WO2019174771A1 - A method and a device of detecting radio disturbances in a radio communication system - Google Patents

A method and a device of detecting radio disturbances in a radio communication system Download PDF

Info

Publication number
WO2019174771A1
WO2019174771A1 PCT/EP2018/084261 EP2018084261W WO2019174771A1 WO 2019174771 A1 WO2019174771 A1 WO 2019174771A1 EP 2018084261 W EP2018084261 W EP 2018084261W WO 2019174771 A1 WO2019174771 A1 WO 2019174771A1
Authority
WO
WIPO (PCT)
Prior art keywords
power level
radio
detector
signal
receiver
Prior art date
Application number
PCT/EP2018/084261
Other languages
French (fr)
Inventor
Filip Skarp
Original Assignee
Verisure Sàrl
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Verisure Sàrl filed Critical Verisure Sàrl
Priority to IL277244A priority Critical patent/IL277244B2/en
Priority to BR112020018409-8A priority patent/BR112020018409A2/en
Publication of WO2019174771A1 publication Critical patent/WO2019174771A1/en

Links

Classifications

    • GPHYSICS
    • G08SIGNALLING
    • G08BSIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
    • G08B29/00Checking or monitoring of signalling or alarm systems; Prevention or correction of operating errors, e.g. preventing unauthorised operation
    • G08B29/02Monitoring continuously signalling or alarm systems
    • G08B29/04Monitoring of the detection circuits
    • G08B29/046Monitoring of the detection circuits prevention of tampering with detection circuits
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/20Countermeasures against jamming
    • H04K3/22Countermeasures against jamming including jamming detection and monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/40Jamming having variable characteristics
    • H04K3/45Jamming having variable characteristics characterized by including monitoring of the target or target signal, e.g. in reactive jammers or follower jammers for example by means of an alternation of jamming phases and monitoring phases, called "look-through mode"
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/20Countermeasures against jamming
    • H04K3/22Countermeasures against jamming including jamming detection and monitoring
    • H04K3/222Countermeasures against jamming including jamming detection and monitoring wherein jamming detection includes detecting the absence or impossibility of intelligible communication on at least one channel

