialization process, the control unit 21 sets the security state stored in the storage unit 22 to the security release state, and sets the terminal attribute stored in the storage unit 22 to the subordinate terminal. The sensor LAN interface 24 establishes communication with the sensor LAN 7, and the LAN interface 25 establishes communication with the Internet 3. With establishment of communication with the Internet 3, an IP address is assigned to the security terminal device 2. The control unit 21 stores the IP address of the own device in the storage unit 22 and transmits a registration request signal including the terminal ID of the own device and the security state to the security center device 4.

  In step S <b> 21, the control unit 21 confirms whether or not the guard state switching operation is performed in the guard state switching unit 23. If a security state switching operation is detected (YES in step S21), the process proceeds to step S22. If a switching operation is not detected (NO in step S21), the process proceeds to step S24.

  In step S22, the control unit 21 changes the security state stored in the storage unit 22 (changes from the security release state to the security set state or from the security set state to the security release state), and changes the security state after the change. It is displayed on the security state switching unit 23.

  Next, in step S <b> 23, the control unit 21 transmits, to the security center device 4, a security status notification signal including the security status after the change, the terminal ID of the own device, and the current time by the security status notification unit 211.

  In step S24, it is determined whether or not an alarm for notifying the security center apparatus 4 of an occurrence of an abnormality such as an intrusion act or a fire in the monitoring area is transmitted. The control unit 21 determines whether or not a detection signal is input from the sensor 6. When the detection signal is input, the control unit 21 refers to the storage unit 22 to confirm the security state of the security terminal device 2. If the security state is the security set state, the alarm transmission unit 215 causes the alarm signal to be output. Is transmitted to the security center device 4 (step S25). If the detection signal is not input, or if the security state is the security release state (NO in step S24), the process proceeds to step S26 without performing the alarm transmission process.

  In step S <b> 26, the control unit 21 confirms whether a group setting signal is received from the security center device 4.

  If the group setting signal has been received, the control unit 21 causes the group setting acquisition unit 212 to store group setting information (representation terminal / subordinate terminal discrimination, subordinate terminal information, etc.) included in the group setting signal in the storage unit 22. A group setting storage process (step S27) to be stored is performed. Thereafter, the security terminal device 2 refers to the group setting information in the storage unit 22 and recognizes the terminal attribute of the own device. If the group setting signal has not been received (NO in step S26), the process proceeds to step S28 without performing the group setting saving process.

  In step S27, when the terminal attribute included in the group setting signal is “representative terminal”, the control unit 21 obtains the time after elapse of a preset time (for example, 15 seconds) from the current time. The obtained time is stored in the storage unit 22 as the slave terminal monitoring time.

  In step S <b> 28, the control unit 21 refers to the storage unit 22 and confirms whether the terminal attribute of the own device is a representative terminal. If the own device is a representative terminal (YES in step S28), the process proceeds to step S29, and the control unit 21 compares the current time with the subordinate terminal monitoring time stored in the storage unit 22 to determine the subordinate. Check if the terminal monitoring time has arrived. If the slave terminal monitoring time has arrived (YES in step S29), the process proceeds to step S30, and control unit 21 starts slave terminal polling processing by slave terminal monitoring means 213. If the own device is not the representative terminal (NO in step S28) or if the dependent terminal monitoring time has not come (NO in step S29), the process proceeds to step S33 without performing the processing by the dependent terminal monitoring means 213.

  In step S30, the slave terminal monitoring unit 213 polls the IP address of the slave terminal stored in the storage unit 22, and detects a communication abnormality for each slave terminal.

  As a result of the slave terminal polling process, if there is a slave terminal in which a communication abnormality is detected (YES in step S31), the slave terminal monitoring unit 213 performs a communication abnormality notification process (step S32). If there is no dependent terminal in which a communication abnormality is detected (NO in step S31), the process proceeds to step S33 without performing the communication abnormality notification process.

  In step S <b> 32, the slave terminal monitoring unit 213 transmits a communication abnormality signal including the terminal ID of the slave terminal (abnormal terminal) in which the communication abnormality is detected in step S <b> 30 to the security center device 4. Instead of the terminal ID, the IP address of the abnormal terminal may be included in the communication abnormal signal. When the process of step S32 ends, the control unit 21 rewrites the in-group monitoring time stored in the storage unit 22 to a time after a preset time (for example, 15 seconds) has elapsed from the time.

  In step S <b> 33, the control unit 21 determines whether or not a response request signal is received from the subordinate representative terminal or the security center device 4.

  If a response request signal has been received (YES in step S33), control unit 21 uses response means 214 to return a response signal to the device that is the source of the received response request signal (step S34). I do). When the response request signal has not been received (NO in step S33), the response signal transmission process is not performed. When the above process is completed, the process returns to step S21 again.

  In addition, each process of the process (step S22, S23) regarding warning state switching demonstrated with reference to FIG. 5, an alarm transmission process (S25), a group setting preservation | save process (S27), and a response transmission process (S34) is as follows. Each of the interrupt processes that are triggered by the conditions established in the determinations in steps S21, S24, S26, and S33 can be executed in parallel with other processes in a time-sharing manner.

