RU2295775C2 - Monitoring system - Google Patents

Abstract

FIELD: engineering of equipment for signaling, monitoring, observing and controlling moving and stationary objects.

SUBSTANCE: system features network and object routers, provided with modules for creating virtual private communication network and communication controllers. Operation is ensured via communication channels made in form of wired, fiber-optic, satellite, cell communication or radio communication channels. Also provided is connection through communication channels to Internet network. System is made with possible transfer of data from object blocks to observation panel by means of packet data transfer and operates with mobile cell phone communication network. Also provided are devices for connecting video cameras, acoustic and dactyloscopic devices, devices for transformation of information to digital files and transfer thereof to observation panel. System contains group of additional observation panels, connected to each other via local communication network. Object blocks of system have uninterruptible power supplies with inbuilt accumulators.

EFFECT: expanded zone of protection and monitoring of objects, increased number of simultaneously queried object blocks, shorter time and improved guarantee of delivery of messages, improved protection of data being transferred, ensured transfer of multimedia messages.

19 cl, 1 dwg

Description

The invention relates to alarm systems, security, control, monitoring and control of remote objects, and can be used for fire and security alarm systems, video surveillance, as well as for transmitting various types of messages from objects to the monitoring station and back through communication channels.

The known alarm system "Cyclone" (TU 25-08.430-80, TU 25-08.431-80, TU 25-08.432-80 Security Equipment, No. 1/94), containing groups of subscriber sets connected respectively to a group of hubs that are connected in parallel a dedicated line of communication with the central monitoring station (CMS), and all the concentrators in the group are additionally connected to each other in parallel with the control bus.

The disadvantage is the low reliability of this burglar alarm system, which is associated with a large number of false alarms due to a decrease in the level of the continuous frequency signal transmitted from the guarded object when the telephone line is degraded, and the inability to protect objects with which there are no telephone lines.

A known fire alarm system (RF Patent No. 2177179), containing a group of subscriber kits, a group of central monitoring consoles, each of which contains a primary and backup control file device, a group of hubs, the first group of inputs / outputs of each of which is connected to the corresponding subscriber kits , the second group of inputs / outputs is connected to the corresponding telephone lines of the PBX, and the third group of inputs / outputs is connected to the corresponding inputs / outputs of the main and rvnogo control device file corresponding to central monitoring.

The disadvantage of this system is the lack of a backup communication channel with a subscriber set and the inability to protect objects that are not connected to the system by wired communication lines, the inability to monitor and protect mobile objects.

Closest to the technical nature of the proposed solution is a monitoring system (Patent No. WO 99/48070 (PCT / GB99 / 00694)), containing a group of object blocks connected to the corresponding GSM mobile phones, the inputs and outputs of which are transmitted via a GSM communication channel, via a modem GSM connected to the monitoring console.

This monitoring system works as follows.

In the memory of object blocks or their access devices, made in the form of GSM telephones, the telephone number of the monitoring station as a GSM subscriber is entered in advance, by which it is necessary to send messages by dialing or sending an SMS message. Similarly, the monitoring console, made on the basis of a PC-type computer, also introduced the numbers of GSM mobile phones of the object blocks as GSM subscribers, and a GSM modem is connected to the console. The object block monitors the state changes of the alarm sensors connected to it. In the event of a change in the status of any sensor, it activates its GSM mobile phone to dial the telephone number of the GSM modem of the monitoring console. The GSM mobile phone attempts to dial and establish a stable communication with the remote control and reports this to the object unit, which transmits the necessary messages via the installed communication channel to the PC of the monitoring console. The monitoring console, after receiving and analyzing the message, sends back a receipt confirming the normal or abnormal reception of the message back to the object block by dialing to the object block similarly to the above procedure, only in the reverse order. In addition, in a communication session initiated by the monitoring station, corresponding control commands can be sent to the object unit in the form of messages. The object block executes the received message commands by controlling the corresponding devices connected to it.