Definitions

  • the invention relates to a method and a device of detecting radio disturbances in a radio communication system.
  • a prior art alarm system for handling jamming situations is dis- closed in EP2541518.
  • a first alarm installation is arranged to supervise a second alarm installation and to monitor radio signals exchanged in said sec- ond alarm installation. Absence of monitored radio signals will result in the generation of a jamming alarm signal. It should be noted that if communica- tion between a peripheral device and a gateway in either alarm installation is interrupted during a longer time period, such as several minutes, a supervi- sion alarm can be generated in that alarm installation.
  • a method of de- tecting radio disturbances in a radio communication system comprising a gateway device and a peripheral device, each arranged to send radio signals to and to receive radio signals from the other.
  • the method comprises
  • a jam- ming alarm can comprise generation of an alarm signal in premises where the radio communication system is installed and/or forwarding an alarm sig nal to remote central monitoring station where further steps for managing the situation can be taken.
  • the method will provide a higher security in detecting sophisticated targeted jamming attempts in radio communication systems in general and on alarm systems specifically, even where a jamming signal dis- turbs or destroys specific information segments exchanged in radio commu- nication.
  • the disclosed method can be used in a home wireless communica- tions system comprising a plurality of wireless nodes including a first gateway at least one wireless peripheral device and, in some installations, at least one second gateway.
  • the home wireless communications system forms an instal- lation that can include a conventional home security system that comprises at least one wireless alarm detector and at least one gateway. If any of the de- vices or nodes fail - some action is taken, such as notifying the home owner or triggering a tamper alarm.
  • the tamper alarm can comprise generation of an alarm signal in premises where the radio communication system is in- stalled and/or forwarding an alarm signal to remote central monitoring station where further steps for managing the situation can be taken.
  • a home wireless communications system in general can be any type of wireless system comprising a plurality of peripheral wireless nodes, such as an intruder alarm, and a central unit.
  • a security system having a plurality of wireless detectors, sensitive to the presence or passage of persons and objects, communicating with a central unit such as a gateway using wireless communication.
  • Intentional radio disturbance measures or interference can be caused by a radio jammer that is a device that deliberately blocks, jams or interferes with authorized wireless communications.
  • jammers work by the transmission of radio signals that disrupt communications by de- creasing the signal-to-noise ratio.
  • the concept can be used in wireless data networks to disrupt information flow.
  • Jamming is usually distinguished from interference that can occur due to device malfunctions or other accidental cir cumstances.
  • Security and alarm systems used today normally comprise a control panel and a gateway that is connected to a central station, either by a tele- phone line or by a wireless telecommunications system such as GSM or other radio frequency systems. The connection can also be through the inter- net.
  • the control panel can be provided with an input device or be activated and controlled by a control device such as a keypad which can be a wireless remote device.
  • a packet sniping jammer normally would incorporate an intelli gent receiver chain and listen for packets or power in the air during digital wireless communication.
  • a packet comprises a dataset of pre- amble, sync-word, payload and cyclic redundancy check (CRC).
  • CRC cyclic redundancy check
  • the power of the incoming signal is contin- uously measured and changes in that power are detected in a detector.
  • step changes both positive and negative, that would arise from packet snip- ing.
  • the continuous measurement of power could be done at any suitable po- sition in the receiver chain. The measurement is done with a sufficiently high bandwidth (the power measurement speed should be in the order of the bi- trate of the received signal).
  • the power measurements could be done by measuring the power of the incoming signal in relevant radio receiver parts, such as the Automated Gain Control (AGC), the Intermediate Frequency Amplifier (IF AMP) or the Analog to digi- tal converter (ADC).
  • ADC Automated Gain Control
  • IF AMP Intermediate Frequency Amplifier
  • ADC Analog to digi- tal converter
  • the power measurement can also be made by measur- ing the level of the digital IQ data. In practice, different measurement meth- ods are used depending on receiver architecture.
  • Fig. 1 is a schematic view of an installation of a home wireless system
  • Fig. 2 is a schematic diagram showing power of a received radio signal in a simple jamming situation in the time domain
  • Fig. 3 is a schematic diagram showing power of a received radio signal in the time domain where a jamming signal is generated by a sniping jammer in a more sophisticated way
  • Fig. 4 schematically shows signal measurements of the signal shown in
  • Fig. 5 is a schematic diagram showing an analogue type receiver compris- ing one embodiment of a detector in accordance with the invention
  • Fig. 6 is a schematic diagram showing a digital type receiver comprising one embodiment of a detector in accordance with the invention
  • Fig. 7 is a schematic diagram showing one embodiment of a detector in accordance with the invention
  • Fig. 8 is a schematic diagram showing a typical installation including two communication units comprising a detector in accordance with the invention
  • Fig. 9 is a table showing part of a correctly received bit stream package and corresponding energy levels.
  • Fig. 10 is a table showing part of a received jammed bit stream package and corresponding energy levels.
  • Fig. 1 shows a home wireless system installed in a building 10.
  • the home wireless system is an alarm system installation and comprises a plural- ity of wireless peripheral nodes including wireless peripheral devices, a first gateway 12 and a second gateway 12’.
  • the second gateway 12’ is mains powered and normally is not provided with battery backup.
  • One wireless pe- ripheral node is a first infrared detector 14 mounted in the corner of a room close to the ceiling.
  • the first infrared detector 14 has a sensing area that co vers the first gateway 12.
  • a first perimeter alarm detector 16 is mounted at a window 17 in the same room.
  • the infrared detector operates in a conven- tional manner to detect presence and movements of objects emitting infrared radiation.
  • the perimeter alarm detector also operates in a conventional man- ner to detect when a door or a window is opened.
  • the perimeter alarm detector comprises a magnetic sensor that will detect when a magnet attached to the door or window is moved.
  • Second gateway 12’ is arranged in a second room separated from the room where the first gateway 12 is arranged.
  • a second infrared detector 14’ is mounted in the same room as the second gateway 12’ to cover it within its operative area and a second perimeter alarm detector 16’ is mounted at a second window 17’ in the same room.
  • a keypad 19 is mounted close to a front door 20 of the building 10. The keypad 19 is used by an operator of the alarm system to arm and to disarm the alarm system.
  • the keypad 19 also is a wireless peripheral node.
  • the front door 20 is covered by a third perimeter alarm detector 21.
  • Another type of wireless peripheral device is a smoke de- tector 23 mounted in the ceiling of building. In various embodiments a plural- ity of smoke detectors 23 are arranged throughout the building 10 to ensure that fire can be detected at an early stage.
  • the first gateway 12 and the second gateway 12’ are connected to a remote central monitoring station 22 either through a wired connection 24 or through a wireless connection such as GSM or a similar digital cellular network 34.
  • the connection to the remote central monitoring station 22 can also be through the internet 26.
  • internet connection is provided through a wireless router 32 that is connected to internet by fibre, cable or Digital Subscriber Line, such as ADSL.
  • second gateway 12’ is connected by wire 33 to wireless router 32.
  • the wired connection 24 can be part of a public switched telephone network 25.
  • the remote central monitoring station 22 comprises an interface module 27, a database 28 and a web server 29.
  • the database 28 stores installation and application data relating to the installation including all wireless network nodes and alarm settings.
  • the first gateway 12 is capable of communicating with the second gateway 12’ because of the more powerful radio transmitting units even though some peripheral nodes cannot.
  • An installation such as the alarm system shown in Fig. 1 holds a large amount of dynamic state information, such as arm state, alarm status, peripheral battery status, etc. in a total system state information dataset. Similar information is stored also in other types of home wireless systems.
  • Each gateway or controller continuously receives inputs from different au- thenticated sources such as peripheral nodes, a RCMS, adjacent systems, etc. that affects a distributed state of the application or system.
  • a second gateway can utilize the RF com- munication link of another gateway for tunnelling messages to a remote cen- tral monitoring station (RCMS).
  • RCMS remote cen- tral monitoring station
