JP2023066682A - Building facility management device setting system and setting method - Google Patents

Abstract

To determine whether a worker who presented a machine-readable code is a qualified worker on a center device side based on a response of a work device that generated the machine-readable code.SOLUTION: A system includes a building facility management device, a wireless communication router, a center device, and a work device. When setting up a wireless connection between the building facility management device and the wireless communication router using the work device, the system causes a camera of the building facility management device to read a machine-readable code generated by the work device, to connect the building facility management device and the center device, and then notifies the building facility management device that the connection between the building facility management device and the center device has been confirmed by the work device that generated the machine-readable code, thereby authenticating the work device as a work device used by a qualified worker.SELECTED DRAWING: Figure 1

Description

The present invention relates to a setting system and a setting method for a building facility management device (such as an entry/exit management device, a facility management device, a video distribution device, etc.) installed in a building.

As a conventional system for setting a device connected to a network from another device, for example, systems disclosed in Patent Document 1 and Patent Document 2 are known.

In Patent Document 1, in the subject column of the abstract, "A test unit that performs a test procedure on a network element of a communication network, and a machine-readable code reader that reads machine-readable code associated with the network element of the communication network, provides a test device.", and in the solution column, "The test device determines 606 a type of component associated with the read machine-readable code data, and based on the determined type of component: selecting 608 a configuration file from a plurality of configuration files, using the selected configuration file to configure 610 a test portion for the test procedure, and executing 612 the test procedure on the network element. and a computing device configured to:". That is, Patent Literature 1 discloses a technique of setting a device (test device) by reading a machine-readable code with a camera of the device (test device) when setting the device (test device) wirelessly.

In addition, in Patent Document 2, in the problem column of the abstract, it is described that "Communication for push notification can be continued for an appropriate period." receives a push notification from the notification device via the relay device, subscription information for receiving the push notification by the reception means, and timeout information indicating the validity period of the subscription information, the relay device and Sharing means for sharing, and update means for requesting the relay device to perform an update process for updating the validity period of the subscription information based on the timeout information shared with the relay device by the sharing means." Are listed. That is, Patent Literature 2 discloses a technique for preventing unauthorized rewriting of settings by setting a valid period for settings of a device (communication device) based on timeout information.

JP 2017-118489 A JP 2019-101976 A

2. Description of the Related Art In recent years, services such as IP telephony and video distribution using a peer-to-peer network (hereinafter referred to as “P2P”), which is a type of autonomous decentralized network in which devices communicate with each other, are increasing.

Among P2P, TURN over TPC of Web Real-Time-Communication (hereinafter referred to as "Web-RTC"), which is an API standard of HTML5, is a standard capable of overcoming NAT. Therefore, if this standard is used, even if the equipment is connected to the intranet, if there is an Internet connection environment at the end of the intranet, it will be able to make a P2P connection with the center equipment without having a fixed global IP, and connect the server and the client. Upward and downward two-way communication can be realized without discrimination.

Here, some of the building equipment connected P2P to the center equipment handles highly confidential information such as entrance/exit management information and equipment management information, so equipment that requires a particularly high level of security (entrance control equipment, air conditioning control devices, lighting control devices, elevator control devices, video distribution devices, etc., hereinafter referred to as "building facility control devices"). When the settings of such a building facility management device are changed from a work device via the center device, the center device checks whether the worker attempting to change the settings is a qualified person in order to prevent unauthorized workers from changing the settings. Always have to check.

As a method of confirming the qualified person, the technology of Patent Document 1 is used, and the worker who has the camera of the building facility management device read the machine readable code assigned to the qualified person is regarded as the qualified person. can be considered. However, general machine-readable code has the property of being easily copied (e.g., someone who takes a picture of legitimate machine-readable code can illicitly copy it by printing it or displaying it on the display of a mobile device). ), even if security is enhanced by using the technology of Patent Document 2, which sets an expiration date for the machine-readable code, the person presenting the code is not a qualified person as long as it is within the expiration date of the code. There may be a problem that it is not possible to distinguish whether a person is a person who illegally uses an illegally copied code.

Further, when adopting a configuration in which the building facility management device connects to the Internet via a wireless communication router and establishes a P2P connection with the center device, the building facility management device is wirelessly connected to the wireless communication router as a prerequisite. Initial setup is required. However, since the P2P connection between the building equipment management device and the center device is not yet established during the work of the initial setting, the center device will assume that the operator who attempts the initial setting to the building equipment management device is a qualified person. There was a problem that it was not possible to determine whether This problem arises when a faulty wireless communication router is replaced, or when the wireless connection between the building equipment management device is cut off due to a change in the password of the wireless communication router, etc. It also occurs when the wireless connection to the building equipment management device must be set again under the condition that the wireless connection is disconnected.

