Use the network binding to check if your router is reachable? On Wi-Fi the issue may be as simple as a microwave oven near a smart Wi-Fi device jamming the network.
Anything can become inoperableâŚ
Whats important is to make it as difficult as possible. Wireless are not difficult to jam. Wired are alot more difficult to mess around with.
But there is no reason you try to protect your household as if it was Forth Knox. In best case a buglar would enter the neigbour. In worse case, you´ve spend a fortune on something not really worth it.
Remember, if a buglar really wants to enter, he would not care about any security system at all, except human guardians perhaps.
So in a speak of security systems, you should always consider how much effort/money you would put into it. Make is as difficult as possible, (use noise, blinking lights, fog canon etc), it may scare the buglar from continuing his âworkâ, when he enters. But it wont prevent him from trying.
1 Like
Seems like many people overestimating what home automation means. OH can serve as security hub, but it has got logical restrictions as it is NOT professional security system by itâs design (and canât be one at all).
if you have OH as something suplemental to your overall security, then you are not concerned about jammed wifi ⌠I mean, seriously whomever is considering OH as security GW is NOT subject of thiefs which are using network jammers⌠get real.
Sorry to not have been sufficiently descriptive. My question arose from the discussion here about how a home security system can be defeated by a burglar using a jamming device to effectively shutdown a network linking sensors to a hub, thus enabling undetected entry.
As suggested by your response, a separate issue is how to deal with other network failure preventing notification; would it be common to have at least an alternate mode such as cell phone network?
It depends on the device you connect to openhab.
In general - If a device cant, then openhab probably cant either.
ButâŚ
Bruce´s suggestion by using the network binding to ping a device could be an option, if it´s a TCP/IP device.
Other devices can report as offline (or their main gateway can) if a device hasn´t responded within a given time. I suspect this is the Poll periode used in z-wave and zigbee devices.
1 Like
What is the differences between a proffesionel security system, and openhab?
1 Like
how internally comunicates and are driven
failsafe
redundancy
hardware-based (more specifically firmware-based) vs. software-based
and so on.
But I fail to understand howcome openhab cant do the same.
My limited view of âprofessionalâ security systems for homes includes:
- expensive
- not always reliable - monitoring staff may not react for various reasons, or may not understand situation at the residence
- may be vulnerable to interference with the link
Using a smart home system such as OpenHab seems to be a practical way to enable the resident(s) to become quickly aware of a possible security breach and to initiate some suitable action or actions. I also see no reason that one of those actions can not involve some type of external security service including commercial agencies and police, providing somewhat detailed information as to the situation.
I never said it canât.
but debating about jamming wifi is hilarious and absolutely off the table in relation of having OH as security gw.
(which btw I as a thief can solve by simply cutting off house from main power, why be bothered with jamming wifi)
â> which you canât do with even basic house alarms as they have multiple backup systems 
I find your response a little offensive and do not consider my inquiries as âhilariousâ.
Backups can be designed into any smart home system, and should be. Some are straightforward, such as alternate power for a hub, and ability to make a cell phone network call,
Our security system has backup power as well. It´s NOT a ârealâ stand alone proffesionel systemâŚ(Its not openhab either, but I do have a coupple of motion detectors connected to openhab, which is included in the security system. They´re both on a test stage). Its part of our IHC system, and its build for security as well as âIntelligent House Controlâ system.
In general - Any decent security system should have battery backup, otherweise its really pointless.
donât be offended by different opinions it will save you a lot of health.
If you are building failsafe OH security system, good luck. If it can be done? yes ⌠but. If it is worth? ⌠as only one system? no.
OH depends on other systems heavily, itâs a hub. You will end up relaying on bindings, protocols and systems which you canât really say they are bugfree/failsafe and so on.
For the basics, OH runs letâs say on linux as an app⌠config, wrong update, wrong firewall can destroy it at a flash, not to mention the hardware which is mainly not designed to run 24/7 for 20yrs and on batterypower if needed.
But at the end of the day itâs your solution, your security, do whatever you want to.
again, i never said it cant be done. But OH as a security hub is just not enough failsafe as you need to have. OH is an application on some hosting system and hardware which itself is not that simple to make failsafe enough for security usage. Not to mention bindings, protocols, networking and so on.
To provide an answer to your original question (by someone who knows very little about actually building or using a jammer and simply just knows OpenHAB) It is conceivable that a clever intruder could jam a zwave device and render these devices unable to communicate. It would also (in my opinion) be possible to detect such an event from within OpenHAB. I would guest a rule could be devised that could detect a zwave network becoming unresponsive and report that event.
That is the power of OpenHAB, a clever user can make OpenHAB do almost anything. Also, as with the discussion about detecting when someone enters the driveway using a video camera, you would use multiple devices to all reporting the same suspicious activity not just a single event.