  • another gateway up-link can be utilized.
  • FIG. 2 shows power levels of received ra- dio signals in a jamming situation in the time domain where a jamming signal 40 is transmitted as noise.
  • Message signals 42 received at a power level PA are concealed or at least not fully readable when a noise level PN extends above message signal level PA.
  • a jamming situation as shown in Fig. 2 is detected in prior art systems a jamming alarm can be generated.
  • FIG. 3 shows a jamming situation in the time domain where a jamming signal is generated by a sniping jammer in a more sophisticated way.
  • a sniping jammer normally comprises a more intelli gent receiver chain and will listen for message signals 42 or power in the air. Once a message signal 42 such as a packet is detected the jammer emits a short surge 43 of power at power level PN lasting at least and normally only a fraction of the packet length. The actual length normally would be based on the protocol being jammed. If error correctional coding is used more bits would have to be jammed to ensure a destroyed packet.
  • the diagram in Fig. 4 illustrates a situation starting with receiving a normal radio signal during four consecutive time periods, each time period Tn including one information segment.
  • each time period Tn including one information segment.
  • the power level value of each time period is referred to as Pm.
  • Pm The power level value of each time period
  • a statistical value Pd of measured power levels Pm is continuously determined based on power levels of previ- ously received information segments.
  • Pm is meas- ured over a limited time period Tm, such as 1 s.
  • a basic statistical value is a mean value as indicated with a dashed line in Fig. 4 indicates that the received power level may vary up and down over time.
  • the mean value is continuously determined based on power levels of previously received information segments or determined continuously for each information segment.
  • the statistical value is the standard deviation of a set of or all power level values Pm.
  • the set of power level values can be based on a plurality of values, values measured over a time period, or all or a subset of values of a specific information seg- ment.
  • a jamming signal 44 is broadcast and received during a time period where an information segment also is broadcast.
  • the jamming signal 44 has a power level Pj which is different from the power level Pm of the information segment and also different from the mean value Pd.
  • Power level Pj is greater than the mean power level. The difference is Pe. If the power level Pj deviates more from the mean value or the statistical value than a reference or threshold value power level Pj is determined to indicate that intentional or unintentional radio disturbance measures have occurred.
  • the threshold value can be two to five times the standard deviation or preferably around three times the stand- ard deviation.
  • a detector 44 for detecting intentional or unintentional radio disturb- ance measures is connected to an appropriate location in a receiver chain where the measurement can be done with high enough bandwidth (the power measurement speed should be in the order of the bitrate of the received sig- nal but any bandwidth allowing for more than one measurement per infor- mation segment will be usable). The exact location depends on the receiver architecture.
  • the detector will produce an alert signal when intentional or un- intentional radio disturbance measures are detected.
  • an antenna 46 is con- nected to a Low Noise Amplifier (LNA) 48 in a conventional manner.
  • LNA Low Noise Amplifier
  • An out- put of LNA 48 is connected to a mixer 50 mixing the amplified signal with an adjustable frequency signal from an oscillator 52.
  • the mixer is connected also to an Intermediate Frequency stage with an amplifier (IF AMP) 54, an output of which is connected to a filter 56 in a conventional way.
  • IF AMP Intermediate Frequency stage with an amplifier
  • IF AMP 54 comprises an Auto- matic Gain Control (AGC) 58.
  • AGC 58 generates a signal that is indicative of the power of the received signal.
  • the generated signal is sent to detector 44 through an output of AGC 58 that is connected to detector 44.
  • An output of filter 56 is connected to an analog-to-digital con- verter (ADC) 60 providing a bitstream of digital data and a power level output.
  • ADC analog-to-digital con- verter
  • the power level output is connected to detector 44.
  • a signal at the power level output is indicative of the power of the received signal and thus can be used for detecting intentional or unintentional radio disturbance measures.
  • antenna 46 is connected to LNA 48 in a conventional manner.
  • the signal amplified in LNA 48 is pro- Stepd in ADC providing a bitstream of digital data and a power level output.
  • the power level output is connected to detector 44.
  • a signal at the power level output is indicative of the power of the received signal and thus can be used for detecting intentional or unintentional radio disturbance measures.
  • Detector 44 could be physi- cal device or be software implemented.
  • a power level detector 62 is con- nected to an appropriate position in a radio receiver to continuously detect a power level signal indicative of the power of information segments in a radio received signal.
  • a bit-clock detector 63 is connected to an appropriate posi- tion in a radio receiver to continuously detect a bit-clock to provide basis for synchronization.
  • Values of power levels are processed by a processing unit 64 and stored in a memory unit 66. In various embodiments, the processing of power levels comprises calculating at least one statistical value. Normally, a mean value of power level values is continuously calculated.
  • power level detector 62 is connected to an appropriate position in a radio receiver to continuously detect a power level signal indicative of the power of separate information segments in a radio re- ceived signal.
  • Detector 44 can be used also to measure continuously power of a received package of data and to detect if any steps in power should oc cur. As soon as the start of a package is detected an evaluation of power starts. Regardless of bit synchronization an alarm will be generated, should there be a positive or negative power step.
  • the processing further comprises repeatedly comparing a present value of the power level of at least one information segment of a received signal with said statistical value.
  • a present power level value or a set of recently received power level values, differs from the statistical value by more than a threshold value intentional or unintentional radio disturbance measures is considered to be present.
  • processing unit 64 instructs an output unit 68 to produce an alert signal and to forward the alert signal to a central unit, as described in more detail below.
  • FIG. 8 A basic installation of a radio system is shown in Fig. 8.
  • This em- bodiment relates to a home alarm system comprising first gateway 12, sec- ond gateway 12’ and at least one wireless peripheral device, such as an in- frared detector 14.
  • First gateway 12, second gateway 12’ and infrared detec- tor 14 all communicate using radio communication.
  • At least one gateway is repeatedly communicating with remote central monitoring station 22 as dis closed above.
  • a sniping jammer device 70 has been moved to a position where radio signals in the installation can be received and radio disturbance measures can be taken.
  • First and second gateways 12, 12’ comprise first communication units 72 and second communication units 74.
  • First communication units 72 is used for communicating with remote central monitoring station 22 either through a wired connection 24 or through a wireless connection such as GSM or a similar digital cellular network.
  • the connection to the remote cen- tral monitoring station 22 can also be through a wired connection, such as a public switched telephone network or the internet.
  • Second communication units 74 is mainly used for communication within the installation between gateways and between gateways and periph- eral nodes.
  • Each gateway is controlled by a central unit 76 and comprise a power unit 78, normally a battery.
  • At least one gateway is provided with a de- tector 44 continuously monitoring radio communication received in the gate- way.
  • detector 44 detects intentional or unintentional radio disturbance measures in the radio communication system an alert signal is transferred to central unit 76.
  • An alarm signal then can be generated in the gateway and forwarded to the remote central monitoring station 22 in an appropriate way.
  • the table in Fig. 9 describes a part of a correctly received package with the bits as“1” and“0” in the top row and the energy level as“A” to“Z” in the sec- ond row.
  • a packet sniping activation is present in the table in Fig. 10 . Higher energy levels during packet jamming are indicated with a V resulting in a dif ferent and disturbed bit stream.
  • a step in power would be easily detected and by pairing the power step with the bit pattern before and after the power step it can be determined that there was a package en route to the receiver that was sniped.
  • the snip- ing detection could also be solely based on short changes in power if the re- ceived bit stream ignoring the packet recognition factor although this would most likely cause some false alarms since neighboring systems and other RF protocols could be mistaken for snipers.
  • calculating the statistical value comprises calculation of a standard deviation of power level values of separate infor- mation segments.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Remote Sensing (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Monitoring And Testing Of Transmission In General (AREA)

