DESCRIPTION

TECHNICAL FIELD

The present invention relates to IP networks, in particular for video surveillance applications, and switches used in such networks.

In particular, the invention relates to a network switch according to the preamble of claim 1.

STATE OF THE ART

Nowadays, in video surveillance systems, video cameras, sensors, and other active devices of the system are connected to switches that are capable of transferring data packets from these devices to Video Management Software (VMS) and vice versa.

In general, video surveillance systems based on IP networks are implemented using general purpose switches, which makes it possible to meet system connectivity requirements, but do not fully meet the security requirements expected for this type of system.

In general, a general purpose switch is an embedded system with a small processor and a small amount of RAM memory which is used to export a configuration interface through which the installer can simply define certain parameters relating to packet switching.

To improve the security and robustness of the network, switches with advanced features have been designed and manufactured.

In detail, in order to improve the security of networks, switches designed specifically to protect the network from outside attacks are known. For example, the Tungsten® switch by Senstar® internally comprises a DHCP (Dynamic Host Configuration Protocol, defined in RFC 1531, RFC 1541 and RFC 2131) server to assign IP addresses to network devices, and implements advanced multi-layer security features that allow it to detect and identify each element and endpoint in the network, and analyse incoming data traffic to allow access only to data traffic from authorised entities.

To improve the robustness of a surveillance system, it is however known to provide redundant links and use a layer 2 network switch with tree spanning protocols, such as for example STP (Spanning Tree Protocol, defined by the IEEE standard 802.1D) or RSTP (Rapid Spanning Tree, defined by the standard IEEE 802.1w). These switches are able to divert data packets from one physical link to another in the event of failure of one of the two links, however they do not know the complete topography of the network but only the part relating to the switching infrastructure, thereby ignoring devices connected to the switches, thus it is possible to have situations where data traffic is sent on a physical link which exceeds the maximum capacity of the link, with consequent data loss.

In a video surveillance system, such an eventuality should be avoided, because the loss of data may result in the loss of parts of the video or alarm signals. The international patent application WO2015008282, filed by Cyber seal Ltd., discloses a security device for video surveillance systems, which can be a switch which is capable of implementing both the spanning tree protocols in case of failure of a link, and an incoming data traffic control to block possible cyber- attacks. Once installed, the safety device creates a network activity profile and detects possible cyber-attacks by verifying deviations of network traffic compared to the profile created. In the event of attacks, the safety device can disable a port, generate alert signals, or designate the recorded event as a possible cyber-attack.

Again, to improve the robustness of the video surveillance system, in some systems of this type the VMS knows the tasks performed by the different video cameras and, in the event that it cannot communicate with one of these, it can instruct another video camera to perform the task previously assigned to the first video camera. An example of these systems is described in WO2008142504. Although it is connected to the network, even the VMS does not however know the network topology, therefore it is not able to avoid situations like the one mentioned above, in which, following the loss of a link, data traffic is routed over a link with lower capacity than required.

In the state of the art, video surveillance systems are also known in which the various sensors and video cameras coordinate between themselves to perform the tasks requested by the VMS in an optimal way. However, even in these systems, the various sensors and video cameras do not know the network topology and are not able to avoid special situations such as the one described above by managing the data traffic in an optimal way with respect to the capacity of the network links.

It is therefore necessary to have devices and methods which are able to manage the data traffic in a video surveillance system in an optimum manner, avoiding the loss of data packets, or at least reducing the risk in an acceptable manner, regardless of the manufacturer and model of the device.

PURPOSES AND SUMMARY OF THE INVENTION

A purpose of the present invention is to overcome the disadvantages of the prior art, and in particular to improve the robustness of known video surveillance systems.

A further purpose of the present invention is to provide a switch that allows network data traffic to be controlled, taking into account the topology of the network, the topology of devices, and the functions performed by the said devices.

It is also a purpose of the present invention to provide a network switch that, starting from information on the network topology, is able to automatically configure application parameters of the devices connected to it.

These and further purposes of the present invention are achieved by a method and a device incorporating the features of the annexed claims, which form an integral part of the present invention.

The basic idea of the present invention relates to a method for controlling the transfer of data packets in an IP network. A device transmits a plurality of data packets in the IP network that are received by a switch on an input port. The switch analyses the data packets received by the device and extracts information identifying the type of device connected, and on the basis of this information, identifies in an internal memory area the criteria for setting the operating parameters of an application software executed by the device. The switch provides the device with operating parameters that are calculated on the basis of the criteria contained in said memory area and the device executes said application software using the values provided by the switch.

This solution makes it possible both to rapidly configure the devices that are connected to the switch and to equally effectively reconfigure the devices in the event of loss of a link in the network to which the switch is connected.

In one embodiment, the switch receives from the device a first data packet, for example comprising an installation request according to the DHCP protocol that includes the MAC address of the device. Based on this MAC address, the switch finds, in the internal memory area, a specification of a communication protocol used to communicate with the device, and credentials to authenticate itself to the device. The switch thus authenticates itself to the device using the credentials and protocol identified in the internal memory area, and requests from the device information identifying the type of device connected. In response to the request from the switch, the device transmits to the switch a second data packet from which the switch extracts information identifying the type of device that is connected.

This embodiment thus allows multiple devices to be installed without requiring that the devices be configured to transmit special installation requests also comprising identifying information that would not be necessary in other operating environments.

In another embodiment, the device transmits a message containing the MAC address of the device and the information identifying the type of device connected, wherein the switch, on the basis of the MAC address, identifies further in the internal memory area a specification of a communication protocol to be used for communicating with said device, and wherein the switch composes a configuration message for the device according to the selected protocol, said configuration message comprising said operating parameters. This solution makes possible a faster installation and a simpler communication protocol.

