Security systems used to monitor premises and determine if the premises has been breached or an alarm condition exists are well known in the art. These systems typically include a control panel, a systems communications medium such as a data bus, and a number of security devices located throughout the premises for performing a certain function in the system. Security devices typically include glass break sensors, smoke detectors, fire detectors, motion sensors, door and window opening sensors, etc. Security devices also include peripherals such as dialers, keypads, display consoles, RF transmitters and receivers, etc. The control panel is typically configured to communicate with the security devices to collect and send information with these devices, such as when a user enters a “system arm” code in the keypad in order to arm the control panel and the security system.
Due to increasing complexities in security device design and the interaction with the control panel, it has become necessary to use such devices that can operate properly and robustly under the conditions imposed by the system. In some cases, communications between a control panel and the security devices may be encrypted or otherwise secured to ensure that only authorized devices are used in the system. That is, if a security device that is not designed to comport with the rigorous standards of the system is attempted to be used with this type of system, it will likely not operate properly since it has not been programmed with the appropriate encryption methodologies. This is one methodology utilized to ensure that only authorized security devices are used in the system.
It is sometime desired, however, to implement a security system with a communications protocol that is not per se secure, i.e. one that is not encrypted and is sent in the clear. In the situations, it is desired to provide a method of authenticating a security device, both during installation as well as during operation of the system, to ensure that the device has been designed and programmed to operate specifically with the system. It is also desired to prevent someone from substituting a bogus or malicious device into a security system in an attempt to circumvent the security of the system (e.g. gain unauthorized entry). It is desired, therefore, to be able to determine if such a security device is unauthorized and therefore should not be allowed to operate with the system.