Abstract

A method and a detector for detecting radio disturbances in a radio communication system comprising a gateway device and a peripheral device, each arranged to send radio signals to and to receive radio signals from the other. The method comprises measuring the power level (Pm) of separate information segments of the radio signals received by one device from the other device, determining a statistical value (Pd) of measured power level values, comparing a selected measured power level with the statistical value, and producing an alert signal, indicating a radio disturbance, if the difference between the selected measured power level and the statistical value exceeds a threshold. The detector comprises a power level detector (62), a processing unit (64) operatively connected to the power level detector (62), and a memory unit (66) storing a plurality of statistical values.

Description

A METHOD AND A DEVICE OF DETECTING RADIO DISTURBANCES IN A
RADIO COMMUNICATION SYSTEM
TECHNICAL FIELD
[0001] The invention relates to a method and a device of detecting radio disturbances in a radio communication system.
PRIOR ART
[0002] A prior art alarm system for handling jamming situations is dis- closed in EP2541518. A first alarm installation is arranged to supervise a second alarm installation and to monitor radio signals exchanged in said sec- ond alarm installation. Absence of monitored radio signals will result in the generation of a jamming alarm signal. It should be noted that if communica- tion between a peripheral device and a gateway in either alarm installation is interrupted during a longer time period, such as several minutes, a supervi- sion alarm can be generated in that alarm installation.
SUMMARY OF THE INVENTION
[0003] In accordance with a first aspect there is provided a method of de- tecting radio disturbances in a radio communication system comprising a gateway device and a peripheral device, each arranged to send radio signals to and to receive radio signals from the other. The method comprises
i. measuring the power level (Pm) of separate information seg- ments of the radio signals received by one device from the other device,
ii. determining a statistical value (Pd) of measured power level values,
iii. comparing a selected measured power level with the statisti cal value, and iv. producing an alert signal, indicating a radio disturbance, if the difference between the selected measured power level and the statistical value exceeds a threshold.
[0004] As a result, more sophisticated jamming methods can be detected, and a jamming alarm can be set, should jamming attempts be made. A jam- ming alarm can comprise generation of an alarm signal in premises where the radio communication system is installed and/or forwarding an alarm sig nal to remote central monitoring station where further steps for managing the situation can be taken. The method will provide a higher security in detecting sophisticated targeted jamming attempts in radio communication systems in general and on alarm systems specifically, even where a jamming signal dis- turbs or destroys specific information segments exchanged in radio commu- nication.
[0005] The disclosed method can be used in a home wireless communica- tions system comprising a plurality of wireless nodes including a first gateway at least one wireless peripheral device and, in some installations, at least one second gateway. The home wireless communications system forms an instal- lation that can include a conventional home security system that comprises at least one wireless alarm detector and at least one gateway. If any of the de- vices or nodes fail - some action is taken, such as notifying the home owner or triggering a tamper alarm. The tamper alarm can comprise generation of an alarm signal in premises where the radio communication system is in- stalled and/or forwarding an alarm signal to remote central monitoring station where further steps for managing the situation can be taken.
[0006] A home wireless communications system in general can be any type of wireless system comprising a plurality of peripheral wireless nodes, such as an intruder alarm, and a central unit. Specifically, it can be a security system having a plurality of wireless detectors, sensitive to the presence or passage of persons and objects, communicating with a central unit such as a gateway using wireless communication.
[0007] Intentional radio disturbance measures or interference can be caused by a radio jammer that is a device that deliberately blocks, jams or interferes with authorized wireless communications. In some cases, jammers work by the transmission of radio signals that disrupt communications by de- creasing the signal-to-noise ratio. The concept can be used in wireless data networks to disrupt information flow. Jamming is usually distinguished from interference that can occur due to device malfunctions or other accidental cir cumstances. Some kinds of unintentional 'jamming' exist. One form occurs when an operator transmits on a busy frequency without first checking whether it is in use, or without being able to receive signals from stations us- ing the frequency. Another form of unintentional jamming occurs when equip- ment accidentally radiates a signal of a frequency that will disturb communi- cation using that frequency.
[0008] One application of home wireless communications systems is alarm systems. Security and alarm systems used today normally comprise a control panel and a gateway that is connected to a central station, either by a tele- phone line or by a wireless telecommunications system such as GSM or other radio frequency systems. The connection can also be through the inter- net. The control panel can be provided with an input device or be activated and controlled by a control device such as a keypad which can be a wireless remote device.
[0009] In digital communication systems using packets, sophisticated jam- ming methods include packet sniping that will destroy communication be- tween gateways and peripheral devices without raising the background noise continuously. A packet sniping jammer normally would incorporate an intelli gent receiver chain and listen for packets or power in the air during digital wireless communication. In this context, a packet comprises a dataset of pre- amble, sync-word, payload and cyclic redundancy check (CRC). Once the start of a packet is detected the jammer may emit a short surge of power last- ing only a fraction of the packet length (the actual length would be based on the protocol being jammed, if for instance error correctional coding is used more bits would have to be jammed to ensure a destroyed packet). This would destroy one or a plurality of bits somewhere in the packet causing the packet to, for instance be ignored due to destroyed sync word, be filled with complete nonsense or fail cyclic redundancy check (CRC). [0010] In various embodiments, the power of the incoming signal is contin- uously measured and changes in that power are detected in a detector. By measuring the energy per bit of the received bit stream it is possible to detect step changes, both positive and negative, that would arise from packet snip- ing. The continuous measurement of power could be done at any suitable po- sition in the receiver chain. The measurement is done with a sufficiently high bandwidth (the power measurement speed should be in the order of the bi- trate of the received signal). Depending on the receiver architecture the power measurements could be done by measuring the power of the incoming signal in relevant radio receiver parts, such as the Automated Gain Control (AGC), the Intermediate Frequency Amplifier (IF AMP) or the Analog to digi- tal converter (ADC). The power measurement can also be made by measur- ing the level of the digital IQ data. In practice, different measurement meth- ods are used depending on receiver architecture.
BRIEF DESCRIPTION OF THE DRAWINGS
[0011] Non-limiting embodiments of the invention will now be described with reference to the figures in which:
Fig. 1 is a schematic view of an installation of a home wireless system, Fig. 2 is a schematic diagram showing power of a received radio signal in a simple jamming situation in the time domain,
Fig. 3 is a schematic diagram showing power of a received radio signal in the time domain where a jamming signal is generated by a sniping jammer in a more sophisticated way,
Fig. 4 schematically shows signal measurements of the signal shown in
Fig. 3,
Fig. 5 is a schematic diagram showing an analogue type receiver compris- ing one embodiment of a detector in accordance with the invention,
Fig. 6 is a schematic diagram showing a digital type receiver comprising one embodiment of a detector in accordance with the invention, Fig. 7 is a schematic diagram showing one embodiment of a detector in accordance with the invention,
Fig. 8 is a schematic diagram showing a typical installation including two communication units comprising a detector in accordance with the invention,
Fig. 9 is a table showing part of a correctly received bit stream package and corresponding energy levels, and
Fig. 10 is a table showing part of a received jammed bit stream package and corresponding energy levels.
DETAILED DESCRIPTION
[0012] Fig. 1 shows a home wireless system installed in a building 10. The home wireless system is an alarm system installation and comprises a plural- ity of wireless peripheral nodes including wireless peripheral devices, a first gateway 12 and a second gateway 12’. The second gateway 12’ is mains powered and normally is not provided with battery backup. One wireless pe- ripheral node is a first infrared detector 14 mounted in the corner of a room close to the ceiling. The first infrared detector 14 has a sensing area that co vers the first gateway 12. A first perimeter alarm detector 16 is mounted at a window 17 in the same room. The infrared detector operates in a conven- tional manner to detect presence and movements of objects emitting infrared radiation. The perimeter alarm detector also operates in a conventional man- ner to detect when a door or a window is opened. In various embodiments the perimeter alarm detector comprises a magnetic sensor that will detect when a magnet attached to the door or window is moved.
[0013] Second gateway 12’ is arranged in a second room separated from the room where the first gateway 12 is arranged. A second infrared detector 14’ is mounted in the same room as the second gateway 12’ to cover it within its operative area and a second perimeter alarm detector 16’ is mounted at a second window 17’ in the same room. A keypad 19 is mounted close to a front door 20 of the building 10. The keypad 19 is used by an operator of the alarm system to arm and to disarm the alarm system. The keypad 19 also is a wireless peripheral node. The front door 20 is covered by a third perimeter alarm detector 21. Another type of wireless peripheral device is a smoke de- tector 23 mounted in the ceiling of building. In various embodiments a plural- ity of smoke detectors 23 are arranged throughout the building 10 to ensure that fire can be detected at an early stage.
[0014] Depending on different circumstances the first gateway 12 and the second gateway 12’ are connected to a remote central monitoring station 22 either through a wired connection 24 or through a wireless connection such as GSM or a similar digital cellular network 34. The connection to the remote central monitoring station 22 can also be through the internet 26. In the em- bodiment shown in Fig. 1 , internet connection is provided through a wireless router 32 that is connected to internet by fibre, cable or Digital Subscriber Line, such as ADSL. In the embodiment shown in Fig. 1 second gateway 12’ is connected by wire 33 to wireless router 32. The wired connection 24 can be part of a public switched telephone network 25. In various embodiments the remote central monitoring station 22 comprises an interface module 27, a database 28 and a web server 29. The database 28 stores installation and application data relating to the installation including all wireless network nodes and alarm settings.
[0015] The first gateway 12 is capable of communicating with the second gateway 12’ because of the more powerful radio transmitting units even though some peripheral nodes cannot. By placing gateways strategically within a building, it is possible to guarantee that every peripheral node has an adequate RF link with at least one gateway. As long as each gateway can communicate directly with at least one other gateway and directly or indirectly with all of the other gateways, the installation will function properly. To achieve full redundancy the installation should include enough gateways for every peripheral node to be able to communicate with at least two gateways.
[0016] An installation such as the alarm system shown in Fig. 1 holds a large amount of dynamic state information, such as arm state, alarm status, peripheral battery status, etc. in a total system state information dataset. Similar information is stored also in other types of home wireless systems. Each gateway or controller continuously receives inputs from different au- thenticated sources such as peripheral nodes, a RCMS, adjacent systems, etc. that affects a distributed state of the application or system.
[0017] In various embodiments, a second gateway can utilize the RF com- munication link of another gateway for tunnelling messages to a remote cen- tral monitoring station (RCMS). For example, if the second gateway up-link to RCMS is very slow or unreachable, or has a higher cost, another gateway up-link can be utilized.
[0018] The schematic diagram in Fig. 2 shows power levels of received ra- dio signals in a jamming situation in the time domain where a jamming signal 40 is transmitted as noise. Message signals 42 received at a power level PA are concealed or at least not fully readable when a noise level PN extends above message signal level PA. When a jamming situation as shown in Fig. 2 is detected in prior art systems a jamming alarm can be generated.
[0019] The schematic diagram in Fig. 3 shows a jamming situation in the time domain where a jamming signal is generated by a sniping jammer in a more sophisticated way. A sniping jammer normally comprises a more intelli gent receiver chain and will listen for message signals 42 or power in the air. Once a message signal 42 such as a packet is detected the jammer emits a short surge 43 of power at power level PN lasting at least and normally only a fraction of the packet length. The actual length normally would be based on the protocol being jammed. If error correctional coding is used more bits would have to be jammed to ensure a destroyed packet. This would destroy one or a plurality of bits somewhere in the packet causing the packet to, for instance be ignored due to destroyed the sync word being destroyed, be filled with complete nonsense or fail cyclic redundancy check (CRC). Flow- ever, these effects are not automatically detected as a jamming situation.
[0020] The diagram in Fig. 4 illustrates a situation starting with receiving a normal radio signal during four consecutive time periods, each time period Tn including one information segment. In the signal format used in Fig. 4 one in- formation segment extends over a time period of Tb. The power level value of each time period is referred to as Pm. There is normally a variation of the received power values Pm over time. A statistical value Pd of measured power levels Pm is continuously determined based on power levels of previ- ously received information segments. In various embodiments, Pm is meas- ured over a limited time period Tm, such as 1 s.
[0021] A basic statistical value is a mean value as indicated with a dashed line in Fig. 4 indicates that the received power level may vary up and down over time. The mean value is continuously determined based on power levels of previously received information segments or determined continuously for each information segment. In various embodiments, the statistical value is the standard deviation of a set of or all power level values Pm. The set of power level values can be based on a plurality of values, values measured over a time period, or all or a subset of values of a specific information seg- ment.
[0022] At time tj a jamming signal 44 is broadcast and received during a time period where an information segment also is broadcast. The jamming signal 44 has a power level Pj which is different from the power level Pm of the information segment and also different from the mean value Pd. Power level Pj is greater than the mean power level. The difference is Pe. If the power level Pj deviates more from the mean value or the statistical value than a reference or threshold value power level Pj is determined to indicate that intentional or unintentional radio disturbance measures have occurred.
As a result, an alarm signal is generated. The threshold value can be two to five times the standard deviation or preferably around three times the stand- ard deviation.