Therefore, according to the present invention, whether or not the worker who presented the machine-readable code is a qualified worker is determined by the center device based on the response of the work device that generated the machine-readable code. It is an object of the present invention to provide a setting system and a setting method for a building equipment management device, which can permit setting of the building equipment management device only for a work device to be held.

In order to solve the above-described problems, a security device setting system according to the present invention includes a building equipment management device installed in a building assigned an identifier and equipped with a camera; a communication router, a center device connected to the building facility management device via the wireless communication router, setting the building facility management device via the center device, and using information provided by the center device and a working device for generating a machine-readable code, wherein when setting up a wireless connection between the building equipment management device and the wireless communication router using the working device, The working device that generated the machine readable code after connecting the building equipment management device and the center device by causing a camera of the building equipment management device to read the machine readable code generated by the work device. By notifying the building equipment management device that the connection between the building equipment management device and the center device has been confirmed in , the work device is authenticated as a work device used by a qualified person.

According to the setting system and the setting method of the present invention, it is possible to permit setting of a building facility management device to a working device held by a qualified person.

1 is a schematic configuration diagram of a setting system for a building facility management device according to an embodiment; FIG. FIG. 2 is a configuration diagram of a center device database of one embodiment; An example of the user information table of FIG. 2A. An example of the building information table of FIG. 2A. An example of the QR code issue table of FIG. 2A. The block diagram of the signaling database of one Example. An example of the building password table of FIG. 3A. The block diagram of the building equipment management apparatus database of one Example. An example of the P2P information table of FIG. 4A. An example of the network connection information table of FIG. 4A. An example of an initial display setting screen on the tablet of one embodiment. An example of a setting screen when Wi-Fi is selected on the tablet of one embodiment. An example of a setting screen when creating a QR code on the tablet of one embodiment. 4 is a processing flowchart of the setting system of one embodiment. Details of step S21 in FIG. Details of step S22 in FIG. Details of step S23 in FIG. Details of step S24 in FIG. Details of step S26 in FIG.

An embodiment of a setting system for a building facility management device according to the present invention will be described below with reference to the drawings. In the following description, the wireless communication method used in the building is Wi-Fi (registered trademark, hereinafter abbreviated to the fact that it is a registered trademark), which is used by workers when setting up the building equipment management device. An example of a case where the work device is a tablet and the machine-readable code to be read by the building facility management device is a QR code (registered trademark, hereinafter abbreviated as a registered trademark), which is a type of two-dimensional code. However, other types of wireless communication systems, work devices (smartphones, etc.), machine-readable codes (three-dimensional codes, etc.) may be used instead.

FIG. 1 is a schematic configuration diagram of a setting system 100 for a building facility management device according to this embodiment. As shown here, the setting system 100 includes various center devices 1 (Web server 11, communication server 12, relay server 13, center device database 14) installed on the cloud, and various P2P device 2 (TURN server 21, STUN server 22, signaling server 23, signaling database 24), various devices installed in the building 3 (router 31, Wi-Fi router 32, building facility management device 33), workers This is a system in which a tablet 4 used by W is connected via the Internet 5 . Details of each will be described below.

<Center device 1>
As described above, the center device 1 of this embodiment includes the Web server 11, the communication server 12, the relay server 13, and the center device database . The Web server 11 is a server connected to the tablet 4 via the Internet 5 and the router 31 and Wi-Fi router 32 in the building 3 . The communication server 12 is a server that is P2P connected to the building facility management device 33 via the P2P device 2, the Internet 5, and the router 31 and the Wi-Fi router 32 in the building 3. send and receive sensitive information between The relay server 13 is a server connected to the Web server 11, the communication server 12, and the center device database 14 via a private network. Two types of relay are performed: relay between the communication server and the Web server.

FIG. 2A is a configuration diagram of the center device database 14. As shown in FIG. As shown here, the center device database 14 has a user information table T1, a building information table T2, and a QR code issue table T3. These tables are databases for managing system management data registered in advance by a system administrator or the like, data received from the tablet 4 or building equipment management device 33, operation history of the center device 1, and the like.