  FIG. 6 is a flowchart illustrating an example of a procedure of processing performed in the security center device 4. When the security center device 4 is connected to the Internet 3 and the power is turned on, a predetermined initialization process is performed, each unit and each means of the security center device 4 starts operating, and the processing of the flowchart illustrated in FIG. 6 is started. Is done. In the initialization process, the control unit 41 stores the current time in the storage unit 42 as the individual monitoring time and the route confirmation time.

  In step S40, the group setting unit 416 sets each security terminal device 2 as a representative terminal or a subordinate terminal, thereby grouping the plurality of security terminal devices 2 into a plurality of groups corresponding to each of the plurality of representative terminals. The process to do is performed. The terminal group determination process in step S40 is performed when the process of the flowchart illustrated in FIG. 6 is executed for the first time, or when the data content of the terminal information database 421 is changed in the process described later by each means of the control unit 41. To be executed. The detailed procedure of the terminal group determination process in step S40 will be described later.

  In step S <b> 41, the control unit 41 confirms whether an alarm signal is received from the security terminal device 2. When the alarm signal is received (YES in step S41), the control unit 21 includes the alarm processing means 417 to indicate that the alarm signal is received and information on the monitoring area where the transmission source security terminal device 2 is installed. An alarm information display process (step S42) for displaying the alarm information on the display unit 45 is performed. By checking the alarm information displayed on the display unit 45, the controller can take measures such as dispatching a guard to the monitoring area. If no alarm signal has been received (NO in step S41), the alarm information display process is not performed.

  In step S <b> 43, the terminal information editing unit 411 confirms whether a registration request signal is received from the security terminal device 2. This registration request signal is a signal transmitted from the security terminal device 2 to the security center device 4 in the initialization process (step S20) of the security terminal device 2 described above with reference to FIG. If a registration request signal has been received (YES in step S43), the process proceeds to a registration process (step S44) by terminal information editing means 411, and if a registration request signal has not been received (NO in step S43). The process proceeds to step S45 without performing the registration process.

  In step S44, the terminal information editing unit 411 first designates the IP address of the transmission source of the received registration request signal, activates the route information acquisition unit 413, and the security terminal device 2 of the transmission source of the registration request signal Route information representing a communication route with the security center device 4 is acquired. Subsequently, the terminal information editing unit 411 creates a record including the terminal ID extracted from the registration request signal, the security state, the IP address, the acquired route information, and initial values of other items in the terminal information database 421. And register. The route information registered in the terminal information database 421 does not include the IP address of the security terminal device 2 itself, but includes only the IP address of the relay device between the security terminal device 2 and the security center device 4. Good.

  When the process in step S44 is completed, the control unit 41 shifts the process to step S40 in order to perform group setting suitable for the registration.

  In step S <b> 45, the control unit 41 confirms whether an instruction to delete terminal information is input from the input unit 43. This deletion instruction is input by operating the input unit 43 by the controller of the security center when a part of the security terminal device 2 is removed from the security system 1 by, for example, cancellation of the security contract. This deletion instruction includes information specifying the terminal ID of the corresponding security terminal device 2. When the deletion instruction is input (YES in step S45), the control unit 41 deletes the terminal ID record included in the deletion instruction from the terminal information database 421 by the terminal information editing unit 411 (step S46). )I do. Thereafter, in order to perform group setting suitable for the deletion, the control unit 41 shifts the processing to step S40. If no deletion instruction has been input (NO in step S45), the deletion process is not performed and the process proceeds to step S47.

  In step S <b> 47, the control unit 41 confirms whether or not a guard state notification signal is received from the guard terminal device 2. When the guard state notification signal is received (YES in step S47), the control unit 41 uses the guard state update unit 412 to record the record regarding the guard terminal device 2 that has transmitted the guard state notification signal in the terminal information database 421. Update processing (step S48) is performed to update the guard state and the guard state switching time to the guard state and the guard state switching time included in the guard state notification signal. Thereafter, the control unit 41 shifts the processing to step S40 in order to perform group setting suitable for the update. When the guard state notification signal has not been received (NO in step S47), the update process is not performed and the process proceeds to step S47.

  In step S49, the control unit 41 confirms whether a communication abnormality signal is received from the representative terminal. If a communication abnormality signal has been received (YES in step S49), the process proceeds to step S50, and the process by group monitoring means 414 is started. If a communication abnormality signal has not been received (NO in step S49), the process proceeds to step S51.

  In step S50, the group monitoring unit 414 first extracts the terminal ID of the abnormal terminal included in the received communication abnormal signal. Next, the group monitoring unit 414 refers to the terminal information database 421, acquires a record of the terminal ID of the abnormal terminal, sets the value of the item “terminal attribute (abnormal / recovery)” of the record to “abnormal”, Increase the value of the item of the number of occurrences of abnormality by 1.

  In addition, the group monitoring unit 414 performs processing for causing the display unit 45 to display abnormality information related to the abnormal terminal. For example, information indicating the occurrence of a communication abnormality, the terminal ID and IP address of the abnormal terminal, the communication path between the abnormal terminal and the security center device 4, information on the monitoring area where the abnormal terminal is installed (address, contact information, etc.) Is displayed on the display unit 45. The abnormal information displayed on the display unit 45 is acquired by searching the terminal information database 421 and the security target database based on the terminal ID of the abnormal terminal.

