Sirens call

Alarm systems alert people wherever they are


Vendors of notification systems will encounter agency customers who are well-informed about the needs of their organizations. Here are some things to be ready for.

Offer a service-level agreement, but not for guaranteed delivery times to recipients. For that leg of the journey, vendors are dependent on telecommunications carriers. You can, however, guarantee how quickly your customers' messages will get from your servers to the carriers.

Be prepared to explain how your system will support the agency's continuity-of-operations requirements.

Customers will be wary of billing policies they fear might saddle them with unnecessary expenses. They will think carefully about who needs to use the system, at what level of the hierarchy and when. Try to offer a pricing model that closely matches the customer's use.

Be sure your system has an acknowledgement mechanism, such as personal identification numbers, that meets agency security needs and policies.

Offer examples of alerts and templates to show that you use terminology appropriate to the customer's responder community. Some systems use law enforcement templates that might need modification.

The tragic shootings at Virginia Polytechnic Institute in April were only the most recent evidence of the need to transmit emergency alerts and instructions to thousands of people simultaneously. In the aftermath, government agencies have been taking a hard look at automated emergency notification systems.

Mass notification and alerting has other critical uses. The Air Force Reserve Command, for example, will use AtHoc's IWSAlerts to recall 30,000 reserve personnel within four hours when orders come down, using automated, text-to-speech voice mail. It replaces a phone-tree system that is a manual process, said Col. John Hayes, the command's chief information officer. "The system we ended up buying has up to 10 ways to contact people."

Other government and vendor sources say many agencies still use phone trees to alert first responders. It's an old-fashioned method that requires each person to phone the next one on the list. Participants don't always have clear directions on what to do if someone doesn't respond, and the tree can turn into low-tech spaghetti code. "It's very inefficient," said Lynn Churchill, chief technology officer at Invizeon, maker of CHAIN. The e-mail lists some agencies use are not much better, he said.

Churchill said a good emergency notification system has four major elements:
  • The ability to track recipients and the devices where they can be reached.
  • Permissions and rights management to specify who has authority to create and broadcast alerts.
  • Business rules to guide decisions about which device to try after the first one fails and help manage preconfigured responses.
  • Nuts-and-bolts technology to ensure connection to most of the devices that need to be reached.

List management is thus a key feature. Many vendors support Lightweight Directory Access Protocol and Active Directory. All the products I found typically default to self-service profile creation and updating, though most also allow administrators the option of doing it. Vendors say user profiles are a critical tool that must be updated regularly to reflect popular trends, such as the recent move among college students away from separate e-mail clients to e-mail delivered through Facebook, a popular social-networking Web site, said Gerald Baron, president and founder of PIER System.

"You really have to keep up with it ? you can't make assumptions," Baron said.

Having the right people in the room during the preinstallation design and
planning process can avoid surprises, said Don Rondeau, vice president of homeland
security at Alion Science and Technology Corp., of Reston, Va. Alion makes the Response Information Folder System (RIFS), an alert system with 3-D images of buildings and terrain. The company participates in the Virginia Safe Schools program and recently implemented RIFS at Hampton University. "Alion won't do it without having an academic person there who can say if kids bring their cell phones to class," Rondeau said.

"You have to be prepared to be unprepared," said Roy Stephan, director of cybersecurity at Intelligent Decisions, an Invizeon partner. That unpleasant reality argues for a solution that is flexible, he said.

The systems' greatest value comes from automating tasks normally handled, often imperfectly, by people. The benefit is significantly faster and more reliable communication. That was the experience of the Montana Department of Corrections when it implemented CHAIN last year. Invizeon wrote templates for alerts covering 30 common scenarios, a number that now exceeds 100.

Under the old system, officials at the state prison would call down a phone tree. Bill Slaughter, the department's former director who now works at Aquila-Vision, knew many people carried personal digital assistants, but the department had no way to reach them. CHAIN makes sure they get the message. "It's relentless," he said. "If you've got a beeper, it's going to just buzz off your hip. It can hit any of the devices law enforcement has."

Typical features

The primary medium of alert systems is the text message, which goes not only to PCs and PDAs but also to many cell phones, pagers, fax machines and Short Message Service devices. Some use text-to-speech software to convert alerts typed on a PC ? or from the text-enabled mobile device of an authorized sender ? to a computerized voice that reads the message to a phone or through a public-address system. Audio recordings can also be directed to devices with sound. But only a handful of vendors, including Invizeon and Twisted Pair Solutions, a vendor of interoperability software, can communicate with land mobile radio, the main tool of local responders.

Churchill said the text-based channels are critical to alerting what he calls "secondary responders" ? health departments and local emergency management officials who typically don't carry radios.

The field's one real standard is the Common Alerting Protocol, which defines a standard message format so disparate systems can talk to one another and the Federal Emergency Alert System while creating a common database of events that can be analyzed for suspicious activity. Churchill said it is a true standard that meets Homeland Security Department requirements.

The emerging frontier seems to be in generating alerts from monitoring devices, such as temperature sensors at nuclear plants, tsunami detectors, stress sensors on dams and door alarms at other high-value facilities. "More and more of the nation's critical infrastructure is embedded with sensors of every type," said David Todd, Invizeon's president and chief marketing officer.

For a successful implementation, Hayes cautioned against underestimating the amount of database work involved in managing user profiles, saying his information technology staff spent most of its time on it, despite hopes of saving time by importing from existing personnel and Active Directory databases. He recommended systems that can accept automated database feeds and allow remote updating via the Web. Hayes said he wonders if he should have allowed each facility to install IWSAlerts instead of centralizing the process. "We usually have to pick up the phone and work base by base to have their network operations centers open the right ports in their firewall," he said.

Baron strongly advised not ignoring the public-information component that follows an initial alert. "What's going to happen next?" he said. "You've just created a huge demand for information. People have a high expectation of interactivity ? they feel they should be able to ask a question and get an answer."

In 2003, DHS mandated as much when it called for an incident-management system that relies on joint information centers to unify communications from multiple responding agencies.

"The problem is, by the time you've set up a JIC, you're 24 hours into the event," Baron said. "How long does it take the news helicopters to fly overhead? That's when the story has to start to be told." So he advocates virtual JICs that let agencies collaborate electronically from their offices without losing time setting up a single physical site.

David Essex is a freelance technology writer based in Antrim, N.H.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above.

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.


contracts DB