Security For Those Hard-To-Reach Places

• By Steven Titch
• May 06, 2008

In the summer of 2006, Phoenix was in the grip of two serial killing sprees. In both cases, victims were being targeted in outdoor areas. The first case, the Baseline Killer, involved eight rapes and murders near a stretch of Baseline Road at the southern edge of the city. The second case, known as the Serial Shooter, involved 36 random shootings -- six of which were fatal -- of pedestrians and bicyclists throughout the metropolitan area.

Using a mesh radio network from Firetide Inc. of Los Gatos, Calif., Phoenix police deployed discreet surveillance cameras as part of their investigations. In August, the Serial Shooter case came to an end with the arrest of two suspects. A month later, police arrested a suspect in the Baseline Killer case.

At the time of the arrests, police cited a combination of legwork, forensic investigation and tips from citizens as instrumental in the apprehension of the three suspects.

The department’s embrace of quickly deployable video surveillance technology also played a role, suggests Pamela Valentine, Firetide’s vice president of marketing, as it was part of a mandate by Phoenix law enforcement “to do what it takes” to catch the killers. Since then, Valentine said, remote video surveillance has become an important element in the department’s law enforcement efforts.

The explosion of interest in remote access and monitoring is a direct function of the growth of Internet Protocol (IP) networking in security. The open nature of IP and Ethernet allows for greater scalability. Free from proprietary jail, which often isolates security systems by application and limits their reach, networked security is encouraging users to place not just video cameras but access control systems and sensors, no matter how far-flung their locations, on a common wide area network.

While hard-wired techniques have not been overlooked, the IP trend has sparked interest in the use of various types of wireless techniques as cost-effective methods of extending surveillance and monitoring. Still, the quirky aspects of radio engineering, plus persistent questions about wireless reliability and bandwidth, force end users and integrators to consider carefully what type of radio network architecture might best serve their particular requirements.

“With microwave, whether licensed or unlicensed, there are issues as to line-ofsight, interference and weather,” said Benjamin Butchko, president and CEO of Butchko Security Solutions, a Houston-based systems integrator. “With mesh networks, you need to think about the geometric and geographic aspects.”

Wireless Confounds The Best

“Wireless is intrinsically unreliable,” said Cosimo Malesci, director of Fluidmesh Networks, a Boston-based manufacturer of IPbased mesh radio systems for video surveillance.

“You configure a network. Six months later someone puts in a [wireless] hot spot near your access point, and suddenly you have to go to a new frequency.” “It can take a couple of years to get comfortable with wireless,” Malesci added. “There are aspects to engineering that seem illogical to some not used to working in the wireless world.”

Indeed, rain, seasonal changes in foliage, nearby bodies of water and buildings can all affect radio performance. These variables have wireless vendors doing their best to differentiate their equipment.

A further complication is video. Mesh networking essentially was developed for use in municipal wireless networks using the 802.11 WiFi protocol for wireless Internet connection. Unlike a stand-alone access point—or hot spot—that might exist in a coffee shop, hotel lobby or corporate office and connect directly to a wired broadband Ethernet network, mesh networks are designed to relay a signal across a number of access points before reaching a wireline connection. So, at any given time, a hot spot in a mesh network may be backhauling traffic from other hot spots, as well as receiving signals from client devices within its own transmission range.

The advantage of mesh is that line-of-sight antennas are not required. Also, the number of potential transmission paths across the mesh allows for instant rerouting of signals should a hot spot go offline.

Bandwidth Congestion

The principal drawback of mesh networking is that greater amounts of bandwidth are consumed as radio connections hop from hot spot to hot spot. For example, a typical access point may be capable of handling 15 megabits per second (Mb/s).That’s fine if the devices are aggregately consuming 2 Mb/s. But in a mesh configuration, the same hot spot could easily start receiving another 2 Mb/s of traffic from a nearby access point in the mesh. Now it’s handling 4 Mb/s. It then might have to relay that 4 Mb/s of traffic to another hot spot in the mesh, which itself already might be handling 4 Mb/s from other users. That third hot spot is now at more than half-capacity, handling 8 Mb/s. Should it receive an additional 8 Mb/s from another hot spot in the mesh, it would have overfilled its available bandwidth. Data traffic would slow or stall as packets fail to get through.

Bandwidth use on PC Internet connections fluctuates enough that this rarely happens. But introduce bandwidth-intensive video surveillance applications to the mesh, and there is an instant congestion problem. That’s why most mesh networking vendors, while committed to standards that permit cameras and terminal equipment to plug-and-play, tout proprietary methods to manage bandwidth.