  The controller stationed at the security center can cope with the communication abnormality by checking the abnormality information displayed on the display unit 45. For example, the controller operates the input unit 43 and executes the above ping command with the IP address of the abnormal terminal displayed on the display unit 45 as the destination, so that each abnormal terminal and the security center device 4 can You can check the communication status. In addition, for example, by executing the above ping command for each relay device included in the communication path between each abnormal terminal and the security center device 4, it is possible to identify the relay device in which the communication abnormality has occurred. it can. In addition, if necessary, the controller notifies the owner of the building in the monitoring area where the abnormal terminal is installed or the provider providing the connection of the abnormal terminal to the Internet 3 about the occurrence of the communication abnormality. Can also be dealt with.

  After the process of step S50 described above, the group monitoring unit 414 notifies the group setting unit 416 that the terminal information database 421 has been updated, and the process proceeds to step S40.

  In step S51, the individual monitoring unit 415 compares the current time with the individual monitoring time stored in the storage unit 42 and confirms whether the individual monitoring time has arrived. If the individual monitoring time has arrived (YES in step S51), the process proceeds to step S52, and control unit 41 starts processing by individual monitoring means 415. If the individual monitoring time has not come (NO in step S51), the process proceeds to step S55.

  In step S52, the individual monitoring unit 415 first polls the guard terminal device 2 set in the terminal information database 421 as the representative terminal and the abnormal terminal. When the polling is finished, the individual monitoring unit 415 rewrites the individual monitoring time stored in the storage unit 42 to a time after a preset time (for example, 15 seconds) has elapsed from the time.

  In subsequent step S53, the individual monitoring means 415 has one or more representative terminals (new abnormal terminals) in which communication abnormality is detected in step S52 or one or more abnormal terminals (recovered terminals recovered from communication abnormality) in which no abnormality is detected. If detected, the process proceeds to step S54. If neither a new abnormal terminal nor a recovery terminal is detected, the process proceeds to step S55.

  In step S54, the individual monitoring unit 415 performs a process of updating the data content of the terminal information database 421. That is, the value of the item of the terminal attribute is set to “abnormal” in the record of the new abnormal terminal, and the value of the item of the number of occurrences of abnormality is increased by 1. Clear the value of the item of terminal attribute (abnormal / recovery) in the recovery terminal record (meaning that it is not an abnormal terminal). The recovery terminal is set again by the group setting means 416, and can be returned to group monitoring with a low communication load of the security center device 4.

  Furthermore, when a new abnormal terminal is detected in step S53, the individual monitoring unit 415 causes the display unit 45 to display the same abnormal information as described above with respect to step S50 for the guard terminal device 2.

  After the process of step S54, the process proceeds to step S40.

  In step S55, the control unit 41 compares the current time with the route confirmation time stored in the storage unit 42 to confirm whether or not the route confirmation time has arrived. If the route confirmation time has arrived (YES in step S55), the process proceeds to step S56. If the route confirmation time has not arrived (NO in step S55), the process returns to step S41.

  In step S56, the control unit 41 reads any one of the records whose route confirmation flag item value is “0” in the terminal information database 421, and designates the IP address included in the record. Then, by executing the route information acquisition means 413, the route information representing the communication route between the security terminal device 2 and the security center device 4 corresponding to the read record is acquired. Next, the control unit 41 compares the path information included in the read record with the acquired path information, and detects a path change if the two do not match.

  Next, the route information acquisition unit 413 updates the route confirmation time stored in the storage unit 42 to a time after a predetermined time (for example, 60 seconds) has elapsed from the route confirmation time, and the terminal information database In 421, the value of the item of the route confirmation flag included in the record corresponding to the guard terminal device 2 that is the subject of the route confirmation process is set to “1”.

  As described above, every time the route confirmation time arrives, the terminal information database 421 sequentially confirms the change of the communication route for the guard terminal device 2 corresponding to the record whose route confirmation flag item value is “0”. By doing so, it is possible to confirm the change in the communication path with the security center device 4 without any deviation for each of the security terminal devices 2. When the value of the route confirmation flag item included in all the records registered in the terminal information database 421 is “1”, the value of the route confirmation flag item of all the records is reset to “0”. To do.

  If a route change is detected in step S56 (YES in step S57), control unit 41 proceeds to step S58. If no route change is detected (NO in step S57), control unit 41 performs processing. Is returned to step S41.

  In step S58, the control unit 41 rewrites the value of the route information item of the record corresponding to the guard terminal device 2 subjected to the route confirmation process in the terminal information database 421 to the route information acquired in step S56. Thereafter, the control unit 41 shifts the processing to step S40 in order to perform group setting suitable for the update.

  The processes in steps S42, S44, S46, S48, and S50 described with reference to FIG. 6 are interrupt processes that are executed when the conditions in the determination processes in steps S41, S43, S45, S47, and S49 are satisfied. It can be executed in parallel with other processes in a time-sharing manner.

  Hereinafter, the terminal group determination process in step S40 of FIG. 6 will be described with reference to FIG. When the process of step S40 of FIG. 6 is started, the process of the flowchart illustrated in FIG. 7 is started.

