Can I arm my ELK M1 from the Echo?

[gweempose]

I have a 994 with a Portal subscription and the ELK security module. I'd like to arm my M1 via the Echo. Is this possible?

[Teken]

I have a 994 with a Portal subscription and the ELK security module. I'd like to arm my M1 via the Echo. Is this possible?

 

That is such a terrible idea I don't even know where to start . . .

[gweempose]

That is such a terrible idea I don't even know where to start . . .

 

I can understand why it would be a bad idea to disarm the system from the Echo, but what would be the issue with arming it using my voice? How is that any different than arming it by pressing a button on one of my keypads?

[Teken]

I can understand why it would be a bad idea to disarm the system from the Echo, but what would be the issue with arming it using my voice? How is that any different than arming it by pressing a button on one of my keypads?

 

Firstly, my reply is geared toward security as the primary role and factor. Home automation and convenience doesn't even register in my head when talking about security.

 

With anything in life many things are a personal choice and people have to balance security vs convenience. People also need to weigh out the risk vs benefit ratio in the things they do in life and the system around them. Having said this lots of companies and individuals offer some kind of integration to existing alarm systems.

 

Many if not all of them are not certified to do so . . .

 

The ISY is not a security UL / cUL certified appliance never mind the Amazon Echo. The fact you would allow something not intended to have complete command and control of your homes security system opens you to real risks. These risks are not pie in the sky make belief things people spout off or could only happen in fairy tales.

 

If you have used the Amazon Echo long enough *Alexa* has often times misheard a phrase and done something unintended. It doesn't really matter if you never program the system to only have a *arm the house* etc. But not have *Disarm* or what ever phrase to the system.

 

The simply fact you open the door to the system will at some point bite you in the aszz. I know its all the rage to automate ones home that's why 99% of us are here!

 

But when I see, read, and watch people adding door locks, security alarm, fire control to appliances not endorsed, tested, certified, and field proven in their respective industry. I just have to shake my head and close my eyes knowing at some point something disastrous will happen.

 

A perfect example was a fellow who hired a so called master plumber to install ELK main line shut off valve. One would think the home owner and the so called master plumber would know this device should not, can not, be installed at the water main!

 

Why was this such a big deal you may ask?

 

Because in his specific county he has a fire sprinkler system. These stupid people installed the whole house water shut off valve before the water supply that feeds the fire sprinklers! And you guessed it the home had a fire condition and his house burned down to the ground.

 

To add insult to injury he voided any home owner insurance he had in place because it circumvented all the local laws, codes, and compliance rules that govern such a system.

 

You will probably notice many if not all security alarm companies that monitor ones home do not allow the end user to modify the system if the hardware is being leased, or is not fully paid for. This prevents people from making changes which could impact a false alarm condition etc.

 

Imagine you told the system via Echo control to arm the home in thinking it was but she ignored you for what ever reason. Then one night while you sleep thinking the home is fully armed when in fact it isn't and your home is broken into.

 

You either wake up beaten, killed, or God forbid your loved ones are raped or killed.

 

Its safe to say at this point (assuming) you had your head screwed back on and thinking straight. Would you be suing the alarm company, amazon, UDI, or God?

 

Security is not just a thing - its a concerted lifestyle and following basic rules and procedures.

 

Life is already too stressful why add in another layer where you have zero control over?

 

Ultimately, this is a personal choice you need to make and you need to consider is my families life worth the (real) risks in doing this?

[gweempose]

Thank you for the reply. You raise some very interesting and valid points. It sounds like you are ultimately against the very concept of the ISY's ELK security module, as you generally feel HA and security should be kept entirely separate. Is this the correct interpretation of your response? My thinking was that the ISY Portal is a relatively safe way to access the ELK system, since you don't even need to expose any of the ELK's ports outside the firewall. Perhaps I am being naive. 

 

As far as thinking the system was armed when it actually wasn't, this isn't something I am concerned about. All of my Echoes are located within earshot of my ELK speakers. I would have instant audible feedback from the ELK system itself every time the system is armed. I also have keypads all over my house which I can easily look at to view the status of the system.