The user information table T1 is a table in which records each including a combination of various data (user number T1a, user password T1b, accessible building number list T1c, session ID T1d) illustrated in FIG. 2B are recorded. The building information table T2 is a table in which records each including a combination of various data (building number T2a, building name T2b) illustrated in FIG. 2C are recorded. The QR code issuance table T3 is a table in which records each including a combination of various data (issuance ID T3a, building number T3b, session ID T3c, issuance time T3d, state T3e) illustrated in FIG. 2D are recorded. The significance of the data in each table will be explained as appropriate. In this embodiment, the building number is used as the identifier of each building, but other types of identifiers may be used.

In this user information table, access rights are managed for each building, but access rights may be set for each building facility.

<P2P device 2>
As described above, the P2P device 2 of this embodiment includes the TURN server 21, the STUN server 22, the signaling server 23, and the signaling database 24. FIG. Each server has a general Web-RTC server configuration connected to the Internet 5, and the signaling database 24 is connected to the signaling server 23 via a private network.

Each server of the P2P device 2 enables external reception by setting each 443 port to the following protocol in order to realize the P2P connection between the building facility management device 33 and the communication server 12 . That is, the TURN server 21 sets the 443 port to the TCP protocol, the STUN server 22 sets the 443 port to the UDP protocol, and the signaling server 23 sets the 443 port to the https protocol.

FIG. 3A is a configuration diagram of the signaling database 24. As shown in FIG. As shown here, the signaling database 24 has a building password table T4. This table is a database for managing system management data registered in advance by a system administrator or the like. The building password table T4 is a table in which records each including a combination of various data (building number T4a and building password T4b) illustrated in FIG. 3B are recorded. The significance of the data in this table will be explained accordingly.

<Building 3>
As described above, the router 31 , the Wi-Fi router 32 , and the building equipment management device 33 are installed in the building 3 . A router 31 and a Wi-Fi router 32 are connected by wire, and the Wi-Fi router 32 can be connected to the Internet 5 via the router 31 . The connection between the router 31 and the Wi-Fi router 32 may be an intranet or a local network.

The building facility management device 33 includes, for example, an entrance/exit management device that manages entry and exit of each room in the building 3, a facility management device that manages lighting equipment and air conditioning equipment in the building 3, electronic signboards inside and outside the building 3, and the like. It is a video distribution device or the like that distributes video, and has a wireless communication section 33a, a program section 33b, a building equipment management device database 33c, a camera 33d, and an LED 33e.

In this embodiment, it is explained that there is a building facility management device independent of building facilities such as an entrance/exit management device, but each building facility may include a building management device.

The wireless communication unit 33 a is wirelessly connected to the Wi-Fi router 32 and P2P-connected to the communication server 12 via the Internet 5 and the P2P device 2 . The program section 33b is stored in the main storage device, and implements a function corresponding to the type of the building equipment management device 33, and also implements a function of executing processes described later with reference to FIGS. Specifically, it is an arithmetic unit such as a CPU that executes a predetermined program. The camera 33 d is for capturing the QR code displayed on the display of the tablet 4 . The LED 33e indicates the state of the P2P connection between the building equipment management device 33 and the communication server 12 as follows. That is, off indicates that the P2P is disconnecting, blinking indicates that the P2P is trying to connect, and lighting indicates that the P2P is connecting.

FIG. 4A is a configuration diagram of the building facility management device database 33c. As shown here, the building equipment management device database 33c includes a P2P information table T5 used when establishing a P2P connection, a network connection information table T6 used when establishing a Wi-Fi connection, and schedule information. It has various information tables that are used when setting other setting modes such as tables. Note that these tables are databases for managing system management data registered in advance by a system administrator or the like and data received from the tablet 4 .

The P2P information table T5 is a table in which records each including a combination of various data (building number T5a, building password T5b, signaling server address T5c) illustrated in FIG. 4B are recorded. The network connection information table T6 is a table in which records each including a combination of various data (available network T6a, security T6b, password T6c) illustrated in FIG. 4C are recorded. The significance of the data in each table will be explained as appropriate.

<Tablet 4>
The tablet 4 is a type of working device used by the worker W to set the building facility management device 33, and includes a touch panel display that serves as both an input device and a display device. Note that, in this embodiment, the tablet 4 has already completed the Wi-Fi connection setting with the Wi-Fi router 32, and via the Wi-Fi router 32, the router 31, and the Internet 5, the center device 1 Web server 11 can be accessed, but the tablet 4 may be connected to the Internet 5 via a public wireless communication network to access the Web server 11 .