Also the power of OpenHAB, tie all these device together, zwave network seems unresponsive, video cameras picking up odd things, so as Kim suggests, turn on the lights, play a recording of a dog barking real loud
Sort of but probably not in a way that you can extract the meaning that you are after.
If a device doesnât respond within a certain amount of time, many bindings will mart that Thing that represents that device as OFFLINE. But for a battery powered zwave door sensor, for example, it may need to be offline for a day or two before it is determined to be offline.
Itâs not like something can say âHey! Iâm being jammed!â Even if it could detect that, itâs being jammed, thereâs no way to report it. So without that all you can do to detect that itâs being jammed is the fact that itâs no longer talking, In which case, is that because it lost power, battery died, network malfunction, configuration error, âŚ?
The only way I can think of to detect jamming is if you have a separate jamming sensor, something can can detect the noisy and strong transmission and report that to OH (presumably through some other means and hopefully not wirelessly.
But ultimately and facility to detect jamming isnât going to be something OH provides. Itâs going to be something provided by the technology itself or some other technology. All OH provides is a way to receive and generate messages (i.e. events) between itself and devices using various (300+ at last count) technologies.
Probably nothing but they can also just assume that it is. If they have a jammer deployed they know that any device communicating on that same frequency is going to be unable to communicate with a hub as long as you are with in the documented range of the device.
They donât need to be certain. Itâs all about reducing their own risk. They are more than willing to accept a good deal or else they wouldnât be out breaking into houses in the first place.
Once the discussion starts to go down this path I need to reiterate kriznikâs post. OH is not an alarm system and it is not suitable to build an alarm system. You would be much better off getting a professionally designed and installed system that can interact with OH rather than relying on OH itself.
Also, as Pavel posted, the first task for anyone contemplating any such system is to iterate exactly what they want to protect from. âSecure all the Things!â rarely if ever results in a system that is actually secure or suitable for use. Dual modes of communication and such should only be considered if you have an identified Risk that is likely enough to occur that itâs worth the considerable cost and complexity to deploy it.
The rule of thumb is a device needs to miss two polling periods before it getâs marked offline. But the polling period doesnât apply to battery powered devices though. Battery devices wake up when ever they damn well please. 
In addition to what kriznik has listed:
-
They have been designed and installed by security experts (OK, maybe not installed all the time). People who know, have studied, and perhaps have degrees (or personal experience, e.g. ex-burglers) to understand what the actual threats are and how to mitigate them. Unless there are security system designers on this forum, none of us have the knowledge or expertise to identify the threats and vulnerabilities let along design adequate mitigations for them. As a case in point, the previous owners of my current house installed 2 deadbolts on all the exterior doors. Double secure, right? Well, not so much as there is a window right next to the door the burglars can easily break and undo the deadbolts, or just use the window itself. They spent the money securing the door and didnât actually address the actual thread very effectively. They only mitigated the risk a tiny bit, nowhere near enough to justify the expense of having two deadbolts on the door.
-
A DIY alarm system is not going to be professionally monitored. Many (most?) insurance companies in the US at least do not consider a DIY alarm system to be a ârealâ alarm system. In some areas, the police will not respond to calls, or not respond to calls with any sort of urgency if youâre not actually home and seeing the activity (e.g. if you call them and say that your motion sensors are going off theyâll say to call back when you know if someone has actually broken in). You may not care about this but the fact that an alarm system is monitored and can deploy the police is one of the key mitigations that an alarm system provides. Not having that greatly reduces the value such a system provides.
-
To reiterate some of kriznikâs list, there are no fail safes for OH. There is no way to create redundancy with OH for many technologies (anything that requires a USB dongle). You would be very hard pressed to design and build an alarm system as robust and well designed as a professionally designed system. OH was designed for that so there will be limitations there. RPis were not designed for that so there will be limitations there. And you (the generic you, not any one users here personally) do not have the knowledge, experience, or expertise to actually design such a system.
Jammers have a relatively limited range. The bad guys only need to jam the door sensor they are standing next to, not the entire network. They just need to jam it long enough to not report that the door was opened so it doesnât even need to be jammed for a long time.
At that point, how do you tell the difference between the sensor behaving normally, having a normal hickup, or being jammed? If you use a normal zwave polling period, it can be minutes to hours before you know that the individual sensors fell off the network, at which point itâs too late.
Without a special build sensor that is looking for and alerting when it detects an unusually strong or just noise on a given frequency, I donât think there is any way to detect jamming. At least not with what I know about WiFi, Zigbee, and Zwave.