  Referring to FIG. 7, first, in step S400, group setting means 416 stores the values of the items “terminal attribute (representative / subordinate)” and “subordinate terminal” included in each record registered in terminal information database 421. Back up to the unit 42.

  In step S401, the group setting unit 416 deletes the values of the items “terminal attribute (representative / subordinate)” and “subordinate terminal” included in each record registered in the terminal information database 421.

  In step S402, the group setting unit 416 refers to the terminal information database 421, and selects the guard terminal device 2 whose guard state is the guard set state and is not an abnormal terminal as a representative terminal. In other words, from the records registered in the terminal information database 421, a record in which the value of the item of the security state is the security set state is extracted, and “abnormal” is set as the value of the “terminal attribute (abnormal / recovery)” item of the record. "Is not set, the value of the item" terminal attribute (representative / subordinate) "of the record is set to" representative ".

  When the security terminal device 2 is set to the security set state, whether or not the alarm signal from the security terminal device 2 reliably reaches the security center device 4 as compared to the case where the security terminal device 2 is set to the security release state, That is, it is more necessary to monitor whether the communication state between the security terminal device 2 and the security center device 4 is normal. Therefore, the security terminal device 2 in the security set state is preferentially selected as the representative terminal for which the security center device 4 directly monitors the communication state within the limited communication capacity.

  In addition, when the security terminal device 2 is set to the security set state, the communication device 9 that shares the communication band with the security terminal device 2 in the monitoring area is usually compared with the case where the security terminal device 2 is set to the security release state. Is unlikely to be used. Therefore, it is difficult for the security terminal device 2 in the security set state and the communication device 9 to compete for the use of the communication band. That is, when the security terminal device 2 in the security set state is the representative terminal, the communication for the slave terminal polling process (step S30 in FIG. 5) is less likely to prevent the communication device 9 from using the communication band. The use of the communication band by the communication device 9 also prevents the security terminal device 2 from interfering with the communication for the slave terminal polling process. Moreover, the security terminal device 2 which cannot be monitored is not set by excluding the abnormal terminal from the setting target of the representative terminal. Also, contention can be avoided without using a device that measures the usage status of the communication band.

  Thereafter, in steps S403 to S406, the group setting means 416 determines that the value of the item of “terminal attribute (representative / subordinate)” in the number of guard terminal devices 2 selected as representative terminals (that is, “terminal attribute (representative / subordinate)” is “representative”. The number of representative terminals is adjusted so that the number of records set to “” falls within a preset value range.

  First, in step S403, the group setting unit 416 determines whether or not the number of representative terminals selected in step S402 exceeds the preset upper limit of the number of representative terminals. This upper limit is set in such a range that the communication amount required in the individual monitoring process for the representative terminal (step S52 in FIG. 6) does not exceed the communication capacity in the network on the security center device 4 side.

  When the number of representative terminals exceeds the upper limit, the process proceeds to step S404, and when it is equal to or less than the upper limit, the process proceeds to step S405.

  In step S404, the security terminal device 2 selected as the representative terminal is removed from the representative terminal in order from the security terminal device 2 with the highest number of occurrences of abnormality stored in the corresponding record in the terminal information database 421 (the corresponding record The process of “clear terminal attribute (representative / subordinate)” is repeated until the number of representative terminals is less than or equal to the upper limit. For the security terminal device 2 having the same number of occurrences of abnormality, the security terminal switching time (that is, the time set in the security set state) is removed from the representative terminal in order from the oldest security terminal device 2. This is because the security terminal device 2 with the older time set in the security set state is considered to be switched to the security release state after a shorter time.

  In step S405, the group setting unit 416 determines whether or not the number of guard terminal devices 2 selected as the representative terminal is less than the preset lower limit of the number of representative terminals. This lower limit is determined based on the upper limit of the number of subordinate terminals set in one group. The upper limit of the number of subordinate terminals set in one group is such that the amount of communication required in the subordinate terminal polling process (step S30 in FIG. 5) does not exceed the communication capacity in the network on the average guard terminal device 2 side. It is preset in the range. The lower limit of the number of representative terminals is larger than the number obtained by dividing the total number of security terminal devices 2 connected to the security center device 4 by the upper limit of subordinate terminals set in one group, and smaller than the upper limit of the number of representative terminals. Set to a value.

  If the number of representative terminals is less than the lower limit, the process proceeds to step S406, and if it is equal to or greater than the lower limit, the process proceeds to step S407.

  In step S406, the group setting unit 416 adds the security terminal devices 2 that have not been selected as the representative terminal to the representative terminals in order from the security terminal device 2 with the smallest number of occurrences of abnormality (records in the corresponding terminal information database 421). The “terminal attribute (representative / subordinate)” value is set to “representative”) is repeated until the number of representative terminals reaches the lower limit. For the security terminal device 2 having the same number of occurrences of abnormality, the security terminal switching time (that is, the time set to the security release state) is added to the representative terminal in order from the oldest security terminal device 2. This is because it is considered that the security terminal device 2 with the older time set to the security release state is switched to the security set state after a shorter time.