<P2P connection method>
Here, a specific connection method for P2P connection of the building facility management device 33, which is connected to the Wi-Fi router 32 by Wi-Fi, to the communication server 12 will be described. In the following description, the communication server 12 and the signaling server 23 are always connected, and in addition to the building facility management device 33 in FIG. is connected to the communication server 12 by P2P communication method.

When connecting the building equipment management device 33 of FIG. 1 to the Web-RTC standard communication server 12 in a P2P connection, the two may be directly connected, or the STUN server 22, which is a candidate for the port mapping communication path, may be used as a relay server. may be connected. However, when the router 31 of the building 3 and the Wi-Fi router 32 are connected via an intranet, a communication path is always established with the TURN server 21 as a relay server. It is assumed that the communication server 12 makes a P2P connection via the TURN server 21 .

After setting the connection with the Wi-Fi router 32, the building facility management device 33 connects to the signaling server 23 specified by the signaling server address T5c using the building number T5a and the password T5b in the P2P information table T5 (FIG. 4B). By accessing, a constant P2P connection with the communication server 12 can be established via the TURN server 21 according to the Web-RTC standard.

<Method of transmitting data from tablet 4 to building equipment management device 33 during P2P connection>
After the P2P connection between the communication server 12 and the building equipment management device 33, when desired data is transmitted from the tablet 4 to the building equipment management device 33, the following processing is performed.

First, when the tablet 4 notifies the Web server 11 of the user number of the worker W and the building number of the building 3, the Web server 11 refers to the user information table T1 (FIG. 2B) of the center device database 14, Confirm whether the session ID of the tablet 4 has the authority to access the specified building number (that is, the combination of the user number notified by the worker W and the building number is the user number T1a in the user information table T1). and the building number in the accessible building number list T1c).

Then, if the user has the authority, the web server 11 transmits data from the tablet 4 to the communication server 12 via the relay server 13 . After that, using the building number as a key, the communication server 12 transmits data from the tablet 4 to the building facility management device 33 in the building 3 indicated by the building number. With such a procedure, the center device 1 after the P2P connection can permit data transmission to the building facility management device 33 only for the tablet 4 of the authorized person.

Next, the case of setting the Wi-Fi connection of the building equipment management device 33 using the tablet 4 will be specifically described. Note that the content (setting mode) that can be set on the tablet 4 is not limited to the Wi-Fi connection of the building equipment management device 33, and includes other types of setting modes such as the schedule of the building equipment management device 33, for example.

First, the worker W accesses the web server 11 from the tablet 4, inputs the user number and password, and waits for the login result. In this case, the Web server 11 searches the user information table T1 (FIG. 2B) for a record of the user number T1a and user password T1b that match the combination of the user number and user password input from the tablet 4. FIG. If there is a matching record, the building information table T2 (FIG. 2C) is searched for a record (building name T2b) having a building number in the accessible building number list T1c. If there is one or more applicable building information records, the session ID T1d of the record having the applicable user number in the user information table T1 (FIG. 2B) is updated.

Next, the Web server 11 transmits the obtained building information record (building name T2b) to the tablet 4 as a building list, and permits login.

Thereafter, the Web server 11 determines whether each request from the user number of the tablet 4 is from the same session ID as the session ID T1d of the record with the corresponding user number in the user information table T1 (that is, the same tablet 4). When a request with the same session ID as the user number does not match (that is, when a request comes from a different tablet), the Web server 11 disconnects the corresponding session ID and rejects all requests after disconnection. It is designed to

As described above, when the P2P connection between the communication server 12 and the building facility management device 33 is normal, the communication server 12 monitors the session ID on the Web server 11, and the building number that can be accessed with that session ID is displayed. Therefore, by using the session ID and the building number as authentication keys, it is possible to determine that the worker W is a legally qualified person.

<Method of transmitting data from tablet 4 to building equipment management device 33 not connected to P2P>
On the other hand, when the P2P connection between the communication server 12 and the building facility management device 33 is not connected, the communication server 12 cannot access the building facility management device 33 in the desired building 3 using the building number as the authentication key. Data cannot be transmitted to the building equipment management device 33 via the center device 1 .

However, in the setting system 100 of the present embodiment, if the tablet 4 is logged in to the Web server 11, a P2P connection is established between the communication server 12 and the building facility management device 33 by the following process, and the building facility is accessed from the tablet 4. It becomes possible to set the management device 33 . Details of the processing for realizing this will be sequentially described below.