[Teken]

Thank you for the reply. You raise some very interesting and valid points. It sounds like you are ultimately against the very concept of the ISY's ELK security module, as you generally feel HA and security should be kept entirely separate. Is this the correct interpretation of your response? My thinking was that the ISY Portal is a relatively safe way to access the ELK system, since you don't even need to expose any of the ELK's ports outside the firewall. Perhaps I am being naive. 

 

As far as thinking the system was armed when it actually wasn't, this isn't something I am concerned about. All of my Echoes are located within earshot of my ELK speakers. I would have instant audible feedback from the ELK system itself every time the system is armed. I also have keypads all over my house which I can easily look at to view the status of the system.

 

Speaking from more than 25 years in a related security field almost anything can be integrated. It really comes down to (IF) those systems are compliant and meet stringent national codes for fire, security, life saving devices.

 

The simple fact you even posed the question means you are open minded and like many of us want to make our lives easier and more enjoyable.

 

There is nothing wrong with this so long as you keep yourself grounded in the basics and what really matters. To go on a huge tangent almost all of my family members are a huge proponent of gun rights in the USA / Canada. But not one of them would ever allow a small child to hold, handle, and fire off a fire arm.

 

You can quickly Google a most saddening video where a so called trained fire arms instructor was at the side of a small child. He was given all of the proper training, teachings, etc yet the most basics were lost on these stupid people.

 

He was too small and the gun in his hands was too powerful and the end result is he killed the actual fire arms trainer in front of hundreds of on lookers.

 

Again, what is my point?

 

Yes, you can certainly teach anyone to handle and hold a fire arm. But should you really do such a thing when they are physically not capable of handling the fire arm properly?

 

No . . .

 

As you indicated (YOU) are aware of the system and how it operates etc. In any industry that has codes, laws, rules, procedures it is (ALWAYS) assumed anyone knows how something will operate with out for knowledge. You and I are gear heads and have our heads deep into technology - it doesn't mean your entire family is paying any attention to what you're doing and how its supposed to operate.

 

If you are the only person in this home the risks are much less and you can do pretty much what you like. Like the millions of people who are doing the very same.

 

I would ask you to consider a few things about the Amazon Echo and if your not aware of these facts you are now.

 

1. The system often times misunderstands commands.

2. The system is always in a state of flux and no maintenance warning or break fix is ever issued to the public.

3. Firmware on the system is pushed OTA (Over The Air) and you have no way to stop it. So features break, added, removed.

4. The system is completely cloud based and their is no SLA for uptime / restored service.

5. The system is not endorsed or certified to be used in a life and safety environment.

 

Now back to a related matter, certified, tested, validated, and properly designed & installed alarm systems will never require rebooting. The only time a system will be rebooted is if the system is being worked on or firmware is being updated.

 

You will never see a certified security alarm system require rebooting or become locked up baring a hardware failure. You will never see a ELK alarm system installed in any location outside of a residential install or those random places where the owner thought it was a good idea to install one.

 

Meaning you won't find a ELK Security Alarm system installed in a fortune 500 business, hospital, police, bank, military, the list goes on. 

 

Having said that many find the tight integration of the ISY Series Controller and ELK to offer great value and convenience. You will need to ask yourself is something nobody else uses in any other industry really what I need that was built and designed in 1990?  

 

Other related questions are why hasn't the company strived to meet all of the relevant and stringent UL / cUL certifications? Keeping in mind the bulk of the criteria is basic programming and how it behaves when posed with a fault / alarm condition.

[Scottmichaelj]

Don't listen to Teken. He's a blowhard and talks outta his...jk I have Alexa enable the security for my home for night (instant). Teken has valid points but at the end of the day you have to make the decision what works best for you and the level of security you need for you and your family. I don't see any reason not to since you opened the ISY/Elk connection, so why not be able to arm your system? Disarming is another story all together. Just my opinion on the subject.

[gweempose]

I figured it out. Once I played around wit it a little, I realized that it's actually pretty easy. I simply created a different program for each armed state, and inserted the corresponding arm command into the "Then" statement. Works like a charm!

