*iProtect™ Elevator integration

Technical Manual | TM-20210309-TP-22

iProtect Access / Security | Coupling | iProtect™ Elevator integration

This manual represents the knowledge at the above-mentioned time. TKH security works non-stop to improve her products. For the most recent technical information please contact your consultant or dealer.


Introduction 1

This document outlines the Elevator service within iProtect, detailing its purpose and configuration. Currently, this integration is compatible with the DOAS Mitsubishi Lift system.

1.1 Short Explanation

The TKH security iProtect integration enhances the security and destination control of elevators in your building. This system allows for restricted access to elevators and specific floors for cardholders, governed by time schedules and access rights.

For instance, a user may be granted access only to the ground floor and the 12th floor from 07:30 to 19:00.

The operation is straightforward: cardholders swipe their cards on the elevator reader located in the elevator call unit. The call unit then displays only the floors accessible to the user, or the user can enter the floor numbers to which they are entitled, depending on the type of call unit. In this integration, the iProtect software sends commands directly from the server to the elevator controller via the IP network, replacing the traditional relay method of connection.

The purpose of the elevator link is to transmit a command to the elevator controller when the following conditions are met:
a: access is granted (based on standard access rights)
b: the individual has the right to use the elevator
c: the reader has a call location and a recognized ID for the elevator controller

If all these conditions are satisfied, a message is sent to the elevator controller.

1.2 Schematic overview (user interface)

1.3 Schematic overview (technical)

 

1.4 Communication

Communication When Presenting a Card:
When a card is presented to a reader associated with a call location (provided access is granted), a message is sent to the Elevator Service indicating which node manager (Pluto) and reader the card has been presented to. The Elevator Service then gathers additional information based on the call location (linked to the reader) and the floor group (associated with the card). With this information, a Call Request is generated and dispatched to the Elevator Device.

If the Elevator Device processes the request, it sends a message back to the Elevator Service, which includes details about the elevator car in use, or an error message if an issue arises. This response is relayed back to the node manager, where an event is created to indicate whether the elevator call was successful or not, and this information is sent to the iProtect Server.

Communication for State Monitoring:
Each node manager with a reader linked to a call location transmits heartbeat messages every 60 seconds, detailing which readers are operating correctly. The Elevator Device is notified about the operational status of the access control system (iProtect). If the system is not functioning properly, the Elevator Device may enter calamity mode.

Additionally, the Elevator Device may also send heartbeat messages to the Elevator Service to communicate its connection status, which is subsequently relayed to the iProtect Server.


2 Elevator Service setup

2.1 License

To activate the iProtect Elevator service a special license is required:
· License number 1800: Smart Elevator control

2.2 Configuration

To create a new Elevator synchronization service, navigate to the Database Link form through the following menu selection:
Installation | Settings | Database Link.

To add a new Database Link, right-click in the tree view panel and select Add database link.

In the Database Link details form, choose Elevator call service as the database type, which will display the relevant details for this service.

You must provide a unique name for the service in the mandatory Name field and select the appropriate Elevator type parameter, specifying the manufacturer/type interface.

Additional settings will vary based on the selected elevator type.

2.3 Status

With the Active checkbox the elevator service can be started and stopped.

Functional state: information
· Service in calamity mode
· Service partly functional
· Service full functional


3 Elevator type Mitsubishi

3.1 General Mitsubishi

iProtect seamlessly integrates with the DOAS Mitsubishi Lift system through the ELSGW (Elevator Secure Gateway). Mitsubishi Electric’s DOAS system enhances the efficiency of multi-car elevator systems by intelligently allocating cars based on the floors that passengers select while waiting in the hall or lobby. This optimization significantly reduces both wait and travel times.

This integration allows for enhanced security and movement efficiency within the building by enabling access restrictions based on time schedules and specific floors.

The implementation supports a variety of features, including:

  • VIP traveling

  • Management traveling

  • Handicapped function (also referred to as disabled)

  • Non-stop calls

  • Elevator lobby calls

  • Entrance calls

  • Room calls

3.1.1 Security gate calls ELSGW version

The integration is tested with:
· ELSGW emulator V1.03
· ELSGW version
o Rom Name: GXSE501-AE
o Version: 1.00

3.2 Service

The elevator service operates under specific parameters for communication with the Node Managers (e.g., Pluto). This service utilizes the same certificate that is employed for the user interface.