Data transmission in the form of SMS messages between object blocks and a monitoring console in this monitoring system is carried out similarly to the above procedures only through the SMS network server of the corresponding GSM operator.

The disadvantages of this monitoring system are: the ability to deliver messages in an unacceptably long time or the loss of messages when the SMS server is overloaded; work in communication mode with serial dial-up and connection only of the type "point-to-point" to transmit data or confirm their receipt; lack of permanently connected and monitored communication channels between the monitoring console and object units; limited applicability due to one type of communication channel - GSM, low data protection in the communication channel; the impossibility of operational work with a significant number of object blocks; lack of video surveillance, audio monitoring, biometric identification and audio alerts.

The aim of the invention is the expansion of the zone of protection and monitoring of objects by the system, the increase in the number of simultaneously interrogated object blocks, the introduction of a controlled group private bi-directional communication network between the object blocks and the monitoring console, reducing time and increasing guarantees of message delivery, improving the protection of transmitted data, the possibility of transmitting multimedia messages .

This goal is achieved by the fact that in the monitoring system containing a group of object blocks connected via communication channels to the monitoring console, an additional network router and a group of object routers are introduced, the first inputs and outputs of each of which are connected to the corresponding object block, the second inputs and outputs of the object routers through communication channels and a network router are connected to the monitoring console.

The object router contains a module for creating a virtual private communication network that communicates through a communication channel with a network router, as well as authentication of network users.

The network router contains a module for creating a virtual private communication network that communicates through communication channels with object routers and authenticates network users, as well as a firewall module to protect the surveillance panel from unauthorized access from the communication channel.

An object router can contain more than one communication controller that pair the object router with the corresponding communication channels.

A network router may contain more than one communication controller that pair the network router with the communication channels.

The communication controller has the ability to work through a communication channel, made in the form of a wired communication channel.

The communication controller has the ability to work through a communication channel made in the form of a fiber optic communication channel.

The communication controller has the ability to work through a communication channel made in the form of a satellite communication channel.

The communication controller has the ability to work through a communication channel made in the form of a cellular mobile network (DECT, GSM, Wi-Fi, 3G).

The communication controller has the ability to work through the communication channel, made in the form of a radio communication channel (radio Ethernet or radio relay communication).

The object unit is connected to the receiver of the satellite radio navigation system (GPS), and the communication controller of the object router connected to the object unit is designed to work with a cellular mobile network (DECT, GSM, Wi-Fi, 3G).

The system is capable of transmitting data from object blocks to the monitoring console via packet data transmission (GPRS).

Object routers and network routers are configured to connect via the communication channels to the Internet.

The object router contains a device for connecting video cameras, as well as functionality to compress a video image (in MPEG format) and transmit a compressed image through communication controllers, communication channels and a network router to a monitoring console.

The object router contains a device for connecting acoustic devices and performs the functions of converting signals received from acoustic devices into digital files, compressing digital files (in MP format) and transmitting them through communication controllers, communication channels and a network router to a monitoring console.

The object router contains a device for reading information from fingerprint devices, as well as functions for converting it into digital files, compressing these files and transferring them through communication controllers, communication channels and a network router to a monitoring console.

The object router contains a device for reading information from recognition devices by face and iris, as well as the function of converting information into digital files, compressing these files and transferring them through communication controllers, communication channels and a network router to a monitoring console.

The object router contains outputs for controlling executive devices.

The monitoring station contains a group of additional monitoring stations, interconnected by a local communication network.

The object unit contains an uninterruptible power supply, from which it reads information about the status of the connected electric network (220 V), the battery charge level and the output voltage level of the uninterruptible power supply, and transfers it through the object router, communication channel and network router to the monitoring station.

The object router contains a device for connecting acoustic warning devices in the form of tones or voice messages, as well as a module for converting digital message and notification files into analog signals, which are recorded in the memory of the object router or received via communication channels.