[dantoronto]

I am also trying to arm ELK from ISY.  I can disarm but not arm.  I can use programs in ISY with IF's as to whether alarm is armed or not.  But I can't arm.  When I run "ARM STAY" from ISY, I get a "Failure to Communicate" on keypad.  In fact, in some cases, it has triggered a "panic alarm" which should be F1.  I am trying to create a program in ISY to ARM STAY which then allow me to trigger that program through Alexa.  Any suggestions or guidance?  Please make it simple, I am not a techie!!!  Thanks

[apostolakisl]

I am also trying to arm ELK from ISY.  I can disarm but not arm.  I can use programs in ISY with IF's as to whether alarm is armed or not.  But I can't arm.  When I run "ARM STAY" from ISY, I get a "Failure to Communicate" on keypad.  In fact, in some cases, it has triggered a "panic alarm" which should be F1.  I am trying to create a program in ISY to ARM STAY which then allow me to trigger that program through Alexa.  Any suggestions or guidance?  Please make it simple, I am not a techie!!!  Thanks

 

Can you arm/disarm from the ISY main console?

 

Perhaps try going to config/elk and hit refresh topology. 

 

I too have Echo set to arm system.  I see no security flaw in this.  I suppose if you had no keypads in your house to see the red light and just trusted that it happened, you might be trusting too much.  But I say "amazon trigger alarm on" and it turns on and I see red lights on all my keypads.  If you had no keypads visible you could easily write a rule in elk to do something when it becomes armed to confirm that it got the message.  Like send a text or chirp the siren or speak something or who knows what else.  

[AALARMS]

I have personally installed an ELK M1 in one of the largest gun factories in the world. I have installed them in drug testing facilities that store millions of dollars worth of reagents in freezers and fridges. We monitor temps and generator activities, I also log the high and low temps on a daily basis. Many of our installations are part of other automation systems, frequently the elk is needed to bridge gaps in the other controllers short comings. I have not tried the echo or any of the other voice devices, I personally have a very deep voice v rec not so good for me. But disarming would not be something you should not do unless their is a way to require you to say a disarm code or word. Many times I get jobs to assist folks when they can not properly set-up, program their systems. I would be very surprised if they are not used by a few Fortune 500 companies! I also service install and program HAI both products are awesome, though the elk has an entry point available to many more folks!

[btreinders]

I do use a disarm command from the Echo.  You have to say Alexa, turn on disarm the house password ...........   I am sure this isn't the most secure way of doing it since you do have to have your password stored on the Amazon Alexa smarthome settings page but I would think if your password for that site was strong you'd be ok.  I also have a program that can set off the Elk by saying Alexa, turn on panic.  It arms the system in stay instant and then simulates a door being opened.  I guess I could add that program to an else and when someone gets the password wrong it would trigger. 

[elvisimprsntr]

I can't believe people are still asking about and doing this.

 

If you don't mind, please place the Echo next to a first floor window and post a picture to Facebook the next time you are out of town. Make sure the picture has location information embedded in the photo so I can simply enter the coordinates into any maps application. I'll be sure not to leave any sign of forced entry so the police claim you left the door open and your insurance company denies your claim.

[Teken]

I can't believe people are still asking about and doing this.

 

If you don't mind, please place the Echo next to a first floor window and post a picture to Facebook the next time you are out of town. Make sure the picture has location information embedded in the photo so I can simply enter the coordinates into any maps application. I'll be sure not to leave any sign of forced entry so the police claim you left the door open and your insurance company denies your claim.

 

LOL . . .

 

Elvis, what did Spideys *Uncle Ben* say to Peter Parker?

 

 

With great power comes great responsibility  . . .

 

As I have stated many times just because you can do a thing - doesn't mean you should. This is why the whole home automation industry is quickly going down the toilet because consumers in general have no clue.

 

The rarest element in the multiverse is common sense . . .

 

I know its all the rage to say *Look what I can do* but the sad reality is none of these people have taken one second to understand the consequences of doing so. The very fact people come on to these forums and others bragging they have actually linked their security alarm system to un-certified appliance should give you pause.

 

The sad reality is until someone dies, injured, or what is more likely gets hit in the pocket book. These people in general will continue on this kind of silliness which truly defies logic! Then we have some random one time poster claiming an ELK system is being installed into a Fortune 500 company?!?!

 

Your freaking dreaming I say . . .

 

Voice control is turning into the same delusional toy as the self driving car. One only needs to Google the poor fool who ended up as a smear on the ground when he was run over by a huge semi trailer! Instead of *DRIVING* he was fooling around like an idiot and thus died!

 

The reality is twenty something million fools bought the pet rock back in the day. So, that must directly mean it was the right thing to do?!?!