FIG. 5A is an initial setting screen D1 displayed on the display of the tablet 4 after login is permitted. In the initial screen illustrated here, a building selection pulldown D2, a setting mode selection pulldown D3, and a cancel button D4 are displayed. In the building selection pulldown D2, the building name T2b corresponding to the building number in the accessible building number list T1c obtained from the Web server 11 at the time of login is displayed in a pulldown. In addition, setting modes (for example, Wi-Fi setting, schedule setting, etc.) that can be set in the tablet 4 are displayed in a pull-down in the setting mode selection pull-down D3.

FIG. 5B is an example of a screen displayed after the worker W selects the Wi-Fi setting mode from the setting mode selection pulldown D3 in FIG. 5A. As shown here, when the Wi-Fi setting mode is selected in the setting mode selection pull-down D3, the display of the tablet 4 shows an available network selection pull-down D5, a security selection pull-down D6, and a password input text box D7. , a QR code creation button D8 is displayed. At this time, the QR code creation button D8 is inactive and cannot be operated.

At this time, the tablet 4 searches for available Wi-Fi networks in the building 3 and displays the detected Wi-Fi networks in the available network selection pull-down menu D5. Note that if there are multiple available Wi-Fi networks in the building 3, the Wi-Fi network being used by the tablet 4 is selected as the default.

When the worker W selects the available network selection pulldown D5 and the security selection pulldown D6, and furthermore enters a predetermined Wi-Fi password in the password input text box D7, the QR code creation button D8 is activated.

<Authentication process of qualified person>
Next, a series of processes for certifying that the worker W is a legally qualified person after activating the QR code creation button D8 will be described with reference to FIG. 5C and FIGS. 6 to 11. FIG. In the setting system 100 of this embodiment, the processing of the tablet 4, the building facility management device 33, and the center device 1 are performed in parallel. Only the processing of the device 33 is illustrated, and the processing of the center device 1, which is the subordinate processing subject, is omitted. Further, in the following, among the parallel processes, the processing of the tablet 4 (steps S11 to S19) and the related processing of the center device 1 will be explained, and then the processing of the building facility management device 33 (steps S21 to S26). , and the processing of the center device 1 related thereto will be explained.

(Step S11)
When the worker W presses the QR code creation button D8 (FIG. 5B) displayed on the tablet 4, the user number, building number, and request for notification of QR code issuance are transmitted from the tablet 4 to the Web server 11. FIG. The Web server 11 that has received these references the user information table T1 (FIG. 2B) and checks whether the received building number is included in the accessible building list T1c corresponding to the received user number. . If confirmed, the web server 11 adds the record for this request to the end of the QR code issuance table T3 (FIG. 2D) via the relay server 13 .

The record to be added here is, as illustrated in FIG. Then, "start" is registered as the initial data of the state T3e. The issue ID T3a is a unique number, and the issue time T3d is automatically set to the time when the record was added. In the state T3e, one of the four states of "started", "waiting for confirmation", "confirmed", and "completed" is registered according to the progress of the process.

When a new record is added to the QR code issuance table T3, the web server 11 transmits the issuance ID (for example, "4") of the added record to the tablet 4. FIG.

(Step S12)
The tablet 4 that has received the issue ID from the web server 11 creates a QR code using the script in the QR code creation screen. Specifically, the issuing ID (for example, "4") obtained from the Web server 11, the building number (for example, "A0001") having the building name of the character string selected in the building selection pulldown D2 in FIG. 5B, and the A character string (e.g., "Wi-Fi") selected in the setting mode selection pull-down D3, a character string (e.g., "Network-1") selected in the available network selection pull-down D5 in FIG. 5B, and a security in FIG. Text data in Json format, for example, is created based on the character string (e.g. "WPA/WPA2 PSK") selected in the selection pull-down D6 and the character string (e.g. "xyzxyz") entered in the password input text box D7. The converted text data is converted into binary data, and a QR code corresponding to each character string is created from the converted binary data according to the QR code model 2 standard with a maximum number of bytes of 2,953 bytes. At this time, since the QR code is generated by the script in the tablet 4, the network information (such as password) of the Wi-Fi device will not be leaked to the Internet 5.

(Step S13)
When the QR code creation in step S12 is completed, the display of the tablet 4 displays a QR code D9 and an inactive confirmation button D10 as shown in FIG. 5C. When the worker W causes the camera 33d of the building equipment management device 33 to read the QR code D9 displayed on the display of the tablet 4, the processing on the side of the building equipment management device 33 (steps S21 to S26) is started, and the processing progresses. , the state T3e of the QR code issuance table T3 of the center device database 14 is updated sequentially.

(Steps S14 to S17)
When the processing on the building equipment management device 33 side is started, the tablet 4 requests the Web server 11 to acquire the status T3e of the same issue ID (see the QR code issue table T3 in FIG. 2D) at regular intervals. (S14). In addition, the tablet 4 determines whether or not there is a reply of state T3e from the Web server 11 within a predetermined period (whether or not timeout has occurred) (S15). If there is no response of state T3e from the Web server 11 within a predetermined period of time, it is determined that the timeout has occurred, a status acquisition failure is displayed on the display of the tablet 4, and the Wi-Fi setting process is terminated (S16).

On the other hand, if the state T3e is returned from the Web server 11 within the predetermined period, it is determined whether the state T3e is "waiting for confirmation". If the state T3e is "waiting for confirmation", the process proceeds to step S18. If the state T3e is not "waiting for confirmation" (if it remains "started"), the process returns to step S14. That is, the processing of steps S14, S15, and S17 is repeated until the processing of the building facility management device 33 progresses and the state T3e is updated from "start" to "waiting for confirmation".

During this time, when the Web server 11 receives the request in step S14, it acquires the record of the same issue ID in the QR code issue table T3 via the relay server 13, and the session ID of the record matches the session ID with the tablet 4. If they match, the state of the acquired record is transmitted to the tablet 4 .

(Steps S18, S19)
When the processing of the building equipment management device 33 progresses and the state T3e is updated from "start" to "waiting for confirmation", the confirmation button D10 in FIG. D10 can now be operated (S18).

After that, when the worker W presses the confirmation button D10, the tablet 4 transmits a request to the web server 11 to update the status of the corresponding issue ID to "confirmed" (S19). When the Web server 11 receives the update request to "confirmed", it acquires the record of the same issue ID in the QR code issue table T3 of the center device database 14 via the relay server 13, and When the ID and the session ID of the acquired record are the same, the state T3e of the record of the corresponding issuance ID in the QR code issuance table T3 is updated from "waiting for confirmation" to "confirmed". As a result, the center device 1 has authenticated that the tablet 4 of the qualified person has responded.

(Step S21)
Next, processing on the building equipment management device 33 side will be described. After the QR code is displayed on the tablet 4 in step S13, when the worker W holds up the QR code to the camera 33d of the building equipment management device 33, the program section 33b of the building equipment management device 33 executes the processing for the QR code. Start (S21).

Specifically, as shown in FIG. 7, the program unit 33b first reads the QR code with the camera 33d (S21a), converts the read data from binary data to text data, and converts the read data into Json format data (see FIG. 7). 5C) is acquired (S21b). Then, it is determined whether or not the building number T5a in the P2P information table T5 (FIG. 4B) held by the building facility management device 33 matches the building number read from the QR code (S21c). Proceed, and if they do not match, abort the Wi-Fi setting process. In step S21c, whether the setting mode read from the QR code is Wi-Fi setting, and whether the available network read from the QR code is detected by the wireless communication unit 33a of the building equipment management device 33, is also determined, and if the setting mode read from the QR code is not Wi-Fi setting, or if the network read from the QR code cannot be detected, the Wi-Fi setting processing of the building equipment management device 33 is interrupted. .

(Step S22)
In this step, the program section 33b executes processing for disconnecting P2P regardless of whether P2P with the communication server 12 is currently established.

Specifically, as shown in FIG. 8, first, the program unit 33b determines whether there is a Wi-Fi network to which the wireless communication unit 33a is currently connected (S22a). Then, if the building facility management device 33 is Wi-Fi connected, the Wi-Fi network is disconnected, and the state of the LED 33e is changed to OFF indicating that P2P is being disconnected (S22b). As a result, even if a P2P connection has already been established, the P2P connection is automatically disconnected when the Wi-Fi network is disconnected. If it is determined in step S22a that there is no network, or if the P2P connection is disconnected in step S22b, the state of the LED 33e is changed to flashing to indicate that P2P connection is being attempted (S22c).

(Step S23)
In this step, the program unit 33b reconnects P2P with the communication server 12 that was disconnected in step S22.

Specifically, as shown in FIG. 9, first, the program unit 33b uses the available network, security, and password read from the QR code in step S21 (that is, the building facility management device 33 A connection to the Wi-Fi router 32 is attempted (S23a) without using the previous network connection information table T6 (FIG. 4C) held. After that, it is determined whether the connection to the Wi-Fi router 32 is established (S23b). If the Wi-Fi connection has been established, the process proceeds to step S23c, and if the Wi-Fi connection has not been established, the process proceeds to step S23g.