The object router contains a hub module, which provides connection to it of a group of object blocks connected to each other and to the hub module by a local communication network.

The drawing shows a block diagram of an alarm system, which contains: object blocks 1, object routers 2, a group of communication controllers 3, video cameras 4, acoustic devices 5, fingerprint devices 6, recognition devices for face and iris 7, actuators 8, acoustic warning devices 9, communication channels 10, Internet 11, satellite radio navigation system 12, network router 13, additional monitoring consoles 14, hub module 15, monitoring console 16, satellite receiver We radio navigation 17.

The system operates as follows.

In the initial state, after turning on the power of the monitoring console (PN) 16 and additional monitoring panels 14, the initial menu for operating and preparing information is displayed on their displays.

In observation point 16, performed on a PC computer, all the necessary information about the objects on which the object blocks (OB) 1 and object routers (OM) 2 are installed are entered from the keyboard for the operation of the system and the duty officers on duty. Information about the protected objects consists of: address object block 1; network IP address and subnet mask of the object router 2; IP addresses and subnet masks of the external port (WAN) of the object router 2; parameters of the SIM card of the communication controller 3 OM 2 for the option of working through the communication channel 10, made in the form of a cellular mobile network; relevant authentication information; standard authentication and tunneling protocols with information encryption (for example, PPPoE, PPTP, IPsec) for organizing a virtual private communication network (VPN) between the OB 1 group and the monitoring console (PN) 16; codes of keys (tokens) of authorized access to the object (for example, such as “touch memory”; “proximiti”; codes for entering from the keyboard, etc.); special files of voice fragments of users; special files with fingerprint information; special files with information for recognition by face and iris; special files for voice messages and alarm alerts; the necessary information about the persons responsible for installing under protection (surveillance) and disarming (monitoring) of the corresponding OB 1; the plan of the location and the plan of the object, and other initial information necessary for setting up and functioning of OB 1 and OM 2. The network router (SM) 13 also contains: a network IP address and a subnet mask; IP address and subnet mask of the external port (WAN) CM 13; parameters of the SIM card of the communication controller 3 CM 13, for the option of working through the communication channel 10, made in the form of a cellular mobile network; relevant authentication information; standard authentication and tunneling protocols with information encryption (for example, PPPoE, PPTP, IPsec) for organizing a virtual private communication network (VPN) between the OB 1 group and the monitoring console (PN) 16, through SM 13; IP address PN 16; other information necessary for communication in a VPN between the PN 16, through SM 13, through the communication channel 10, through the corresponding OM 2 with the corresponding OB 1, as well as information necessary for the operation of the monitoring system and its protection, monitoring, control and management.

Each OB 1 and OM 2 before installation on the object of protection (monitoring, control, control) are programmed with PN 16: access address to SM 13 and PN 16; relevant information and protocols necessary for communicating with PN 16 through SM 13 by organizing a virtual private communication network (VPN) with authentication and end-to-end encrypted communication tunnels between each OM 2 and SM 13; relevant information and protocols necessary for the implementation of OB 1 and OM 2 functions for the protection, management and monitoring of facilities;

The proposed monitoring system for transmitting information allows you to organize VPN tunnels of the "star" type between the group of OM 2 and SM 13 inside the communication channel 10 or through the communication channel 10 within the Internet 11.