[0023] A detector 44 for detecting intentional or unintentional radio disturb- ance measures is connected to an appropriate location in a receiver chain where the measurement can be done with high enough bandwidth (the power measurement speed should be in the order of the bitrate of the received sig- nal but any bandwidth allowing for more than one measurement per infor- mation segment will be usable). The exact location depends on the receiver architecture. The detector will produce an alert signal when intentional or un- intentional radio disturbance measures are detected.
[0024] In an analogue receiver as shown in Fig. 5, an antenna 46 is con- nected to a Low Noise Amplifier (LNA) 48 in a conventional manner. An out- put of LNA 48 is connected to a mixer 50 mixing the amplified signal with an adjustable frequency signal from an oscillator 52. The mixer is connected also to an Intermediate Frequency stage with an amplifier (IF AMP) 54, an output of which is connected to a filter 56 in a conventional way.
[0025] In the embodiment shown in Fig. 5, IF AMP 54 comprises an Auto- matic Gain Control (AGC) 58. In various embodiments, AGC 58 generates a signal that is indicative of the power of the received signal. The generated signal is sent to detector 44 through an output of AGC 58 that is connected to detector 44. An output of filter 56 is connected to an analog-to-digital con- verter (ADC) 60 providing a bitstream of digital data and a power level output. The power level output is connected to detector 44. A signal at the power level output is indicative of the power of the received signal and thus can be used for detecting intentional or unintentional radio disturbance measures.
[0026] In a digital receiver, as shown in Fig. 6, antenna 46 is connected to LNA 48 in a conventional manner. The signal amplified in LNA 48 is pro- cessed in ADC providing a bitstream of digital data and a power level output. The power level output is connected to detector 44. A signal at the power level output is indicative of the power of the received signal and thus can be used for detecting intentional or unintentional radio disturbance measures.
[0027] The basic components of an embodiment of a detector 44 in ac- cordance with the invention are shown in Fig. 7. Detector 44 could be physi- cal device or be software implemented. A power level detector 62 is con- nected to an appropriate position in a radio receiver to continuously detect a power level signal indicative of the power of information segments in a radio received signal. A bit-clock detector 63 is connected to an appropriate posi- tion in a radio receiver to continuously detect a bit-clock to provide basis for synchronization. Values of power levels are processed by a processing unit 64 and stored in a memory unit 66. In various embodiments, the processing of power levels comprises calculating at least one statistical value. Normally, a mean value of power level values is continuously calculated.
[0028] In various embodiments, power level detector 62 is connected to an appropriate position in a radio receiver to continuously detect a power level signal indicative of the power of separate information segments in a radio re- ceived signal. Detector 44 can be used also to measure continuously power of a received package of data and to detect if any steps in power should oc cur. As soon as the start of a package is detected an evaluation of power starts. Regardless of bit synchronization an alarm will be generated, should there be a positive or negative power step.
[0029] The processing further comprises repeatedly comparing a present value of the power level of at least one information segment of a received signal with said statistical value. When a present power level value, or a set of recently received power level values, differs from the statistical value by more than a threshold value intentional or unintentional radio disturbance measures is considered to be present. When the processing results in detect- ing intentional or unintentional radio disturbance measures processing unit 64 instructs an output unit 68 to produce an alert signal and to forward the alert signal to a central unit, as described in more detail below.
[0030] A basic installation of a radio system is shown in Fig. 8. This em- bodiment relates to a home alarm system comprising first gateway 12, sec- ond gateway 12’ and at least one wireless peripheral device, such as an in- frared detector 14. First gateway 12, second gateway 12’ and infrared detec- tor 14 all communicate using radio communication. At least one gateway is repeatedly communicating with remote central monitoring station 22 as dis closed above. A sniping jammer device 70 has been moved to a position where radio signals in the installation can be received and radio disturbance measures can be taken.
[0031] First and second gateways 12, 12’ comprise first communication units 72 and second communication units 74. First communication units 72 is used for communicating with remote central monitoring station 22 either through a wired connection 24 or through a wireless connection such as GSM or a similar digital cellular network. The connection to the remote cen- tral monitoring station 22 can also be through a wired connection, such as a public switched telephone network or the internet.
[0032] Second communication units 74 is mainly used for communication within the installation between gateways and between gateways and periph- eral nodes. Each gateway is controlled by a central unit 76 and comprise a power unit 78, normally a battery. At least one gateway is provided with a de- tector 44 continuously monitoring radio communication received in the gate- way. When detector 44 detects intentional or unintentional radio disturbance measures in the radio communication system an alert signal is transferred to central unit 76. An alarm signal then can be generated in the gateway and forwarded to the remote central monitoring station 22 in an appropriate way.
[0033] By combining the power data with the continuous bit stream, it is possible to detect intentional or unintentional radio disturbance measures. The table in Fig. 9 describes a part of a correctly received package with the bits as“1” and“0” in the top row and the energy level as“A” to“Z” in the sec- ond row. In the table in Fig. 10 a packet sniping activation is present. Higher energy levels during packet jamming are indicated with a V resulting in a dif ferent and disturbed bit stream.
[0034] A step in power would be easily detected and by pairing the power step with the bit pattern before and after the power step it can be determined that there was a package en route to the receiver that was sniped. The snip- ing detection could also be solely based on short changes in power if the re- ceived bit stream ignoring the packet recognition factor although this would most likely cause some false alarms since neighboring systems and other RF protocols could be mistaken for snipers.
[0035] If the method is run on two independent receive paths (for instance in systems with Rx diversity or receiver antenna switching) it would also be possible to detect snipers trying to mimic the power level of the received sig nals in order to mask the sniper. This kind of jammer would have to be very sophisticated and know the location of the receiver, the transmitter and its re- lation to both. It would also have to have detailed knowledge of the receiver RSSI in relation to the transmitter. The signal from the sniper would not be received with the same intensity on both receivers and even if the sniper was perfectly power matched to one the receivers it would be out of phase and power with the other.
[0036] In various embodiments, calculating the statistical value comprises calculation of a standard deviation of power level values of separate infor- mation segments. By using the standard deviation situations where the power levels normally vary can still be handled without producing too high an amount of faulty alert and alarm signals. If a present power level value devi- ates more than three times the standard deviation it is very likely that inten- tional or unintentional radio disturbance measures have been taken. It is pos- sible to use also a threshold of twice the standard deviation or equal to the standard deviation to produce the alert and alarm signal.
[0037] While certain illustrative embodiments of the invention have been described in particularity, it will be understood that various modifications will be readily apparent to those skilled in the art without departing from the scope and spirit of the invention. Accordingly, it is not intended that the scope of the claims appended hereto be limited to the description set forth herein but rather that the claims be construed as encompassing all equivalents of the present invention which are apparent to those skilled in the art to which the invention pertains.