  • IP address or hostname iProtect: The IP address of the iProtect server who communicate with the
    Pluto(’s)

  • Port :
    o Default: <443>

  • Use SSL: Checkbox determines whether SSL is used to encrypt the communication between the Pluto
    and iProtect.
    o default: <yes>

  • Allow self-signed: client allow self-signed certificate
    o default: <yes>

  • Allow insecure: client allow insecure server
    o default <yes>

  • Allow expired: do not check the expire date of the certificate.
    o Default: <yes>

  • Skip Server Cert: client skip server certificate hostname check
    o Default: <yes>

Ensure that when using a hostname, the Pluto device is configured with the correct DNS settings.

Starting from iProtect version 10.04, the SSL settings are now included within a secure communication type profile. When utilizing a custom iProtect certificate, please select the “less secure” option.

3.3 Remote server

The parameters in this panel determine what and how the connection is made with the ELSG controller.

  • Elevator controller status: Show the current status of the connection

  • IP address elevator controller: is the IP address of the Elevator controller (ELSGW)
    o default: <192.168.0.11>

  • Port: This is the port number that is used by the Elevator controller (ELSGW)
    o default: <52000>

  • Dysfunctional readers: whether we have to report to the elevator controller if one or more readers
    are not functional.
    o default: <do not report dysfunctional readers>

  • Multicast address:
    o default: <empty>

  • Security System Id:
    o default <1> (an reference number in the elevator controller)


4 Set up

A lifts group is a logical group of elevators that are next to each other. An elevator call applies to all these lifts.

Installation | Hardware | Elevator | Elevator group

Note:
An elevator group, called by Mitsubishi “banks” or Address device number
Supported by the ELSGW controller are Bank 1,2,3 or 4

Authorization group: Type: drop down list
· List of all the programmed authorization groups
Service: Type: drop down list
· List of all available elevator services
Elevator group number: Type: number
· Unique code for the elevator group (Bank nr:)
· Only 1,2,3 for 4 can be used dependent on the elevator configuration
Description: Type: text
· Language 1: default English
· Language 2: default Dutch
· Language 3: default German

By language: use a logical name for the elevator group for example
<EG1 1234> Elevator group 1, elevator 1,2,3 and 4

4.2 Elevator Floor

Floors are also called stop locations,

Installation | Hardware | Elevator | Floor

Authorization group: Type: drop down list
· List of all the programmed authorization groups
Elevator group: Type: drop down list
· List of all available elevator groups
Floor ID (1-255): Type: text
· Select the floor ID/ stop location as used in the Elevator controller
Elevator door: Type: drop down list
Determines the location of the door.
· Front
· Rear
If both are available you should program 2 floors for it.
Description: Type: text
· Language 1: default English
· Language 2: default Dutch
· Language 3: default German

By language: use a logical name for the Floor ID for example:
EG1_-2F (1) > Elevator group 1_etage -2 Front (stop location 1)
EG2_22R (25) > Elevator group2_etage 22 (stop location 25)

4.2.1 Elevator floor group

Here we outline the elevator floor groups.
Floor groups consist of one or more floors and can be associated with multiple elevator groups.
Additionally, a floor group may be linked to a person; refer to chapter 5 for more details.

Access | Settings | Floor group

Visitor use: Type: checkbox
· If selected, the rights group will be available for visitors

Authorization group: Type: drop down list
· List of all the programmed authorization groups

Description: Type: text
· Language 1: default English
· Language 2: default Dutch
· Language 3: default German

By language: use a logical name for the Elevator floor group for example:
EG1 all > Elevator group 1 all floors
EG1,2 all > Elevator group 1&2 all floors
EG1 -2,-1,0,1,2,3,4,5,6 > Elevator group 1_floor -2 till 6
TKH > all floors for the company TKH

4.2.1.1 Adding a Floor to the Floor Group

When a floor group is created, you have the option to add or modify floors within that group.
To do this, double-click on the name in the tree view and select <Elevator group floor list>.
In the detail screen, choose the floors you wish to add and save your settings.

4.2.1.2 Adding a Timezone to the Floor

You can assign a separate timezone for each floor in the group. This timezone setting applies only to the specific group in which it is configured.