After turning on the power, the PN 16 is activated and performs the necessary programming and configuration of SM 13 to work with the corresponding type of communication channel 10 and OM 2 group, as well as setting up a standard protocol (for example, IPSec) of the virtual private network organization module and the firewall module (for example, type SPI firewall) in SM 13 to protect the PN 16 from unauthorized access and various types of “hacker” attacks from the communication channel 10. Next, the communication controller 3 CM 13 connects to the communication channel 10 by activating the context accordingly about the communication protocol, which is defined in SM 13 during its configuration with PN 16. If communication channel 10 has a provider and requires registration of subscribers (OM 2 and SM 13), then this registration is carried out in advance, before activating the connection of SM 13 with communication channel 10 When registering, the provider issues a static (IP) address for CM 13 and fixes the SIM card numbers of the communication controllers 3 of each subscriber (OM 2) of the monitoring system, which will work through the registered communication channel 10. In addition, for each registered subscriber (OM 2 ) in communication channel 10 on the switch re provider (in the HLR profile), in the lists of subscribers and their parameters indicate (IP) the addresses of allowed access points OM 2 to other subscribers connected to communication channel 10. In the embodiment of the organization of communication OM 2 with SM 13 inside the communication channel 10 to all subscribers ( OM 2) the monitoring system will only be allowed access to the CM 13 IP address. There, in the lists of subscribers and their parameters for each OM 2, the static CM 13 IP address can be indicated. If it is not specified, then after execution by the controller communication 3 CM 13 connection to the communication channel 10 by activating the context respectively of the existing protocol (IP), the CM 13 address is dynamically allocated by the DHCP server of the communication channel provider 10 from the SM 13 pool.

Similarly to the above, the procedure for connecting each OM 2 to the communication channel 10 is carried out, as a result of which after connecting each OM 2 (SIM card of the communication controller 3), the provider's DHCP server issues a dynamic (IP) address and settings necessary for OM 2 to work inside the communication channel 10 and with SM 13.

If the tunnels of the virtual private network (VPN) of communication between OM 2 and SM 13 of the monitoring system are organized through the communication channel 10 and then inside the Internet 11, then it is also necessary to register the monitoring system subscribers with the Internet provider 11. The procedure for registering and distributing IP addresses for The connection of OM 2 and SM 13 to the Internet 11 through communication channels 10 is carried out similarly to the organization of a VPN inside the communication channel 10. However, when connecting OM 2 or SM 13 to the Internet 11 through communication channel 10, which requires registration with the provider on the switch, dera communication channel 10 (in the HLR profile) in the subscriber lists and parameters for these OM 2 and CM 13, in addresses authorized access points are specified address connection points to the Internet 11.

CM 13 can be not only a subscriber to the DHCP server of the communication channel provider 10, but also have a built-in DHCP server, which will allow it to automatically assign OM 2 dynamic IP addresses from the VPN address range of the monitoring system, after connecting OM 2 via communication channel 10 (and the Internet ) with CM 13.

If the connection of OM 2 or CM 13 with the communication channel 10 is carried out with mandatory registration with the provider and assigning an IP address, then the connection and transmission of digital information in such a communication channel 10 can be carried out by means of packet data transmission (for example, GPRS). For each 3 OM 2 communication controller, the above-described connection with the monitoring console 16, an Akhtuba industrial-manufactured automated notification system, via communication channel 10 of the GSM 900/1800 type, using GPRS, can be considered using a conditional example. After powering on OM 2, OM 2 with the standard AT command sets the access point and protocol (for example, at + cgdcont = 1, "ip", "ahtuba_aspi.volgogsm.ru) to the corresponding communication controller 3, then OM 2 gives the communication controller 3 a standard command connection to the pseudo-number atd * 99 *** 1 #. After the 3 OM 2 GPRS communication controller has successfully connected to the communication channel 10, OM 2 is connected to the communication channel 10 with a dynamic IP address automatically allocated to it. Further, depending on earlier information on configuration of the monitoring system and standard pr VPN protocols (for example, IPSec), the corresponding modules for creating a virtual private communication network contained in OM 2 and SM 13, organize a secure VPN tunnel between this OM 2 and SM 13 inside communication channel 10 or through communication channel 10 within the Internet 11. And further, as necessary, a two-way transmission of information between OM 2 and SM 13 is performed with the encapsulation, authentication and encryption of the transmitted information embedded in them (for example, using the standard IPSec protocol).

After making OM 2 and SM 13 connections with communication channel 10 (Internet 11) and organizing VPN tunnels between each OM 2 with SM 13, through communication channel 10 (Internet 11), all communication tunnels are constantly maintained for the entire duration of the monitoring system . The status of VPN tunnels is constantly monitored by OM 2 and CM 13. If, for any reason, the connection is disconnected in any VPN tunnel, information about this is recorded in the corresponding OM 2 and in CM 13. Then, organization sessions are automatically performed by the corresponding OM 2 and CM 13 The VPN tunnel between this OM 2 and CM 13 is similar to the previously described sequences.

The communication channel 10 may be made in the form of one or more communication channels of the same or different types of communication, for example, a type of wired communication channel; fiber optic communication channel; satellite communication channel; mobile cellular communication channel (DECT, GSM, Wi-Fi, 3G, etc.); radio communication channel (radio Ethernet, radio relay, communication, direct radio communication, etc.).

SM 13 is connected to the selected communication types of the communication channel 10 through communication controllers 3 CM 13, which have physical interfaces and communication protocols corresponding to the selected communication types, and each communication controller 3 performs its own type of interface and communication protocol. Similarly to the above, a connection is made to the communication channel 10, of each OM 2, through its own communication controllers 3.

To perform the protection and control functions of the facility, each OB 1 contains the necessary warning devices of various operating principles connected to its internal circuits: contact; infrared; radio wave; inductive; capacitive, optical; thermal and other principles of operation, as well as devices for monitoring and controlling authorized access (installation under protection, surveillance, control and disarming, monitoring, control), for example, such as “keyboard”, “touch memory”, “proximiti” and so on. To perform the functions of individual authentication, the following inputs of OM 2 can be connected:

- Acoustic devices 5 (microphones) for entering keywords or phrases. Keywords or phrases adopted by OM 2 circuits in analog form are converted into OM 2 into a digital file and placed into OM 2 memory, then spectral analysis of this file is performed using special algorithms. Spectral analysis of the file can be performed in OM 2 or PN 16. If the analysis is performed in OM 2, the results of the spectral analysis are compared with the special user voice files stored in OM 2 recorded in OM 2 with PN 16 during programming or transmitted to OM 2 during OM 2 communication session via communication channel 10 (Internet 11) and SM 13 with PN 16. If, by comparison, no analogue was found in the OM 2 file database, then OM 2 reports this by outputting the corresponding special voice and / or signal message files, transformed and from a digital form into analog signals, to acoustic warning devices 9. If the spectral analysis of a file is performed in PN 16, then the spectral analysis file is compressed by OM 2 (for example, into MP3 format or other data compression formats) and through communication controller 3, through the channel Communication 10 (Internet 11), through SM 13 it is transmitted to PN 16, where it is compared with the corresponding database. After comparing the PN 16 in the reverse order of the above, it transmits information about the recognition or non-recognition of this voice spectrum in OM 2. OM 2 reports the results of the analysis by outputting its corresponding special files for voice and / or signal messages converted from digital form to analog signals, to acoustic warning devices 9, and also, if necessary, controls the corresponding actuating devices 8. Special files for voice and / or signal messages intended for outputting ОМ 2 н acoustic warning devices 9, as well as control commands corresponding actuators 8 can be transferred to OM 2, together with the response of the recognition or non-recognition of the voice spectrum.

- Fingerprinting devices 6, intended for entering into OM 2 drawings from fingers. The finger drawing adopted by the OM 2 circuits in analog form is converted into OM 2 into a digital file and placed into the OM 2 memory, then this file is analyzed using special algorithms. Further, the analysis and actions of OM 2 and PN 16 are performed similarly to the above algorithm when working with acoustic information, only comparison is made with special files with fingerprint information.

- Recognition devices for the face and iris 7, designed to enter into OM 2 information about the face pattern and / or the pattern of the iris. The face and / or iris pattern adopted by the OM 2 circuits in analog form is converted into OM 2 into a digital file and placed into the OM 2 memory, then data files are analyzed using special algorithms. Further, the analysis and actions of OM 2 and PN 16 are performed similarly to the above algorithm when working with acoustic information, only comparison is made with special files with information for recognition on the face and iris, and file compression for transfer between OM 2 to PN 16 and vice versa can be performed, for example, in MPEG format ... or another data compression format.