 

 

Hey I just read about some guy who connected his echo to his security system. What a wonderful thing - I'm going to do the exact same thing because its so bitchen smart to do, too!

 

I'm just going to close my eyes and count to ten and wait for the fall out - because its coming.

[btreinders]

I can't believe people are still asking about and doing this.

 

If you don't mind, please place the Echo next to a first floor window and post a picture to Facebook the next time you are out of town. Make sure the picture has location information embedded in the photo so I can simply enter the coordinates into any maps application. I'll be sure not to leave any sign of forced entry so the police claim you left the door open and your insurance company denies your claim.

 

You can try, but without the password I am not sure how you'd do it.

 

So, do we need to petition ELK and UDI to remove the ability to do this?  I know that just because you can maybe you should not but why do they even allow it then?

[Teken]

You can try, but without the password I am not sure how you'd do it.

 

So, do we need to petition ELK and UDI to remove the ability to do this?  I know that just because you can maybe you should not but why do they even allow it then?

 

I'm not sure how you lay blame to something *YOU DECIDED* to do?!?! Its like blaming GM, Ford, Chrysler, Honda, Toyota, because some fool got drunk and thought it was a good idea to get behind a wheel drunk.

 

The fault lies with the automotive industry because they provided you the means to do so?!?

 

A gun maker is responsible for every fool who ever picked up a gun and killed someone?

 

Everything is a tool until its not . . .

[btreinders]

Well, gun manufactures do provide a safety.  Just saying, maybe the ISY should not have the ability to disarm the ELK since the ISY is not a certified alarm system.

[Teken]

Well, gun manufactures do provide a safety.  Just saying, maybe the ISY should not have the ability to disarm the ELK.

 

I'm sorry your missing the point - before any sort of voice integration was ever invented the system allowed a person to integrate their home automation with their ELK security panel.

 

Tens of thousands of people see great value in this as it offers unique features not found in competing products. Now, fast forward to the 2000's voice control is available to the masses. How did Amazon Echo (Alexa) ever make the connection to your security alarm system?!?

 

Magic?

 

Did you not have to sit down and setup, configure, and allow said voice appliance to connect to your system?!?

 

I am sure it wasn't magic was it?

[btreinders]

I see what you mean.  Anyway, a password in the command is better than no password so if the original poster wants to implement it, it is up to him/her.  I will have to think more about the consequences before I decide to remove the control or not.

[Teken]

I see what you mean.  Anyway, a password in the command is better than no password so if the original poster wants to implement it, it is up to him/her.  I will have to think more about the consequences before I decide to remove the control or not.

 

I can only speak for myself but truly believe if you and others just step back and think about the consequences. Lots of this will become self evident as to the risks vs rewards in doing so. As an aside, my replies are not specifically targeted toward you or anyone in this forum.

 

Its a global view and feedback offered to the public at large . . .

 

I can tell you from personal first hand experience that seeing a child crushed by a automated garage door opener, limbs being cut off because a table saw was connected to a timed program, and homes burned down to the ground because of an errant table cloth touching a hot element.

 

None of these examples are make belief - they are recorded in history of others not understanding their actions. 

[apostolakisl]

I can only speak for myself but truly believe if you and others just step back and think about the consequences. Lots of this will become self evident as to the risks vs rewards in doing so. As an aside, my replies are not specifically targeted toward you or anyone in this forum.

 

Its a global view and feedback offered to the public at large . . .

 

I can tell you from personal first hand experience that seeing a child crushed by a automated garage door opener, limbs being cut off because a table saw was connected to a timed program, and homes burned down to the ground because of an errant table cloth touching a hot element.

 

None of these examples are make belief - they are recorded in history of others not understanding their actions. 

 

I'm not entirely sure what your end point here is.

 

ISY and Elk shouldn't be connected?

Amazon Echo shouldn't be connected to an ISY?

ISY shouldn't have programs that respond to Echo?

ISY shouldn't have programs that respond to Echo and execute something on Elk?

 

Your examples above are true, mostly obvious situations where someone chose to do so something with a high probability of failure.

