Access Control Tibbo Project System

    Continuing the series of articles on how easy it is to assemble automation devices on the Tibbo Project System , we decided to talk about creating an access control system. There are many devices in this market segment: from cheap and simple controllers to distributed flexible systems with a complex structure and high price. We will try to create our own universal controller with the basic ACS functionality. At the same time, given the flexibility of our hardware platform, you can assemble your own configurations of such devices for personal or commercial purposes, taking as our basis our version, the description of which is under the cut.

    Access control is a key element in a complex of security systems. Installation of the system allows you to organize authorized access to protected objects, thereby ensuring the safety of material assets, security, control over the situation, access to paid objects and services. We set ourselves the task of creating a universal access controller based on the Tibbo Project System platform . The platform already has Ethernet on board, memory, optional Wi-Fi, connectors for installing I / O modules. The presence of a universal case allows you to create finished products, rather than semi-finished products on the board. A full description of the platform is available in our review article . But first, you need to understand what types of access control systems are divided?

    Local or network access control system?

    ACS systems are divided into two categories: autonomous and network. The first type does not require centralized management. Access authorization is carried out either due to the local database, or due to external information from the identifier. Autonomous systems are suitable for small objects: offices of small companies, offices, vehicles, access to paid services in entertainment centers. Network ACSs have centralized management, which allows you to quickly respond to the situation, integrate data into other systems, creating a single information space of the object. The principal differences between a network controller and a standalone one are: the presence of a network interface and a protocol for exchanging data with a central server. This type of system is suitable for installation on large objects, such as business centers, large companies with many access points,

    Requirement for universal controller No. 1: the ability to work in stand-alone and network mode.

    To implement this requirement, we chose the TPP3 card as the basis for the future device , on which the Ethernet interface (optional Wi-Fi) is already implemented for communication with the central server. The presence of memory allows you to maintain a local database of up to 2,000 users and register an event log (up to 20,000 entries). We decided to make the controller at two points of passage. If necessary, the system can easily be ported to a smaller TPP2 board to control one access point or two points, but with a limited connection of external sensors.

    Identity Device Connections

    In general, the tasks of the ACS controller are simple: user identification on the basis of the “own” / “alien” principle, interrogation of sensors for unauthorized entry, management of the entrance group, alarm management.

    By the type of user identification, ACS systems have different requirements. To access the premises with an ATM, bank card readers are used. Business centers typically use RFID technology, magnetic stripe cards, badges with bar codes, and iButton keys. For stricter control, biometric readers are used. It is also possible to directly enter the access code from the keyboard. There are objects where multilevel authorization is required, then a combination of different identification methods is applied.

    Requirement for universal controller No. 2: the ability to connect various identification devices.

    We noticed that most external readers are connected via RS232. Therefore, the first to be considered was the input / output module (Tibbit) # 01. The functionality of the module is simple - the transceiver / transmitter chip converts the UART levels to the RS232 specification. What we need. We install four such modules on platforms S1, S5, S9 and S13: for connecting readers to the entrance and exit to 2 access points. For ease of installation, terminal and DB9 connectors are provided. We have chosen the first option.

    For identification devices that use different interfaces, we just change the corresponding tibbits: for Wiegand, Clock / data - # 08, for RS485 - # 05. It is also possible to connect devices using the 1-Wire protocol using the PIC coprocessor to poll this bus (Tibbit # 31).

    Entrance Group and Sensors

    Entrance group control (barriers, turnstiles, electromagnetic or electromechanical locks), as well as alarm control, is usually implemented using a relay that closes the external circuit of the actuators.

    Requirement for the universal controller No. 3: the presence of normally open relays for controlling actuators.

    For the basic version of the controller, we decided to use Tibbit # 03-2 with two relays switching the current up to 1A (as can be seen from the module diagram, one relay has normally open and normally closed outputs, the second relay has only NO contacts). One relay is used to control the input group, the second for signaling. We install the selected Tibbits on the S11 and S15 platforms, use the already installed terminals as a connector. If you want to switch more current, you can select other tibbits. For example, module # 06 is designed for currents up to 16A.

    Sensors of the “dry contact” type, motion sensors, window breaks, volume sensors, etc. are used to monitor unauthorized access. Typically, such sensors have a digital output.

    Requirement for universal controller No. 4: The presence of discrete inputs for monitoring external sensors and connecting the door open button.

    Tibbits of direct input / output are usually used to connect sensors. We install Tibbits 001 on the S3 and S7 platforms. Each Tibbit has 4 direct entry lines. This option is suitable for us, although you can choose other options: opto-isolated inputs, inputs with a common "+", etc.

    The board is ready. S17-S23 platforms remained for the reserve for a possible expansion of functionality. In our version of the controller, we additionally installed a Wi-Fi module so as not to pull the cable to the installation site. It remains to install the vibration protection plate for reliability and place the assembly in a universal case. The presence of a cover with the possibility of signing pins will help future adjusters not to get confused in the pins of the controller.

    For programming, it is enough to supply power to the board and connect it to our local network.


    The firmware logic is trivial, so it makes no sense to publish the source code. But I would like to draw attention to some nuances.
    The first thing to note is that we create a universal controller with the ability to quickly change functionality. Therefore, the program code tied to a specific tibbit is moved to separate libraries. This allows you to create your own controller configurations on the fly: increasing access points, connecting additional sensors, changing the type of identification readers - you do not have to rewrite anything in the code, replacing a pair of constants and the new version of the controller is ready.
    In addition to the hardware characteristics, the controller must also identify the functionality: storage of the event log, data exchange with the server, security mode, remote configuration, support for modern data exchange protocols, etc. All this is also implemented in the basic firmware.

    The source code is open and free.


    At the moment, there are two options for the network operation mode of the controller. The first one is based on connecting to an external MySql database . Upon identification, the controller makes a request to the server and, if the code is found in the database, opens access to the object.
    The second, more complex - the controller is controlled through the AggreGate platform . This allows you to remotely configure the controller, create complex, branched access control schemes, provide various types of reports, etc.
    Open source and the ability to freely program allow you to connect the controller to almost any access control system.

    The result is an access controller with the following characteristics:
    • management of two zones of passage;
    • Ethernet, WiFi interfaces;
    • connection of up to 4 external readers via RS232, RS485, Wiegand, Clock / data, 1-Wire, WiFi interfaces;
    • 4 relays, if necessary expandability to 10 relays;
    • 4 dry contacts expandable;
    • built-in sound indicator and LEDs for monitoring the status of the controller;
    • adjustment of time of opening of the lock;
    • embedded RTC. Calendar support;
    • support for up to 8 individual access schedules with the possibility of increasing this number;
    • card validity support;
    • re-entry or exit control (antipassback);
    • control prohibition of entry without a leader;
    • code under duress;
    • remote alarm notification (possibly via SMS or email);
    • the ability to configure the discipline of passage;
    • the ability to change the hardware configuration to the local requirements of the project;
    • open source code that allows you to modify the firmware for unique tasks.

    Product page on our website.
    Accounting for working hours on TPS .
    Overview of the Tibbo Project System .
    Indoor Weather Station

    Also popular now: