Forums

Wired/Wireless Alarm Systems

Started by James Dabbs March 27, 2006
I'm looking for the communication protocol used between alarm central 
stations and their keypads.  Are these available, and if so, where would 
I go to look?

Also, is information available on "wireless" alarm systems?  E.g., how 
wireless door alarms, PIRs, etc. transmit data to the central receiver.

Any information would be helpful, specifications, licensing info, etc. 
I want to modify a product to communicate with these devices.
James Dabbs wrote:

> Also, is information available on "wireless" alarm systems? E.g., how > wireless door alarms, PIRs, etc. transmit data to the central receiver.
You can find information of public record in the FCC grant for the product in question. Anything beyond that will require industrial espionage or reverse-engineering.
"James Dabbs" Wrote:-

> I'm looking for the communication protocol used between alarm central > stations and their keypads. Are these available, and if so, where would I > go to look? > > Also, is information available on "wireless" alarm systems? E.g., how > wireless door alarms, PIRs, etc. transmit data to the central receiver. > > Any information would be helpful, specifications, licensing info, etc. I > want to modify a product to communicate with these devices.
You will not find the keypad to panel protocol for any professional commercial alarm system and I doubt any other either. If the protocol was freely available you would be able to create a keystroke logger by attaching a dodgy device to the data bus, log the access keys and hence be able to disarm and gain free access to the property. You could of course scope the bus and see if a valid fixed baud rate is apparent and attempt to go from there. Depending on system complexity this could be near impossible and at least very time consuming. As to how wireless detectors etc. communicate to the alarm panel this may or mat not be available, but you may still hit a brick wall (depending on the grade of system you use) in that all communication will be encrypted in some way to stop record & playback and brute force attacks on the system. I have never seen (even really cheap do-it-your-self systems) wireless systems without encryption & rolling code employed. Jim
In article <vfRVf.18396$S25.10089@newsread1.news.atl.earthlink.net>,
James Dabbs <jdabbs003@yahoo.com> writes
>I'm looking for the communication protocol used between alarm central >stations and their keypads. Are these available, and if so, where would >I go to look?
It depends where you are in the world or more to the point which country the system is used in or made in.
>Also, is information available on "wireless" alarm systems? E.g., how >wireless door alarms, PIRs, etc. transmit data to the central receiver. > >Any information would be helpful, specifications, licensing info, etc. >I want to modify a product to communicate with these devices.
You might find that doing so invalidates your warranty, insurance etc etc It might also make it illegal depending where in the world you are. Some places may only license it for use in a particular way. Changing it could leave you open to all sorts of things. -- \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ \/\/\/\/\ Chris Hills Staffs England /\/\/\/\/ /\/\/ chris@phaedsys.org www.phaedsys.org \/\/\ \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
Jim wrote:

> I have never seen (even really cheap do-it-your-self systems) wireless > systems without encryption & rolling code employed.
Commercially available systems do NOT use encryption of any kind on sensors. It is not necessary. Think what happens when you burst open a door and break in: the sensor sends an alarm to the panel. If you then close the door, that sends a restore for that zone, but it doesn't cancel the alarm. So a record/playback attack is of no use.
James Dabbs wrote:

> I'm looking for the communication protocol used between alarm central > stations and their keypads. Are these available, and if so, where would > I go to look? > > Also, is information available on "wireless" alarm systems? E.g., how > wireless door alarms, PIRs, etc. transmit data to the central receiver. > > Any information would be helpful, specifications, licensing info, etc. I > want to modify a product to communicate with these devices.
The concept sounds almost infintely stupid. That such a system can be disabled with some radio interference ? Rene -- Ing.Buero R.Tschaggelar - http://www.ibrtses.com & commercial newsgroups - http://www.talkto.net
Rene Tschaggelar wrote:

> > Also, is information available on "wireless" alarm systems? E.g., how > > wireless door alarms, PIRs, etc. transmit data to the central receiver. > > The concept sounds almost infintely stupid. > That such a system can be disabled with some > radio interference ?
Wireless alarm systems are extremely popular and work very well indeed.
"larwe" <zwsdotcom@gmail.com> wrote in message
news:1143541533.964261.309010@v46g2000cwv.googlegroups.com...
> > Rene Tschaggelar wrote: > > > > Also, is information available on "wireless" alarm systems? E.g., how > > > wireless door alarms, PIRs, etc. transmit data to the central
receiver.
> > > > The concept sounds almost infintely stupid. > > That such a system can be disabled with some > > radio interference ? > > Wireless alarm systems are extremely popular and work very well indeed.
Indeed. Especially if you are a radio amateur working on 433MHz and transmit legally with 100W at the same frequency (somewhere between 433.800 and 434MHz, with the most-fun frequency of 433.995MHz). You simply key the mike and all surrounding alarms, garage door openers and car locks cease to work. How daft must one be to design such systems that operate in the middle of a hamradio band. Meindert
Meindert Sprang wrote:

> > Wireless alarm systems are extremely popular and work very well indeed. > > Indeed. Especially if you are a radio amateur working on 433MHz and transmit
This is a locale-specific thing, 433MHz is a European alarm zone. 868MHz is a more popular frequency for Euro products. And in the US you're looking at 315MHz, 345MHz, 900MHz or 2.4GHz.
> 434MHz, with the most-fun frequency of 433.995MHz). You simply key the mike > and all surrounding alarms, garage door openers and car locks cease to work.
More typically they do not "cease to work", they report an RF jamming event causing annoyance to the homeowner. It is surprisingly difficult to saturate the receiver. I'm speaking there of alarm systems, which is where my experience lies - garage door openers and car locks, I'm not sure about - they are not designed with the same range requirements as wireless alarm systems.
On Tue, 28 Mar 2006 09:02:36 +0200, Rene Tschaggelar <none@none.net>
wrote:

>James Dabbs wrote: > >> I'm looking for the communication protocol used between alarm central >> stations and their keypads. Are these available, and if so, where would >> I go to look? >> >> Also, is information available on "wireless" alarm systems? E.g., how >> wireless door alarms, PIRs, etc. transmit data to the central receiver. >> >> Any information would be helpful, specifications, licensing info, etc. I >> want to modify a product to communicate with these devices. > >The concept sounds almost infintely stupid. >That such a system can be disabled with some >radio interference ? > >Rene
I have demonstrated to many a salesperson just how easy it is to defete wireless alarm systems. They may be conveniant, but that comes at a price! P.S. Does not matter what frequency you put them on as you can easyly build your own TX.