  As described above, in the processes of steps S403 to S406, the frequency of terminal group change can be suppressed by adjusting the number of representative terminals based on the number of occurrences of abnormality and the guard state switching time.

  Further, statistical processing may be performed for the time when each security terminal device 2 is set to the security set state, and the number of representative terminals may be adjusted (steps S404 and S406) based on the result of the statistical processing. For example, for each security terminal device 2, an average (average set time) of the time set in the security set state in one day in a predetermined period (for example, the latest one month) is obtained, and this average set time is short. It is conceivable to remove the terminal device 2 from the representative terminal (step S404) or add the guard terminal device 2 having a long average set time to the representative terminal (step S406).

  When the adjustment of the number of representative terminals is completed, in step S407, the group setting means 416 assigns each of the security terminal devices 2 that are not selected as the representative terminals and are not abnormal terminals to one of the representative terminals. A process of setting as a subordinate terminal subordinate to is performed.

  In step S407, first, the group setting unit 416 does not set “representative” in the item “terminal attribute (representative / subordinate)” from the terminal information database 421 and “terminal attribute (abnormal / recovery)”. One record that is not set to “abnormal” in the item “” is extracted. Next, the value of the item “route information” included in the extracted record is compared with the value of the item “route information” included in the record corresponding to each representative terminal, and Select representative terminals with many duplicates. Then, the security terminal device 2 corresponding to the extracted record is set as a subordinate terminal subordinate to the selected representative terminal. Here, in the comparison of the route information, the route information is compared in order from the head (the side closer to the guard terminal device 2), and it is determined that there is more overlap as the number of matching relay devices is larger. When the representative terminal is selected, the terminal ID of the security terminal device 2 to be processed is added to the item “subordinate terminal” of the record corresponding to the selected representative terminal in the terminal information database 421, and the security of the processing target is selected. The item “terminal attribute (representative / subordinate)” of the record corresponding to the terminal device 2 is set to “subordinate”. In the terminal information database 421, the above processing is not set as “representative terminal” in the “terminal attribute (representative / subordinate)” item, and “abnormal” is set in the “terminal attribute (abnormal / recovery)” item. Do this for all records that are not set to "terminal".

  As a result of the above-described comparison of the route information, if the representative terminal selected as the subordinate destination of the guard terminal device 2 has already been set with the maximum number of subordinate terminals set to one group, Next to the selected representative terminal, a representative terminal having route information that is frequently overlapped with the route information of the security terminal device 2 to be processed is selected again as a subordinate destination.

  As described above, by the processing in step S407, the security terminal devices 2 having many overlapping portions in the communication path with the security center device 4 belong to the same group. Therefore, it is expected that the representative terminal and its subordinate terminal are close to each other in a network, and quick and reliable communication is performed in the subordinate terminal polling process (step S30 in FIG. 5) by the representative terminal.

  Further, since the security center device 4 directly monitors the communication state between each representative terminal and the security center device 4, the representative terminal and the security center device are in the communication path between each subordinate terminal and the security center device 4. 4 is directly monitored by the security center device 4. Therefore, when each subordinate terminal is subordinated to a representative terminal having a communication path with more overlapping portions in the communication path between the security center apparatus 4, the security is protected in the communication path between each subordinate terminal and the security center apparatus 4. More parts are directly monitored by the center device 4, and the reliability of communication monitoring for each subordinate terminal is improved. Further, since the abnormal terminal is excluded from the setting target of the subordinate terminal, the notification by the representative terminal is not repeated and the communication load on the user side can be reduced.

  Next, in step S <b> 408, the group setting unit 416 determines the values of the items “terminal attribute (representative / subordinate)” and “subordinate terminal” of each record stored as a backup in the storage unit 42, and the terminal information database 421. The value of the same item of the corresponding record is compared, and the record corresponding to the guard terminal device 2 having a change in the terminal attribute or subordinate terminal is extracted.

  After that, in step S409, the group setting unit 416 determines whether the changed terminal attribute (representative / subordinate) from each of the records extracted in step S408, and the subordinate dependent on the changed terminal attribute if it is a representative terminal. Read the terminal ID of the terminal. Then, based on the terminal IDs of the read dependent terminals, the IP addresses of these dependent terminals are acquired from the terminal information database 421. Next, a group setting signal including terminal attribute (representative / subordinate) and subordinate terminal information (terminal ID and IP address of the subordinate terminal) is generated if the terminal attribute is a representative terminal. And the produced | generated group setting signal is transmitted with respect to the security terminal device 2 corresponding to each record.

  When the process of step S409 ends, the terminal group determination process ends, and the process returns to step S41 of FIG.

  A specific example of the terminal group determination process described above with reference to FIG. 7 will be described below.

  FIG. 8 shows that in the security system 1 having the configuration illustrated in FIG. 1, when the data illustrated in FIG. 4 is registered in the terminal information database 421, the security state of the security terminal device 2-4 is the security release state. The data content of the terminal information database 421 at the time of switching to the security set state from is shown. Further, FIG. 9 shows the data content of the terminal information database 421 at the time when a communication abnormality is detected for the guard terminal device 2-8 from the state of FIG.