Claims

1. A method of detecting radio disturbances in a radio communication sys- tem comprising a gateway device and a peripheral device, each arranged to send radio signals to and to receive radio signals from the other, the method comprising the steps:
i. measuring the power level (Pm) of separate information segments of the radio signals received by one device from the other device, ii. determining a statistical value (Pd) of measured power level values, iii. comparing a selected measured power level with the statistical value, and
iv. producing an alert signal, indicating a radio disturbance, if the differ- ence between the selected measured power level and the statistical value exceeds a threshold.
2. The method of claim 1 , wherein the selected measured power level is the power level of at least one information segment of the received radio signals.
3. The method as claimed in claim 1 or claim 2, wherein said radio signal transmitters and said radio receivers are communicating with information di- vided into a plurality of information segments and each of said information segments is communicated for a time (Tb) where said statistical value (Pd) and said power level values (Pm) are repeatedly updated.
4. The method as claimed in any of the preceding claims, wherein said sta- tistical value (Pd) is the standard deviation and the threshold value is plus mi- nus three times said standard deviation.
5. The method as claimed in any of the preceding claims, wherein said radio communication system is a home alarm system.
6. The method as claimed in claim 1 , wherein said statistical value (Pd) is the mean value of power level values (Pm) over a predetermined time period (Tm) and the threshold value is plus minus two to five times of said mean value.
7. The method as claimed in anyone of the preceding claims, wherein the power level signal is obtained at a bandwidth corresponding to an order of separate information segments in a radio signal received in said receiver.
8. The method as claimed in anyone of the preceding claims, further corn- prising measuring power of an incoming radio signal to a radio receiver at an Automated Gain Control (AGC) unit of the receiver.
9. The method as claimed in anyone of claim 1 -7, further comprising meas- uring power of an incoming radio signal to a radio receiver at an analogue to digital converter (ADC).
10. The method as claimed in anyone of the preceding claims, further corn- prising measuring receiving the power level signal in said radio signal re- ceiver of the gateway.
11. A detector (44) for detecting radio disturbances in a radio communication system comprising a gateway device and a peripheral device, each arranged to send radio signals to and to receive radio signals from the other, wherein the detector (44) comprises:
a power level detector (62),
a processing unit (64) operatively connected to the power level de- tector (62),
a memory unit (66) storing a plurality of statistical values of de- tected power levels, wherein said processing unit (64) is arranged to:
i. measure the power level (Pm) of separate information segments of the radio signals received by one device from the other device,
ii. determine a statistical value (Pd) of measured power level values, iii. compare a selected measured power level with the statistical value, iv. produce an alert signal, indicating a radio disturbance, if the difference between the selected measured power level and the statistical value exceeds a threshold.
12. The detector as claimed in claim 11 , wherein the power level detector (62) is connected to an analogue to digital converter (ADC) of the radio signal receiver.
13. The detector as claimed in claim 11 , wherein the power level detector (62) is connected to an Automated Gain Control (AGC) unit of the receiver.
14. The detector as claimed in anyone of claim 10-13, wherein the detector (44) is operatively connected to the radio signal receiver of the gateway. 15. The detector as claimed in anyone of claim 10-14, wherein the detector
(44) is provided with a first input receiving power level of the power of sepa- rate information segments in a radio signal received in said radio signal re- ceiver, and with a second input receiving separate information segments in a radio signal received in said receiver.
PCT/EP2018/084261 2018-03-15 2018-12-11 A method and a device of detecting radio disturbances in a radio communication system WO2019174771A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
IL277244A IL277244B2 (en) 2018-03-15 2018-12-11 A method and a device of detecting radio disturbances in a radio communication system
BR112020018409-8A BR112020018409A2 (en) 2018-03-15 2018-12-11 A METHOD AND DEVICE FOR DETECTING RADIO DISTURBANCES IN A RADIO COMMUNICATION SYSTEM