For the monitoring system to perform video surveillance functions, cameras 4 can be connected to the corresponding inputs of OM 2. During video surveillance, information from video cameras 4 is fed to the corresponding inputs of OM 2 circuits in analog form, converted to OM 2 with a specified frequency into digital video files and stored in OM memory 2, then the video files are compressed by OM 2 (for example, into MPEG3 format or other video compression formats) and through the communication controller 3, through the communication channel 10 (Internet 11), through SM 13 are transmitted to PN 16. With received PN 16 from OM 2 video files to perform monitoring functions can perform special operations of analysis and comparison with standards. Further, video fragments of the received files through the local communication network PN 16 are displayed on the displays of the respective additional monitoring consoles 14 and, if necessary, PN 16 are recorded in the archive memory of video images with relevant information about the time and place where video frames were recorded. When performing the video surveillance functions with PN 16 through SM 13 and communication channel 10 (Internet 11), special voice and / or signal message files intended for outputting OM 2 to acoustic warning devices 9, as well as control commands of corresponding executive devices 8 (for example, drives orientation of cameras in space).

To perform monitoring functions of the monitoring system, the corresponding inputs of OM 2, as described above, can be connected to acoustic devices 5 (for example, microphones, noise, vibration, etc.). The information received by OM 2 from acoustic devices 5 is converted into digital audio files in OM 2 and stored in OM 2 memory, then after appropriate processing (eliminating false noise), these audio files are compressed by OM 2 (for example, in MP3 format or other audio compression formats) and through the communication controller 3, through the communication channel 10 (Internet 11), through SM 13 are transmitted to the PN 16. With the received PN 16 from the OM audio files to perform monitoring functions, special analysis operations can be performed. Further, audio files from selected sound sources can be listened through the audio outputs of the PN 16 and, if necessary, recorded on the PN 16 in the archived audio memory with the corresponding information about the time and place of recording of audio fragments. When performing monitoring functions from PN 16, through SM 13, through communication channel 10 (Internet 11), special voice and / or signal message files intended for outputting OM 2 to acoustic warning devices 9, as well as control commands, can be transmitted to OM 2 corresponding actuating devices 8 (for example, turning on, turning off and controlling parameters of corresponding sources of audio information).

For monitoring, controlling, guarding and controlling moving objects, this monitoring system contains a group of object blocks (OB 1), to which, in addition to the above-described devices, the output of the satellite radio navigation system receiver 17 is connected to the corresponding input of each OB 1 of this group 17. The satellite radio navigation receiver 17, receiving special signals from a group of satellites of the radio navigation system 12 (for example, GPS, NAVSTAR and / or GLONASS) constantly calculates its coordinates with the specified accuracy. OB 1 reads from the receiver of the satellite radio navigation system 17 and transmits information about its coordinates through OM 2, through the communication controller 3 OM 2, made to work with a cellular mobile network (such as DECT, GSM, Wi-Fi, 3G, etc.), radio Ethernet or direct radio broadcast, through a communication channel 10 of a similar type (Internet 11), through SM 13 to PN 16, where the received information is analyzed and displayed as the location of the object on the area map displayed on the display of the corresponding additional monitoring console 14, as well as recorded in accordance s archive.