  In the following description, it is assumed that the security center device 4 has already acquired route information from each security terminal device 2. 1, 4, 8, and 9, the route information of the security terminal devices 2-1 to 2-3 is “B, A”, and the route information of the security terminal devices 2-3, 2-4 is The route information of “D, C, A” and the security terminal devices 2-5 to 2-8 is “E, C, A”.

  In the specific example described below, the number of representative terminals to be selected is always within a preset value range, and the number of guard terminal devices 2 set as subordinate terminals of each representative terminal is as follows. Suppose that it is always below the upper limit of the number of subordinate terminals in one group.

  First, an example of the terminal group determination process when the content of the terminal information database 421 is changed from the content shown in FIG. 4 to the content shown in FIG. 8 will be described. The item of “security state” in the record of the terminal ID “4” is updated (steps S47 and S48 in FIG. 6), and the processing by the group setting unit 416 (FIG. 7) is started.

  The group setting unit 416 backs up the data content illustrated in FIG. 4 and then clears the “terminal attribute (representative / subordinate)” and “subordinate terminal” items in the terminal information database 421 (steps S400 and S401).

  Next, the group setting means 416 determines the security terminal devices 2-1 and 2-4 in the security set state as representative terminals, and records “terminal attributes (representative / subordinate) in the records of the terminal IDs“ 1 ”and“ 4 ”. "Is set to" representative "(steps S402 to S406).

  Subsequently, the group setting unit 416 determines a subordinate terminal subordinate to each representative terminal.

  First, the route information “B, A” of the security terminal device 2-2 is duplicated in the two nodes (relay devices) with the route information “B, A” of the security terminal device 2-1 (representative terminal). The route information “D, C, A” of the device 2-4 (representative terminal) overlaps with one node. As a result, the security terminal device 2-2 is determined as a subordinate terminal of the security terminal device 2-1 having more overlapping parts in the route information. Therefore, the terminal ID “2” is written in the item “subordinate terminal” of the record of the terminal ID “1”, and “subordinate” is added to the item “terminal attribute (representative / subordinate)” of the record of the terminal ID “2”. "Is written.

  Similarly, the security terminal apparatus 2-3 is determined as a subordinate terminal of the security terminal apparatus 2-1, and the terminal ID “3” is added to the item “subordinate terminal” of the record of the terminal ID “1”. “Subordinate” is written in the item “terminal attribute (representative / subordinate)” of the record “3”.

  Since the route information “D, C, A” of the security terminal device 2-5 overlaps with the route information of the security terminal device 2-1, the node overlaps with the route information of the security terminal device 2-4. The security terminal device 2-5 is determined as a subordinate terminal of the security terminal device 2-2, the terminal ID “5” is written in the item “subordinate terminal” of the record of the terminal ID “4”, and the terminal ID “ “Subordinate” is written in “Terminal attribute (representative / subordinate)” of the record “5”.

  The route information “E, C, A” of the security terminal devices 2-6 to 2-8 is one node overlapping with the route information of the security terminal device 2-1, and 2 from the route information of the security terminal device 2-4. Since the nodes overlap, the security terminal devices 2-6 to 2-8 are determined as subordinate terminals of the security terminal device 2-4. Therefore, the terminal IDs “6”, “7”, and “8” are added to the item “subordinate terminal” of the record of the terminal ID “4”, and the terminal IDs “6”, “7”, and “8” are added. “Subordinate” is written in “Terminal attribute (representative / subordinate)” of the record (step S407).

  Subsequently, the group setting unit 416 compares the contents of the updated terminal information database 421 (FIG. 8) with the backed up contents (FIG. 4) to determine “terminal attribute (representative / subordinate)” or “subordinate A record in which the item “terminal” has been changed is extracted (step S408). In this example, records corresponding to the security terminal devices 2-1 and 2-4 are extracted. And the information of a terminal attribute and a subordinate terminal is transmitted with respect to each of the security terminal devices 2-1 and 2-4 (step S409).

  After the above terminal group determination processing, the security terminal devices 2-1 and 2-4 that have become representative terminals are directly monitored by the security center device 4 (step S52 in FIG. 6). The security terminal device 2-1 monitors the security terminal devices 2-2 and 2-3, and the security terminal device 2-4 monitors the security terminal devices 2-5 to 2-8 (step S30 in FIG. 5).

  Next, an example in which the content of the terminal information database 421 is changed from the content shown in FIG. 8 to the content shown in FIG. 9 will be described.

  In the security terminal device 2-4, which is a representative terminal to which the security terminal device 2-8 depends, a communication abnormality of the security terminal device 2-8 is detected by the slave terminal polling process (step S30 in FIG. 5) (step S31). ) When a communication abnormality notification signal is transmitted to the security center device 4 (step S32), the value of the item “terminal attribute (abnormal / recovery)” of the record of the terminal ID “8” in the terminal information database 421 is “abnormal”. (Steps S49 and S50 in FIG. 6), and the processing by the group setting means 416 is started.

  The processing from step S400 to S406 is the same as the specific example described above with reference to FIG. 8, and the security terminal devices 2-1 and 2-4 in the security set state are determined as representative terminals.