Next, the program unit 33b attempts connection to the signaling server address T5c of the P2P information table T5 (FIG. 4B) using the building number T5a and the building password T5b (S3c). At this time, the signaling server 23 searches the building password table T4 (FIG. 3B) of the signaling database 24, and confirms whether or not there is a record that matches the combination of the building number and building password received from the building equipment management device 33. . If there is no matching record, the connection is rejected, and if there is a matching record, the connection is permitted.

After that, the program section 33b of the building equipment management device 33 determines whether or not the connection with the signaling server 23 is successful (S23d). Then, if the connection is successful, the process proceeds to step S23e, and if the connection fails, the process proceeds to step S23g.

Next, according to the Web-RTC standard, the program unit 33b implements ICE Candidate (Interactive Connectivity Establishment Candidate) and SDP (Session Description Protocol) information, which are port mapping information respectively acquired from the STUN server 22 via the signaling server 23. are exchanged to attempt P2P connection with the communication server 12 via the TURN server 21 (S23e). Since the building number is included in the SDP of the building facility management device 33, the communication server 12 can recognize the building number of the P2P communication partner. After that, the building facility management device 33 determines whether the P2P connection with the communication server 12 has succeeded (S23f). Then, if the connection is successful, the process proceeds to step S24, and if the connection fails, the process proceeds to step S23g.

If the Wi-Fi router 32 cannot be connected in step S23b, if the connection is rejected by the signaling server 23 in step S23d, or if the P2P connection fails in step S23f, the program section of the building facility management device 33 33b restores the Wi-Fi network settings using the available network T6a, security T6b, and password T6c in the network connection information table T6 (FIG. 4C), and ends the Wi-Fi setting process (S23g ). In this case, since the worker W who operates the tablet 4 is not authenticated as a qualified worker, the tablet 4 is not permitted to change the settings of the building facility management device 33 .

(Step S24)
In this step, the building facility management device 33 authenticates whether the worker W using the tablet 4 is a qualified worker.

Specifically, as shown in FIG. 10, first, the program unit 33b transmits a request to the communication server 12 to update the status T3e (see FIG. 2D) of the corresponding issue ID to "waiting for confirmation" ( S24a). When the communication server 12 receives the update request to "waiting for confirmation", it acquires the record of the same issue ID in the QR code issue table T3 via the relay server 13, and the building number of the record is the building of the P2P connection. If it matches the number, the state of the record of the corresponding issue ID in the QR code issue table T3 is updated to "waiting for confirmation". Thereby, the processing of the tablet 4 can be advanced from step S17 to step S18.

Thereafter, the program unit 33b requests the communication server 12 to acquire the state T3e (see FIG. 2D) of the same issue ID at regular intervals (S24b). In addition, the program unit 33b determines whether or not there is a reply of status T3e from the communication server 12 within the period (whether or not timeout has occurred) (S24c). If the state T3e is not returned from the communication server 12 within a predetermined period, it is determined that the timeout has occurred, and the Wi-Fi network setting is restored to end the Wi-Fi setting process in the same manner as in step S23g described above ( S24e).

On the other hand, if the state T3e is returned from the communication server 12 within the predetermined period, the program unit 33b determines whether the state T3e is "confirmed" (S24d). If the state T3e is "confirmed", the process proceeds to step S25, and if the state T3e is not "confirmed" (if it remains "waiting for confirmation"), the process returns to step S24b. That is, until the confirmation button D10 (FIG. 5C) of the tablet 4 of the qualified person is operated and the status T3e of the QR code issuance table T3 (FIG. 2D) is updated to "confirmed" by the process of step S19, the 24d is repeated.

During this time, when receiving the request of step S24b, the communication server 12 acquires the record of the same issue ID in the QR code issue table T3 via the relay server 13, and if the building number of the record matches the P2P connection partner. For example, the status of the acquired record is transmitted to the building equipment management device 33 .

(Step S25)
In S25, the program section 33b updates the record of the network connection information table T6 (FIG. 4c) to the currently used network, security, and password.

(Step S26)
In this step, the building facility management device 33 performs post-processing after establishment of the P2P connection.

Specifically, as shown in FIG. 11, first, the program section 33b transmits a request to the communication server 12 to update the status of the relevant issue ID to "completed" (S26a). Then, when the communication server 12 receives the update request to "completed", it acquires the record of the same issue ID in the QR code issue table T3 (FIG. 2D) via the relay server 13, and the building number of the record is P2P. If it matches the connection partner, the state of the record of the corresponding issue ID in the QR code issue table T3 is updated to "completed". Finally, the building facility management device 33 changes the state of the LED 33e to lighting indicating that P2P communication is in progress (S26b).