Double-click on the <Elevator group floor list> item in the tree view.
All linked floors will now be visible in the tree view.
Select the floor for which you want to add a timezone.
Then, choose your desired timezone in the detail screen.

4.2.2 Call type

A call type is a feature that is dependent on the elevator manufacturer.
These features can be linked to a person, see chapter 5.

Installation | Hardware | Elevator | Call type

Authorization group: Type: drop down list
· List of all the programmed authorization groups

Service: Type: drop down list
· List of all available elevator services

Feature: Type: drop down list (For Mitsubishi there are four features available)
· Non stop
· Disabled
· VIP
· Management
For the exact behavior of those feature’s contact your Mitsubishi representative.

Description: Type: text
· Language 1: default English
· Language 2: default Dutch
· Language 3: default German

4.2.3 Call location

A call location creates the relation of all involved settings that are necessary to inform the elevator controller
about an call request. A call location is logical connected to a card reader.

Installation | Hardware | Elevator | Call location

Authorization group: Type: drop down list
· List of all the programmed authorization groups

Verification type: Type: drop down list
· List of all available types
o Lobby (outside the car)
o Car (inside the car)

Verification location: Type: drop down list
· Only visible when <Lobby> is selected for verification type
· List of all available types for Mitsubishi
o Elevator lobby
o Entrance
o Room
o Security gate

Elevator floor: Type: drop down list
· Only visible when <Lobby> is selected for verification type
· List of all programmed floors

Elevator group: Type: drop down list
· Only visible when <Car> is selected for verification type
· List of all programmed elevator groups

Car: Type: text
· Only visible when <Car> is selected for verification type
· Car number what is used in the Elevator controller

Description: Type: text
· Language 1: default English
· Language 2: default Dutch
· Language 3: default German

By language: use a logical name for the call location for example
CL_EG1_0F_lobby
CL_EG1_CAR 1

4.2.4 Reader

An additional field has been incorporated into the Other tab of the card reader specifically for elevator calls.

When utilizing the card reader for elevator access, the LED response on the device varies. Here’s what to expect after presenting a valid card:

  • Slow blinking: The reader is waiting for a response from the elevator controller (ELSGW).

  • Continuous green light during relay time: The elevator request has been successfully processed.

  • Fast blinking: Access denied; the elevator request has failed (typically after a waiting period of 30 seconds).

Installation | Hardware | Reader

Code: type: number
· Unique reference code for the reader and used by the elevator controller to determine the exact
location of the card reader. (relation to the DOAS)
· Used numbers are defined by Mitsubishi and should be between 1 and 9999
· The code is also called “device number”’
· Max number of supported card readers is 1024 for the ELSGW

Call location: Type: drop down list (tab other / elevator )
· List of all programmed <call locations>

Note:
The reader code is used as identifier for the elevator controller to make the relation with the DOAS terminal
(1-1024) If this is not used an error will occur. (-8603)


5 Daily management

After setting up the elevator configuration, we have to create floor groups and add those elevator rights to the persons. This chapter describes how we create them and give elevator rights to a person.

5.1 Elevator floor group

Here we define the elevator floor groups.
Floor groups consists of 1 or more floors and those can be on multiple elevators groups.
A floor group can be linked to a person or multiple persons, see chapter 5.2

Access | Settings | Floor group

Visitor use: Type: checkbox
· If selected the rights group will be available for visitors

Authorization group: Type: drop down list
· List of all the programmed authorization groups

Description: Type: text
· Language 1: default English
· Language 2: default Dutch
· Language 3: default German

By language: use a logical name for the Elevator floor group for example:
EG1 all > Elevator group 1 all floors
EG1,2 all > Elevator group 1&2 all floors
EG1 -2,-1,0,1,2,3,4,5,6 > Elevator group 1_floor -2 till 6
TKH > all floors for the company TKH

5.1.1 Adding a floor to the floor group

At the moment a floor group is created you are able to add or change floors to this group.
Double click on the name in the tree view, and select <Elevator group floor list>
In the detail screen select the floors you want to add and save your settings.

5.1.2 Adding a timezone to the floor

It is possible to add for each floor in the group a separate timezone , this timezone setting is only valid for the group where the setting is made.