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP18161928.9 2018-03-15
EP18161928.9A EP3540707B1 (en) 2018-03-15 2018-03-15 A method and a device of detecting radio disturbances in a radio communication system

Publications (1)

Publication Number Publication Date
WO2019174771A1 true WO2019174771A1 (en) 2019-09-19

Family

ID=61683625

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2018/084261 WO2019174771A1 (en) 2018-03-15 2018-12-11 A method and a device of detecting radio disturbances in a radio communication system

Country Status (6)

Country Link
EP (1) EP3540707B1 (en)
BR (1) BR112020018409A2 (en)
CL (1) CL2020002331A1 (en)
ES (1) ES2952840T3 (en)
IL (1) IL277244B2 (en)
WO (1) WO2019174771A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6229998B1 (en) * 1999-04-12 2001-05-08 Qualcomm Inc. Method and system for detecting in-band jammers in a spread spectrum wireless base station
EP2541518A1 (en) 2011-07-01 2013-01-02 Securitas Direct AB A method for supervising intruder alarm systems
EP2733853A1 (en) * 2012-11-19 2014-05-21 Gemalto M2M GmbH Method, device and system for detecting a jamming transmitter
EP3026835A1 (en) * 2014-11-28 2016-06-01 Gemalto M2M GmbH Method of detecting a jamming transmitter affecting a communication user equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6996373B2 (en) * 2002-06-18 2006-02-07 Nokia Corporation Base station

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6229998B1 (en) * 1999-04-12 2001-05-08 Qualcomm Inc. Method and system for detecting in-band jammers in a spread spectrum wireless base station
EP2541518A1 (en) 2011-07-01 2013-01-02 Securitas Direct AB A method for supervising intruder alarm systems
EP2733853A1 (en) * 2012-11-19 2014-05-21 Gemalto M2M GmbH Method, device and system for detecting a jamming transmitter
EP3026835A1 (en) * 2014-11-28 2016-06-01 Gemalto M2M GmbH Method of detecting a jamming transmitter affecting a communication user equipment

Also Published As

Publication number Publication date
ES2952840T3 (en) 2023-11-06
IL277244B1 (en) 2023-06-01
EP3540707C0 (en) 2023-08-02
IL277244B2 (en) 2023-10-01
BR112020018409A2 (en) 2020-12-22
EP3540707A1 (en) 2019-09-18
IL277244A (en) 2020-10-29
EP3540707B1 (en) 2023-08-02
CL2020002331A1 (en) 2020-12-18

Similar Documents

Publication Publication Date Title
EP1082827B1 (en) System and method for antenna failure detection
KR101841727B1 (en) Load short track inspection and operating systems, and methods of operation of the fire relay broadcasting equipment
US20070236358A1 (en) Smoke detector systems, smoke detector alarm activation systems, and methods
JP2011528201A (en) Device and method for disturbing a target signal
CA2834298C (en) A method and a system for supervising intruder alarm systems
US9148796B2 (en) Resilient antenna disturbance detector
EP3841675A1 (en) Security monitoring system and node therefor
EP3540707B1 (en) A method and a device of detecting radio disturbances in a radio communication system
JP2019036179A (en) Transmission system of disaster prevention facility
EP3543976B1 (en) A method for increasing specificity of jamming detection in a home alarm system
KR100927422B1 (en) Surveillance System Using Short Range Wireless Communication and Its Method
KR102295589B1 (en) Fire detection system
CN107170185A (en) A kind of security alarm method based on radio reception device, radio reception device
US11004316B2 (en) Systems and methods for responding to an abnormal event in a region monitored by a security system
KR101286567B1 (en) P type fire alarm control panel system capable of verifying false alarm and method thereof
KR102616365B1 (en) Fire detector
AU2020102097A4 (en) NIBT- Fire Detection : FIRE DETECTION AND NOTIFICATION USING IOT BASED TECHNOLOGY
JP7477282B2 (en) Alarm system
KR100661753B1 (en) wireless fire alarm apparatus for short distance
KR100669400B1 (en) The monitering system and method to detect a change of direction of the CCTV camera
EP3828849A1 (en) A security monitoring system
JP2001307262A (en) Disaster prevention system
KR100962031B1 (en) Apparatus for Automatic Report of the Scene of Fire and Method Thereof
JP2009015480A (en) Wireless receiver and emergency wireless notification system
JP2018136809A (en) Repeater

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18812190

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: 112020018409

Country of ref document: BR

ENP Entry into the national phase

Ref document number: 112020018409

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20200909

122 Ep: pct application non-entry in european phase

Ref document number: 18812190

Country of ref document: EP

Kind code of ref document: A1