  The processing in step S407 is also the same as the example described with reference to FIG. 8 for the security terminal devices 2-2, 2-3, 2-5, 2-6, and 2-7, and the security terminal device 2-2. , 2-3 are determined as subordinate terminals of the security terminal device 2-1, and the security terminal devices 2-5 to 2-7 are determined as subordinate terminals of the security terminal device 2-4. However, in the case of this example, since the security terminal device 2-8 is an abnormal terminal (FIG. 9), it is excluded from the processing target of step S407.

  Subsequently, the group setting means 416 compares the backup information (contents of FIG. 8) of the terminal information database 421 with the updated terminal information database 421 (contents of FIG. 9), and records in the record of the terminal ID “4”. Since the value of the item “subordinate terminal” is changed, the record of the terminal ID “4” is extracted (step S408), and the terminal attribute and the subordinate terminal information are sent to the corresponding guard terminal device 2-4. Transmit (step S409).

  After the above terminal group determination processing, the security terminal devices 2-1 and 2-4 that are representative terminals and the security terminal device 2-8 that is an abnormal terminal are directly monitored by the security center device 4. The security terminal device 2-1 monitors the security terminal devices 2-2 and 2-3, and the security terminal device 2-4 monitors the security terminal devices 2-5 to 2-7.

  In the embodiment described above, each time the contents of the terminal information database 421 are updated, the terminal group determination process (step S40 in FIG. 6, FIG. 7) is performed. In another embodiment, the terminal group determination process may be performed at a preset time interval (for example, every 10 minutes). If the update process of the terminal information database 421 (steps S43 to S58 in FIG. 6) is performed as needed, the update contents generated in the terminal information database 421 between the previous terminal group determination process and the current terminal group determination process are stored. The terminal group is determined reflecting all.

  In the embodiment described above, the number of occurrences of abnormality is adopted as the degree of occurrence of communication abnormality. However, data in which the terminal ID of the abnormal terminal is associated with the time when the communication abnormality is detected is stored in the storage unit 42. The result of statistical processing of these data may be stored in the terminal information database 421 as the degree of communication abnormality instead of the number of abnormality occurrences. For example, for each security terminal device 2, the abnormality occurrence frequency obtained by counting the number of communication anomalies in a predetermined period (for example, the last one month) can be set as the occurrence degree of the communication anomaly. Further, for example, for each security terminal device 2, an average time (MTBF, Mean Time Before Failure) from when the security terminal device 2 starts to operate until a communication abnormality occurs is obtained. The interval can be the degree of occurrence of communication abnormality. Further, for example, the operating rate of each security terminal device 2 can be set as the degree of occurrence of communication abnormality. The operating rate of each security terminal device 2 is the average failure interval with respect to the sum of the above-mentioned average failure interval and the average required time (average repair interval; MTTR, Mean Time to Repair) from when a communication abnormality occurs to recovery. It is obtained by calculating the ratio. Further, for example, a value obtained by weighting and adding two or more numerical values out of the numerical values described above may be used as the degree of occurrence of communication abnormality. In any of the above-described examples, when the number of representative terminals exceeds the upper limit, communication is performed when the number of representative terminals is less than the lower limit in order from the guard terminal device 2 that is higher in the degree of occurrence of communication abnormality. The security terminal device 2 having a low degree of abnormality is added to the representative terminal in order.

  In the embodiment described above, the route information indicating the communication path between each security terminal device 2 and the security center device 4 is traceroute command with the IP address of each security terminal device 2 in the security center device 4 as the destination. (Or tracert command) is acquired and registered in the terminal information database 421. In another example, each security terminal device 2 executes a traceroute (tracert) command with the IP address of the security center device 4 as a destination, and acquires information on a communication path between the own device and the security center device 4, The acquired route information may be transmitted to the security center device 4.

  In the embodiment described above, the group setting means 416 of the security center device 4 transmits a group setting signal when the setting is changed, and the control unit 21 of the security terminal device 2 periodically refers to the current time. In particular, the slave terminal monitoring means 213 monitors the slave terminal. In another embodiment, the response request signal periodically transmitted by the individual monitoring unit 415 of the security center apparatus 4 includes the terminal ID of the subordinate terminal and transmits it to the representative terminal, and the control unit 21 of the security terminal apparatus 2 responds. When the request signal is received, the slave terminal monitoring means 213 monitors the slave terminal. In this case, the dependent terminal monitoring unit 213 extracts the terminal ID of the dependent terminal from the response request signal and performs monitoring each time.

  In the embodiment described above, the slave terminal monitoring unit 213 transmits a communication abnormality signal including the terminal ID of the slave terminal that detected the communication abnormality as a monitoring result to the security center apparatus 4. In another embodiment, the dependent terminal monitoring unit 213 transmits the terminal ID of the dependent terminal whose communication is normal to the security center device 4. In this case, the group monitoring unit 414 refers to the terminal information database 421 and determines that a dependent terminal that is subordinate to the representative terminal that transmitted the terminal ID but is not included in the received terminal ID is in communication abnormality. be able to. In another embodiment, the subordinate terminal monitoring unit 213 transmits the terminal IDs of all subordinate terminals that are distinguished from communication abnormality or normal communication to the security center device 4 as a confirmation result.