In order to reduce economic costs when equipping a monitoring system for a group of objects located close to each other, an additional OM 2 group contains a concentrator module 15 (KC), which is connected through a local communication network to an additional OB 1 group. At the same time, when programming this OM 2 from PN 16 in OM 2, not one, but a group of OB 1 addresses are recorded, which are connected to KC 15 of this OM 2. In KC 15, a memory of transit messages is transmitted, transmitted from each OB 1 connected to it through OM 2, through a channel with monitor 10 (Internet 11), through SM 13 to PN 16 and in the same way in the opposite direction to OB 1. During the operation of such OM 2 its KC 15 cyclically polls through the local network the status of all connected OB 1, accessing them by their individual addresses. KC 15 compares the information received from OB 1 during the communication session with that stored in the transit memory of this OB 1. And in case of a mismatch, transmits new information from OB 1 to PN 16 using the previously described path. And on the contrary, it receives information from PN 16 for this OB 1, which it writes to its memory in transit messages. Received from PN 16 information KC 15 transmits to the corresponding OB 1 during the next communication session with this OB 1.

To implement the regime of protection, surveillance, control and management (monitoring) of an object of its OB 1 and OM 2, it is necessary to transfer it to this monitoring mode. The translation of OB 1 and OM 2 into the monitoring mode is performed by user authentication by entering a code into the keyboard device OB 1 or into a device of the type “touch memory”, or of the type “proximiti”, or a special voice fragment in the acoustic device 5 OM 2, or by drawing a finger into fingerprinting device 6, or facial features and / or eyes in video cameras of recognition devices by face and iris 7 connected to OM 2. After identifying a match with the corresponding database, as described above, OB 1 and OM 2, exchanged between soo relevant information, simultaneously go into monitoring mode. ABOUT 1 controls the information received from the connected warning devices and from the receiver of the satellite radio navigation system 17, if it is a moving object. And OM 2 monitors the information received from the acoustic devices 5 and cameras 4 connected to it. If the information received by OB 1 and / or OM 2 deviates from the previously recorded analogue of OB 1, it generates an alarm message that includes all the necessary status information the corresponding warning devices, and transmits it to OM 2 connected to it. OM 2 through the previously established VPN connection tunnel with PN 16 transmits to it its alarm messages and alarm messages from OB 1. Alarm messages received from OM 2 after processing and in PN 16, according to special programs, information on the ways of moving the object on the area map (for moving objects) in the form of image frames, a plan diagram of the object and access roads to the object, in the form of acoustic and other messages required an observer to make a decision. PN 16 in automatic mode or with the participation of an observer to clarify information about events occurring at the facility and take specific actions can control the position in space and properties of warning devices, video cameras 4, acoustic devices 5 and actuators 8. Control is carried out by submitting the appropriate messages from PN 16 to OM 2 and the corresponding OB 1 through the established VPN communication tunnel. Removing an object from monitoring is carried out by secondary user authentication similar to the above or by control from PN 16, while from PN 16, OM 2, or OB 1, appropriate commands can be issued for opening 8 locks, gates, turnstiles, gates, etc. through actuators . Similarly to the above, it is possible to control the corresponding actuators 8 directly after performing the authentication procedure by matching the signs (codes) of users previously recorded in the monitoring system.

OM 2 monitoring system in order to improve the reliability of communication can communicate with SM 13 through communication channel 10 simultaneously on more than one communication channel. Heterogeneous communication channels are mainly used. For example, one 3 OM 2 communication controller communicates with the corresponding 3 CM 13 communication controller via GSM mobile communication channels (or other radio communication channels), a second 3 OM 2 communication controller communicates with the corresponding 3 CM 13 communication controller via dial-up or dedicated telephone communication lines in communication channel 10. In the event of a disconnection of communication on one of the communication channels, communication between OM 2 and SM 13 continues to be carried out on the second communication channel, while information about the loss of communication in this channel between OM 2 and SM 13 is transmitted to CM 13 16 to make a decision.

Proposed monitoring system:

- expands the monitoring zone of objects;

- uses several communication channels simultaneously, which increases the reliability of its operation;

- performs simultaneous bidirectional communication of the monitoring console with a significant number of object devices along the tunnels of a virtual private communication network (VPN) of the "star" type;

- reduces time and improves message delivery guarantees;

- increases the protection of transmitted data;

- allows you to send multimedia messages;

- performs video surveillance and audio monitoring of the object;

- provides biometric identification of users;

- determines the location of moving objects;

- Performs acoustic notification at the facility.