Double click on the < Elevator group floor list > item in the tree view
All linked floors are now visible in the tree view
Select the floor which you want to add a timezone
Select you desired timezone in the detail screen

5.2 Person

General | Person

When the elevator license is valid in the Person dialog there is an extra field available <Floor group>

Elevator: floor group: Type: drop down list
· List of all programmed elevator floor groups

If a floor group is selected, the person has the rights associated with this group to travel with the elevators.

Elevator call types:
Optional you can add <elevator call types> to personalize the elevator call
Press right mouse button on the name in the tree view and select <Elevator call type list>
Mark the desired options.


6 Ohter

6.1 Check connections

For maintenance and installation of the elevator functionality there is a specific status overview available to check all the connections.

Installation | Overview | Status | Reader-Elevator

This overview shows the status for all card readers that are involved with elevator calls
The following items are shown for each reader

Overall status

red / green

Reader name

name of the reader

Line name

name of the line

Service name

name of the elevator service

Line status

red / orange / green

Node status

red / orange / green

Reader status

red / green

Service status

red / green

Status text

service status text

6.2 Specific events

  • Webserver disconnected => connection: <nr>, Process: Elevator call service, Database link:
    <name>
    o Connection is lost with the elevator controller

  • Webserver connected => connection: <nr>, Process: Elevator call service, Database link: <name>
    o Connection is established, elevator commands can be given

  • Elevator call => Reader:<name>, Card: <number> ..
    o No error message
    § Correct elevator call
    o Error: No floor group for elevator request
    § Person has elevator rights but not for this elevator group
    o Error: Elevator service internal error for elevator request
    § If this message appear after approx. 30 seconds there is no feedback from the
    ELSGW. The message is send but the ELSGW cannot proceed with it. Probably due
    a wrong configuration like:
    · an unknown floor number is used by the call location
    · No or wrong <code> used by the card reader (see chapter reader)
    · Elevator group is not active in elevator controller (wrong or in inactive bank)
    · Elevator line status => Line: <name>,
    o Error: OK
    § This line is now OK

o Error: connection failed TCP/IP
o Error: Server asks client to close connection
o Error: Elevator system not connected for elevator request
§ It is not possible to make an elevator call, probably the webserver is disconnected

· Service functional state change => database link :<name>:
o functional State: Service partly functional
§ not all controllers are communicating with the elevator service
§ there is no communication with the elevator controller
o functional State: Service full functional
§ all controllers are communicating with the elevator service
o functional State: Service in calamity mode
§ This status is reached when the setting dysfunctional readers is set to <report
dysfunctional readers> and not all controllers are communicating with the elevator
service.
§ The elevator service will not send any heartbeats to the elevator controller as long the
service is in calamity mode.
Note:
It can take some time before the service functional state changes occur after the network connection is
reestablished
Error messages
-631 No floor group assigned to person

  • Subscriber card no access => Error No floor group assigned to person
    Person has no floor group assigned
    -632 No response on time from elevator service
    -2189 No access, need elevator call
    -8600 Elevator service not active for elevator request
    -8601 No floor group for elevator request
    Subscriber card: No access => Error: No floor group for elevator request
    user has rights but not the right ones
    -8602 No active floors for elevator request
    -8603 Elevator service internal error for elevator request

  • occurs when in reader dialog the code is left empty

  • occurs when network settings in the ELSGW are not correct (ADRIP setting)
    -8604 Elevator system not connected for elevator request

6.3 ELSGW terminal option

Important Note:
Please use this tool only in consultation with and in the presence of Mitsubishi.

The ELSGW controller allows you to log in using PuTTY as the terminal software. This software not only enables configuration of the ELSGW but also provides several helpful commands to check the status and communication.

Default Settings:

  • IP Address: 192.168.0.1 (the same IP used for communication with iProtect)

  • Port Number: 52173

  • Protocol: TCP/IP

PuTTY Settings (different from default):

  • Connection Type: Raw

  • Terminal:

    • Local Echo: Force off

    • Local Line Editing: Force off

  • Keyboard:

    • Backspace Key: Control-H

Some Useful Commands:

  • IPCONFIG

  • INFO?

  • ELCON?

  • PKT?

  • AC?

  • TRACE?

  • SNET?

  • ADRIP?

  • ADRIP=X.X.X.X (the returned IP address must match the iProtect IP address)

Related pages