 

In short, life is all probability.  Whether you connect your Elk to ISY/Echo/Wahtever or not, there is always a probability of failure.  In short, once you connect your Elk to the internet, you have crossed the bridge of an internet hack.  I doubt that adding a link to ISY changes that probability in any realistically significant way.  Personally, I would avoid giving echo a path to disarm the system cause it seems like yelling at echo to disarm your system will at some point be heard by someone who will now be able to shut off your system too.  Once Elk is on the internet, adding an ISY link seems pretty trivial.  If you are so in desperate need of security, there are a lot more likely failure pathways having nothing to do with your automation connectivity.  The simple fact is, home alarms have response times of at least 10 minutes to cops there.  That is lots of time to get yourself killed/kidnapped, or get a bunch of stuff stolen.  And the bad guy needs nothing but a good kicking leg.  Circumventing a home alarm system would be easier to do by just showing up at the house with basic knowledge of how they are installed rather than trying to hack it through IP.

[Teken]

I'm not entirely sure what your end point here is.

 

ISY and Elk shouldn't be connected?

Amazon Echo shouldn't be connected to an ISY?

ISY shouldn't have programs that respond to Echo?

ISY shouldn't have programs that respond to Echo and execute something on Elk?

 

Your examples above are true, mostly obvious situations where someone chose to do so something with a high probability of failure.

 

In short, life is all probability.  Whether you connect your Elk to ISY/Echo/Wahtever or not, there is always a probability of failure.  In short, once you connect your Elk to the internet, you have crossed the bridge of an internet hack.  I doubt that adding a link to ISY changes that probability in any realistically significant way.  Personally, I would avoid giving echo a path to disarm the system cause it seems like yelling at echo to disarm your system will at some point be heard by someone who will now be able to shut off your system too.  Once Elk is on the internet, adding an ISY link seems pretty trivial.  If you are so in desperate need of security, there are a lot more likely failure pathways having nothing to do with your automation connectivity.  The simple fact is, home alarms have response times of at least 10 minutes to cops there.  That is lots of time to get yourself killed/kidnapped, or get a bunch of stuff stolen.  And the bad guy needs nothing but a good kicking leg.  Circumventing a home alarm system would be easier to do by just showing up at the house with basic knowledge of how they are installed rather than trying to hack it through IP.

 

You make lots of valid points - But, as you are more than aware by reading my past replies I am a strong believer in *Force Protection*. I don't rely on any electronics to offer me the physical barriers which directly translates to:

 

Time . . .

 

Time, is the only thing that will offer a person the means to react and do X vs Y.

 

I also don't connect my primary security alarm system to allow remote access, ever. As stated many times here and other forums - unlike many others I do not allow un-certified UL / cUL appliances to connect to my infrastructure, ever. I can't directly speak to (IF) a person should use an ELK system because I don't use or own one.

 

What I can tell you from personal experience and having hands on knowledge of many security related fields is. People are less concerned with real security than they are with personal convenience & integration. Generally speaking these are the very same people who believe its a good idea to tie a lock set to Alexa.

 

You and everybody else agree its not a good idea to have Alexa have voice command and control of the disarm function, why? Why would it be a bad idea to connect Alexa the same to a lock set, to unlock?

 

The answers are clear as to WHY.

 

As you noted others have tried and failed to integrate *Things* with a high probability of failure.

 

Why?

 

Because these same people have not taken the time to think about the outcome. These same people will come up with a thousands reasons as to what they did to avoid some kind of failure or compromise, why? Because as delusional as some of them are they innately know its wrong to do so - but ignore common sense anyways.

 

I shouldn't have to tell anyone that driving is a privilege and requires the driver to be a active participant in DRIVING! The very fact we are at a point where we must converse as to the WHY is not only comical but absurd in the Nth degree. The guy who died in that Tesla vehicle is just one perfect example of how out of touch humans are today.

 

People believe its OK to install Google devices into their homes and ignoring basic privacy, security, and legal ramifications of such.

 

Because humans these days are lazy, stupid, and inept - They only care about enriching themselves and damn anyone else. The fact we are having a civil discussion about the merits of integrating a unsecure device to vocally control something that is supposed to offer you protection is breath taking.

 

The Echo not only knows your IP address, knows exactly what you said via the V-card. But stores that same data in the cloud which if people don't think will be hacked one day are drinking too much Kool Air. The reality is something that could be used to be a powerful tool is becoming and (IS) being used as a toy.