“We are a backhaul solution,” Michael Dillon, Firetide’s vice president of business development-municipal markets, said flatly. “We use all channels available to us.We can deliver 35 Mb/s across large environments and distances.”

After the experience with mesh wireless surveillance in the two serial murder cases, the Phoenix Police Department’s Drug Enforcement Bureau (DEB) began using Firetide equipment, deploying “covert meshes” in as little as two weeks to observe areas with a heavy amount of drug dealing. Because the wireless cameras were small and discreet enough to be hidden, the DEB often would mount visible dummy cameras to encourage dealers to group in spots that were under actual surveillance,Valentine said.

Phoenix’s covert surveillance became overt when the police deployed a 40-camera mesh system in downtown Phoenix for the week of Super Bowl XLII. Phoenix police managed the network and monitored video feeds alongside a second wireless mesh at the game site, University of Phoenix Stadium in suburban Glendale,Valentine said.

Firetide also supplies radios to Digitize Inc., Lake Hopatcong, N.J., which specializes in remote alarm monitoring. Enterprises and government agencies can use a Firetide mesh, controlled by Digitize’s 3505 alarm management system, to integrate alarms, sensors, VoIP call boxes and cameras over a “radio superhighway,” says Abraham Brecher, president of Digitize.

Once the mesh is in place, Brecher says applications integration is easy. IP sensors and cameras from different manufacturers will connect right to the radio network, which can use 802.11 or other protocols and frequencies (see diagram). “It’s all plug-in Ethernet. You don’t need to get the IT department involved.” Digitize, which claims 6,000 customers, will begin marketing its monitoring system with radio capability when it receives Underwriters Laboratories approval, which Brecher says is pending.

Avoiding WiFi

Fluidmesh, while also a mesh network vendor, eschews 802.11 for a proprietary transmission protocol. Regardless of the content, “802.11 will transmit packets the same way,” Malesci said.The Fluidmesh protocol “will look at what type of packets you are transmitting across the network [e.g., video, voice, data] and optimize the transmission. It doesn’t stack packets up.Therefore there is less latency, such as on pan-tilt-zoom commands.” Fluidmesh networks also run simultaneously on 2.4 and 5.1 to 5.8 GHz bands, minimizing the chances of interference problems.

Viewpoint CRM, a Lowell, Mass.-based solution integrator that operates a remote video operations center on behalf of a number of clients, is a Fluidmesh user. “We weren’t sold on wireless for a long time,” said Bill Reilly, Viewpoint sales manager. “It took some time before we found a product out there.”

Others aren’t as sold on the mesh concept. Ray Shilling, vice president of sales and marketing at AvaLAN Wireless, said he thinks the architecture is too complicated for a majority of installations and no matter what protocols or bit-shaping techniques they use, mesh networks ultimately run into the bandwidth constraint endemic to multi-hop transmission.

“You still face the fundamental laws of physics,” he said. Mesh network technology, he added, ultimately will give way to more efficient wide area radio solutions such as WiMax, which can transmit and receive longer-range, high-bandwidth radio connections over larger areas.

The AvaLAN approach, Shilling said, is designed for the lower two-thirds of the market looking for equipment that can connect quickly without fuss.

“Most products have a special interface and software drivers, require users to learn a new suite of management tools and sometimes require a course or manual,” he said.

The AvaLAN line of 5.8-GHz point-topoint line-of-sight and 900 MHz point-tomultipoint radios requires no networking or wireless skills. “All you do is plug it in and away it goes,” Shilling said. Sony and Axis both bundle AvaLAN radio gear with their cameras for wireless installation, he said.

Authentication Integration

AvaLAN installations include the U.S. Marine Station at Cherry Point, N.C. Cameras, as well as access devices such as entry keypads and card readers, have been combined on radio links, Shilling said. The station manages these remote security and surveillance tools from a central control center.At Cherry Point, access points require keypad code entry and identity authentication with biometrics.When an individual enters any gate at the base, authentication and video are transmitted back to the control center via radio using the Ethernet protocol. The authentication information is checked with information in the access control server.

Entry is then permitted or denied. The exchange takes place in .55 of a second. Servers also can be configured to automatically download information to each keypad or access point on a programmed basis, such as every 24 hours. In this case, the authentication data is resident on a chip in the remote device. The card or keypad access entry process is then reduced to 1/1000th of a second, a virtual instant, Shilling said.