  In the embodiment described above, the group setting unit 416 excludes abnormal terminals from the setting targets of the representative terminal and the subordinate terminals. In another embodiment, the group setting unit 416 excludes the abnormal terminal from the setting target of the representative terminal but does not exclude it from the setting target of the subordinate terminal. In this case, the subordinate terminal monitoring unit 213 transmits the terminal IDs of all subordinate terminals that have been identified as communication errors or normal communication as confirmation results to the security center apparatus 4. In this case, the abnormal terminal is set as a subordinate terminal of one of the representative terminals, and instead of detecting the communication recovery by the individual monitoring unit 415, the group monitoring unit 414 that has received the confirmation result restores the communication of the abnormal terminal. Confirm and update the terminal information database 421.

It is a block diagram which shows the example of a structure of a security system. It is a block diagram which shows the example of a structure of the security terminal device in one embodiment of this invention. It is a block diagram which shows the example of a structure of the security center apparatus in one embodiment of this invention. In one Embodiment of this invention, it is a figure which shows the example of the data content of the terminal information database with which a security center apparatus is provided. In one Embodiment of this invention, it is a flowchart which shows the example of the procedure of the process which a security terminal device performs. In one embodiment of this invention, it is a flowchart which shows the example of the procedure of the process which a security center apparatus performs. In one Embodiment of this invention, it is a flowchart which shows the example of the partial procedure of the process which a security center apparatus performs. In one Embodiment of this invention, it is a figure which shows the other example of the data content of the terminal information database with which a security center apparatus is provided. In one Embodiment of this invention, it is a figure which shows the other example of the data content of the terminal information database with which a security center apparatus is provided.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 Security system, 2 Security terminal device, 3 Internet, 4 Security center apparatus, 5 Relay device, 6 Sensor, 7 Sensor LAN, 8 Home router, 9 Communication equipment, 21,41 Control part, 22,42 Storage part, 23 Security Status switching unit, 24 sensor LAN interface, 25, 44 LAN interface, 43 input unit, 45 display unit, 211 security status notification unit, 212 group setting acquisition unit, 213 subordinate terminal monitoring unit, 214 response unit, 215 alarm transmission unit, 411 Terminal information editing means, 412 Security state update means, 413 Route information acquisition means, 414 Group monitoring means, 415 Individual monitoring means, 416 Group setting means, 417 Alarm processing means, 421 Terminal information database.

Claims (5)

A security terminal that monitors the occurrence of an abnormality in the monitoring area and a center device that centrally monitors the plurality of security terminals are connected to be communicable via a network, and monitors the occurrence of the abnormality in the monitoring area and the communication state of the security terminal. A security system,
The center device is
A center storage unit that stores a terminal code including an address on the network of the security terminal in association with a security state indicating whether the current monitoring area is unmanned or manned;
A center communication unit that communicates with the security terminal via the network;
Upon receiving the security status from the security terminal, security status update means for updating the security status of the security terminal;
The unguarded security terminal is given priority over the manned security terminal as a representative terminal, and the security terminal other than the representative terminal is subordinate to any of the representative terminals, and is subordinated to the representative terminal. Group setting means for transmitting the terminal code of the guard terminal to the representative terminal;
A display unit for notifying the confirmation result received from the security terminal,
The security terminal
A terminal storage unit storing the current security state of the self;
A terminal communication unit that communicates with the center device and the other security terminal via the network;
Security status notification means for transmitting the security status of the terminal storage unit to the center device;
Subordinate terminal monitoring means for transmitting a response request signal to the security terminal of the terminal code received from the center device and confirming reception of the response signal from the security terminal, and transmitting a confirmation result to the center device;
A security system comprising: response means for returning the response signal to a transmission source of the response request signal when the response request signal is received. In the security system according to claim 1,
The center device transmits the response request signal to the representative terminal and confirms reception of the response signal from the representative terminal. If the reception of the response signal cannot be confirmed, a communication abnormality of the representative terminal is displayed on the display unit. A security system further comprising representative terminal monitoring means for informing. In the security system according to claim 1 or 2,
The center device further comprises route information acquisition means for acquiring a communication route between the center device and the security terminal and storing the acquired communication route in the center storage unit in association with the security terminal. ,
The group setting means compares the communication paths stored in the center storage unit, and selects a security terminal other than the representative terminal for the communication path having a larger number of overlapping portions with the communication path of the security terminal. A security system dependent on the representative terminal. In the security system according to any one of claims 1 to 3,
The group setting means is a security terminal that cannot confirm reception of the response signal in the confirmation result, or a security terminal that is unable to confirm reception of the response signal in the confirmation result and the representative terminal monitoring means A security system in which a security terminal that cannot confirm receipt of a response signal is not the representative terminal. In the security system according to any one of claims 1 to 4,
The center device calculates a degree of occurrence of communication abnormality for each security terminal based on the confirmation result or the confirmation result and the result of reception of the response signal in the representative terminal monitoring unit, and stores it in the center storage unit. An abnormality degree calculation means for causing
When the number of selected representative terminals exceeds the predetermined number, the group setting unit removes a security terminal having a higher degree of occurrence of communication abnormality from the representative terminal, or has a lower degree of occurrence of communication abnormality. A security system comprising: a representative terminal adjustment unit that adds a security terminal to the representative terminal.

Images