<Effect of this embodiment>
As described above, according to this embodiment, even when the P2P connection between the communication server 12 and the building equipment management device 33 is not connected, the Web server 11 monitors the session ID and checks whether the building number is accessible. Since the authentication is performed, it is possible to authenticate that the worker operating the tablet 4 is a qualified person from the session ID and the building number.

Therefore, even if the illegally duplicated QR code is read into the building equipment management device, unless the confirmation button D10 (see FIG. 5C) is pressed on the tablet 4 that created the QR code, the building equipment management device 33 cannot be set. Therefore, it is possible to prevent unauthorized setting by a person other than a qualified person.

As described above, in the setting system of the building facility management device using the QR code according to the present embodiment, regardless of whether the device is under test or in operation, P2P connection or non-P2P connection can be performed without using a cable. In either case, the same work device can be used to authenticate the worker as a qualified worker by using the building number and the session ID.

100 building facility management device setting system 1 center device 11 web server 12 communication server 13 relay server 14 center device database 2 P2P device 21 TURN server 22 STUN server 23 signaling server 24 signaling database 3 building 31 router 32 Wi-Fi router 33 building Facility management device 33a Wireless communication unit 33b Program unit 33c Building facility management device database 33d Camera 33e LED
4 Tablet 5 Internet W Worker T1 User information table T2 Building information table T3 QR code issuing table T4 Building password table T5 P2P information table T6 Network connection information table

Claims (8)

a building facility management device installed in a building assigned an identifier and equipped with a camera;
a wireless communication router wirelessly connected to the building facility management device;
a center device connected to the building facility management device via the wireless communication router;
a working device that configures the building facility management device via the center device and generates machine-readable code using information provided from the center device;
A setting system for a building facility management device comprising
When setting up a wireless connection between the building equipment management apparatus and the wireless communication router using the work device, by causing the camera of the building equipment management apparatus to read the machine-readable code generated by the work device, the After connecting the building facility management device and the center device, the work device that generated the machine-readable code notifies the building facility management device that the connection between the building facility management device and the center device has been confirmed. By doing so, the setting system authenticates the work device as a work device used by an authorized person. The setting system according to claim 1,
The center device
It has a user information table that records records including a user number of a qualified person, a list of accessible buildings of a qualified person, and a session ID of a qualified person,
When the work device logs in to the center device, the machine readable code is attached to the work device determined as the work device used by the authorized person using the identifier and the session ID obtained from the work device as authentication keys. A configuration system that provides information used when generating a . In the setting system according to claim 2,
The building equipment management device
authenticating the work device as a work device used by an authorized person when the machine-readable code read by the camera includes information provided to the work device by the center device; Characterized setting system. In the setting system according to any one of claims 1 to 3,
The setting system, wherein the machine-readable code includes network connection information for wirelessly connecting the building equipment management device and the wireless communication router. In the setting system according to claim 4,
A setting system in which the working device does not transmit the network connection information to the center device. In the setting system according to claim 4,
When the building equipment management device is connected to the center device, the device disconnects from the center device and then reconnects to the center device using the network connection information included in the machine-readable code. setting system. In the setting system according to any one of claims 1 to 3,
The center device has a machine-readable code issue ID, an identifier that issued the machine-readable code, a session ID that issued the machine-readable code, and a machine-readable code issue table that records records including status. ,
The building facilities management apparatus, the center apparatus, and the work device use the machine-readable code issuing table to determine the connection state between the building facilities management apparatus and the center apparatus, and the building facilities management apparatus by the work device. and a setting system for confirming the connection state of the center device. A building facility management device installed in a building assigned an identifier and equipped with a camera, a wireless communication router wirelessly connected to the building facility management device, and a wireless communication router connected to the building facility management device. and a working device for setting the building facility management device via the center device and generating a machine-readable code using information provided from the center device. There is
When setting up a wireless connection between the building equipment management apparatus and the wireless communication router using the work device, by causing the camera of the building equipment management apparatus to read the machine-readable code generated by the work device, After connecting the building equipment management device and the center device, the working device that generated the machine-readable code notifies the building equipment management device that the connection between the building equipment management device and the center device has been confirmed. A setting method for authenticating the work device as a work device used by an authorized person.

Images