2 Likes
Many thanks for your informed response. Security is clearly a complex challenge with many possible approaches, all of which can be subject to being defeated. As we know even very high-end systems have been breached. So it seems that with OH and similar systems, one can implement various capabilities and the result will be some range of probability that a given attack will be detected in a timely manner. Perhaps experience will improve the odds at an affordable price. I am encouraged by the statement on Zigbee Alliance web site: âWith the power of smart devices, you can keep your home secure even when you arenât home.â
âNot correctâ - is to use Sonoff like a rather serious security system. Rather serious - because in your model of dangerous you have rather clever thief, who knows about jamming. Sonoff``s detectors have 433Mhz protocol, and not stable to hack attack. Try to get out battery from detectors and get time when Sonoff say that it doesn`t see detector.
Traditional security systems tended to generate too many false alarms
It`s not true. Traditional security systems which deal in wrong way has a lot of false alarms. There are a lot of different security system with logic (for example: AND-OR).
My early thinking is that a smart home system should first alert the resident(s) whether at home or away and provide appropriate details.
It doesn``t wright in common case. For example:
- Your Internet provider is down and you doesn`t have any connection with your OH. For security firm lose connection is trigger to go to you home.
- Your sleep in vacation in foreign country (or you drunk after party and not at home). You get a trigger of you system. What can you really do? Nothing(
- Thief made a lot of fake alarms (for example jamming 433 or WiFi protocols). You will get tired to react to them, and will like in a fairy tale where the boy jokes âWolvesâ
Some form of escalation should be available if the resident does not reply in a timely manner or requests escalation.
What forms? You can ask friends, neighbors, relatives and other people. But what can they really do?
In technical side you can make heat-biting trigger from OH to Sonoff bridge. If OH doesn``t have response each 5 seconds - it`s alarm trigger. But all conception is suitable only for haphazard thief.
I hear what you´re saying, but I simply cant agree. (explain later when I answer Rich, as he has the same opinon).
Hmm I may have got this wrong, but I believe the polling periode is set in the coordinator/gateway. And if a device hasn´t responded within this periode, its set as failed/offlineâŚ
The problem is, this periode can/should be low enough, and setting it low will use alot of powerâŚ
(I think Chris mentioned something about the polling time once regarding z-ware or zigbee)âŚ
Anyway I would never rely on a wireless security systemâŚ
I agree, for experience the proffesionels are having a huge advantage. But thats all I can think of.
You´re example is a good example of showing how experience meet non-experience.
But as for the technical aspect, I see no differences at all.
US isn´t much different from Denmark in this matter. No insurance companies acknowledge DIY alarm systems either. But if you call the police telling them there is a buglar in your house, they will respond.
Problem is, no matter if it´s the police or a security company, the buglar will be long gone when they arrive. It takes just a few minutes to for a buglar to enter the house, steal whatever he came for, and leave the house again. Noone can prevent that.
You need to be more specific regarding this⌠What kind of redundancy do you mean?
Battery backup - easy to add to the Rpi.
Outgoing communication is easy as well. Either add a text/SMS module, (thats basicly what the proffesionel systems are using), or have a redudant internet line (mobile). Both can be added to an Rpi as well. There could be an issue with a OH binding, but thats mainly just a small software bumb on the road, cause it depends on internest and time only.
The Rpi is just an computer. How you play with it is all up to you. It´s not different from the computer inside a professionel system, beside the Rpi can do alot more stuff, as it´s not specificly design for one purpose only.
OH is a software which is highly capable of handling events. An alarm system is just a âsimpleâ event system. But it has been design for this purpose only.
And the âdesign for single purpose onlyâ is, in my opinion, the only reason why DIY systems are not acknowledged the same as proffesionels systems. Adding an open source software to this DIY will result in the barrier beeing alot bigger, mainly because people dont trust open source software like they do with commercial software⌠They feel they get a better quantee with commercial software. My opinion about that is not different. But I would not say a open source software cant be trusted either. It really dependsâŚ
Bottom line in this - You can make just as powerfull and stable security system with a Rpi and a event based software like OH, if you know how to. But you´ll never get the insurance compay to acknowledge it the same. They cant afford to risc the chances, even though they know, what you have build can be just as powerfull, or even more, than a proffesionel security system.
You can add a redundant internet connection⌠It´s piece of cake!
The police/security company cant do anything either.
The buglar will be long gone when they arrive.
Thats why I dont like wireless systems. Beside they´re battery driven, which means the devices has to have batteries exhanged. They´re also object for âjammingâ equipment.
It´s not worth it, in my opinion.
You can add a redundant internet connection⌠It´s piece of cake!
Not so easy.For example cord lines can down by switch off main power line (to switch off providers equipment). GSM line is down by jammer. In other side, its possible put other OH device to friends and ping owner OH for live.
The police/security company cant do anything either.
The buglar will be long gone when they arrive.
2-5 minutes is not enough to make a lot of problems.