 

I can tell you and everyone else reading this reply I have never helped anyone in the security industry install a toy. I have on the other hand helped people, companies, and industries access their risks, threats, and offer force protection elements to stave off or reduce those threats.

 

A security alarm system was not even on the top five things that needed to be done when solutions were offered.

 

Why??

 

Because no alarm system will save you from a 85 lbs dripping wet boy who kicked down your fragile door jamb. This same 85 lbs dripping wet boy is more than happy to sit around waiting and listening to people talk out loud to disarm their *Things* At some point people just need to back up, smell the coffee, and have a good head shake.  

[apostolakisl]

My point is. . . 

 

RELATIVE RISK

 

Connecting your security system to an IP backbone using standard encryption technology is  going to be way down that list of relative risk.  There are just SOOOO Many things you should be considering before that when it comes to security.

 

Doing obviously silly things with that IP connection is no different than doing silly non-tech things like leaving your key under your doormat.  It doesn't make the lock bad.

[Teken]

My point is. . . 

 

RELATIVE RISK

 

Connecting your security system to an IP backbone using standard encryption technology is  going to be way down that list of relative risk.  There are just SOOOO Many things you should be considering before that when it comes to security.

 

Doing obviously silly things with that IP connection is no different than doing silly non-tech things like leaving your key under your doormat.  It doesn't make the lock bad.

 

Yes, its about risks . . .

 

People are increasing their level of risk(s) by integrating said lock, alarm, to a voice activated device with out thinking. None of these people have stop to consider what is going to happen when they need to cash in that home owners insurance policy.

 

Because people are hell bent in abusing something the Insurance industry as a whole are going to react to denying said claims. Because they created the opportunity and risk to circumvent what normally would be a secure device. Its not my place to yell from the top of the virtual mountain and say *Don't do it*.

 

What I offer is real world feedback about the consequences of doing so . . .

 

People are free to do what ever they like as they have done so for hundreds of years before me. I was just sit on the side lines eating my pop corn shaking my head and probably laugh and cry at the same time when I read about some poor schmuck who lost everything because he lacked the common sense to do the right thing.

 

In this case, the lack there of . . .

 

Back on topic: If Amazon offered a voice recognition pattern update similar to face, retina, finger print. This would change the whole game and ball of wax. At this juncture none of this is being offered or certified to do so. Ultimately lots of this is a moot point because 99.99999999999999999999% of the people having an alarm system don't ever change the password anyways.

 

Never mind doing the other 99999999999999999999999 things that are standard industry best practices . . .

[apostolakisl]

First off, the only security system that works is the one that gets turned on.  The easier it is to use, the more it gets used.  While connecting your panel to the internet opens a small window of opportunity for those who might do you harm, it closes a huge hole that exists when you don't use the panel at all because it is inconvenient.  So to a purist, perhaps this is blasphemy, but in real life, it is what works.

 

 

But furthermore, I'm not sure you understand how this works.

 

1) Alexa does not get your alarm password

2) Alexa does not even communicate with your alarm

3) ISY communicates with your Alarm

4) IF ISY has no program on it to disarm the Elk, then there is nothing you can do to remotely trigger ISY to disarm it unless you actually hack into ISY

5) Even if you did have a program on ISY that disarms Elk, someone would have to know the ISY API and which program to trigger (Alexa would know this if you programmed Alexa to know it, which is why I don't)

6) Elk created the XEP and intends it to be used as it is being used in this example.

7) Anybody who owns a webpage you have ever gone to, knows your IP address, and if they were a store where you put your address to ship you something, then they know which IP goes with which physical address, nothing unique to Alexa/Amazon here.

If you use ISY portal, you don't even need to open any ports.

9) Professional Elk installers will open ports so they can manipulate your panel remotely, per actual Elk policy.

 

 

In short, Elk is a respected security platform and none of this stuff is a hack on the Elk, it is all as intended.

 

 

An insurance denial as you claim is quite unlikely for a homeowner.  Even if you actually gave out your password, like to your cleaning lady, on purpose, and she robbed you, your insurance would not be denied. Or if you didn't turn your alarm on at all, or you didn't turn your alarm on and didn't lock your door, your insurance would still cover you.  Home owners insurance does not stipulate precision use of UL listed security system to cover a homeowners policy.