Claims (19)

1. A monitoring system containing a group of object blocks, the inputs and outputs of which are connected through the communication channels to the inputs and outputs of the monitoring console, characterized in that a network router is additionally introduced into the monitoring console, and an object router is added to the object block, which contains at least one communication controller and a module for creating a virtual private communication network, which also authenticates network users whose inputs and outputs are through communication controllers, through the inputs and outputs of the object block, through the appropriate communication channels, through the inputs / outputs of the monitoring console, are connected to the inputs / outputs of the network router, and the network router contains at least one communication controller and a module for creating a virtual private communication network, which also authenticates network users whose inputs and outputs are through communication controllers, through the inputs and outputs of the monitoring console, through communication channels, through the inputs and outputs of the corresponding object blocks are connected to the inputs and outputs of the object routers. 2. The system according to claim 1, characterized in that the network router contains a firewall module to protect the surveillance panel from unauthorized access from the communication channel. 3. The system according to claim 1, characterized in that the communication controller has the ability to work through a communication channel, made in the form of a wired communication channel. 4. The system according to claim 1, characterized in that the communication controller has the ability to work through a communication channel made in the form of a fiber optic communication channel. 5. The system according to claim 1, characterized in that the communication controller has the ability to work through a communication channel made in the form of a satellite communication channel. 6. The system according to claim 1, characterized in that the communication controller has the ability to work through a communication channel made in the form of a cellular mobile network (DECT, GSM, Wi-Fi, 3G). 7. The system according to claim 1, characterized in that the communication controller has the ability to work through a communication channel made in the form of a radio communication channel (radio Ethernet, radio relay communication). 8. The system according to claim 1, characterized in that the object unit is additionally connected to the receiver of the satellite radio navigation system (GPS), and the communication controller of the object router is made to work with a cellular mobile network (DECT, GSM, Wi-Fi, 3G). 9. The system according to claim 1, characterized in that it is configured to transmit data from object blocks to the monitoring console via packet data transmission (GPRS). 10. The system according to claim 1, characterized in that the object routers and network routers are configured to connect via communication channels to the Internet. 11. The system according to claim 1, characterized in that the object unit contains a device for connecting video cameras and is configured to compress video images (in MPEG format) and transmit compressed images through communication controllers, communication channels to a monitoring station. 12. The system according to claim 1, characterized in that the object unit contains a device for connecting acoustic devices and is configured to convert signals received from acoustic devices into digital files, compress digital files (in MP format) and transfer them through communication controllers, channels communication to the monitoring console. 13. The system according to claim 1, characterized in that the object unit contains a device for reading information from fingerprint devices and is configured to convert it into digital files, compress these files and transfer them through communication controllers, communication channels to a monitoring console. 14. The system according to claim 1, characterized in that the object unit contains a device for reading information from recognition devices by face and iris and is configured to convert information into digital files, compress these files and transfer them through communication controllers, communication channels to remote control. 15. The system according to claim 1, characterized in that the object unit contains outputs for controlling actuators. 16. The system according to claim 1, characterized in that it contains a group of monitoring panels connected to each other by a local communication network. 17. The system according to claim 1, characterized in that the object unit contains an uninterruptible power supply and is configured to read from it information about the status of the connected electrical network (220 V), the battery charge level and the output voltage level of the uninterruptible power supply, as well as transmission her through the communication channel to the monitoring console. 18. The system according to claim 1, characterized in that the object unit contains a device for connecting acoustic warning devices in the form of tonal signals or voice messages, as well as a module for converting digital messages and alerts files that are stored in the object unit memory or received into analog signals through communication channels. 19. The system according to claim 1, characterized in that the object block comprises a hub module configured to connect a group of object blocks to it and connect them to each other and to the hub module with a local communication network.