In one embodiment, when the switch is connected to a video recorder, the switch proceeds to its configuration, in particular, if the switch is also connected to a video camera, the switch transmits to the video recorder the URL of the video camera so that the video recorder can then retrieve a video stream to record from said URL.

The switch is therefore able to carry out not only intra-device configurations but also inter-device configurations, i.e. those that make it possible to manage communication between multiple devices. Beneficially, in one embodiment the switch is configured to keep track of all the devices directly connected to it, and the bandwidth requirements of said devices. This solution enables the switch to coordinate with the other switches and have a knowledge of the network topology, and to manage critical events such as the loss of a link.

In one embodiment, the IP network comprises a plurality of switches that are configured to implement the same configuration functions for the devices linked to them as set out above. Each switch of said plurality of switches is configured to

a) interact with other switches of said plurality of switches to receive information about the devices connected to said other switches, and

b) store IP network topology information, said topology information comprising the following information:

connection links between all the switches of said plurality of switches, a list of devices connected to each switch of said plurality of switches, the bandwidth requirements of each of said devices,

c) calculate, for each link, the bandwidth necessary to satisfy data transfer requests for each device,

d) coordinate with said other switches to identify the output port on which to transmit data packets received at the input port, in order to balance the overall network load between the network links;

the method providing further that, in the event of coordination with other switches, rules for data packet routing will be used such that a network link will be considered a critical link if it has a bandwidth less than that required by the IP network devices, each switch of said plurality of switches executing the same bit rate reduction algorithm, said bit rate reduction algorithm being suitable to:

- calculate a bit rate reduction factor for one or more of the devices whose data packets are being transported on said critical link, this bit rate reduction factor being such that by reducing the bit rate of said one or more devices by the bit rate reduction factor, the bandwidth capacity of the link is higher than the bandwidth requirements of all the devices whose data packets are being transported on said critical link, transmit to said one or more devices new operating parameters such that the bit rate of the data packets transmitted by said one or more devices is reduced by a factor at least equal to said reduction factor.

This solution allows efficient management of critical events such as the loss of a link, ensuring reliability and robustness of the network. This solution should therefore be useful in video surveillance systems.

It is also a purpose of the present invention to provide a switch configured to implement the methods described above, as better detailed in the description that follows.

Further characteristics and purposes of the present invention will become more apparent from the description that follows.

BRIEF DESCRIPTION OF THE DRAWINGS

The invention will be described below with reference to various examples, provided on an explanatory and non-limiting basis, and illustrated in the accompanying drawings. These drawings illustrate different aspects and embodiments of the present invention and, where appropriate, reference numbers showing structures, components, materials and/ or similar elements in the various figures are denoted by similar reference numbers.

Figure 1 shows a video surveillance system based on IP network according to the present invention;

Figure 2 shows a block diagram of a switch for use in the system of figure V, Figure 3 illustrates the process of installing a video camera in the system of figure 1;

Figure 4 illustrates the process of installing a video recorder in the system of figure 1;

Figure 5 illustrates the process of installing a detection sensor in the system of figure 1;

Figure 6 is a flow diagram relating to the process of adjusting the bit rate of the devices of the surveillance system;

Figure 7 shows the system of figure 1 in the event of an IP network link failure. DETAILED DESCRIPTION OF THE INVENTION

While the invention is susceptible to various modifications and alternative constructions, various preferred embodiments are shown in the drawings and will be described hereinafter in detail. It should be understood, however, that there is no intention to limit the invention to the specific embodiment shown, but, on the contrary, the invention is intended to cover all modifications, alternative constructions, and equivalents which fall within the scope of the invention as defined in the claims.

The use of "for example", "e.g.", "etc.", or "or" indicate non-exclusive alternatives without limitation unless otherwise indicated. The use of "includes" means "includes but is not limited to" unless otherwise indicated. The use of the term "application" indicates that the software runs on a surveillance device that interacts with the application layer of the OSI conceptual model.

With reference to figure 1, a CCTV system 1 is described comprising a plurality of video cameras 2 and detection sensors 3, connected to a video surveillance centre 5 (for example a computer on which VMS software is installed) via an IP network 4.

In the non-limiting example described hereinafter, the IP network 4 comprises four switches Si, S ₂ , S3, S ₄ which are mutually connected by means of the bidirectional links L _/2 , Li, ₄ , L ₂ ,3, L3 1, that can, with no difference, be wired or wireless. The various devices, video cameras, sensors etc., are thus connected to the switches and in the following description will be generically identified by the symbol Di, _j , where the index i indicates the switch to which they are connected and the index j the switch port to which they are connected.

In a manner known per se, the switches S1-S4 exchange data packets with the various devices Di, _j connected to the network 4, for example data packets containing the video recorded by one of the video cameras. To this end, the switches Si-S4 are provided with a plurality of ports 20 (shown in the diagram of figure 2 where a generic switch Si of the system is shown) for connection to the network 4, a control unit (in particular, a microprocessor) 21 and a memory area 22 in which the firmware that encompasses the various functions performable by the switch is stored. The control unit receives data packets from a device connected to one of the ports 20 (which in this situation thus functions as an input port) and determines an output port on which to transmit data packets received on the input port so that they reach the destination. Among the various functions of the switch, a first function is that of automatic configuration of devices that are connected to its ports 20.

Operationally, the installation step of a device, for example a video camera or a sensor, in the surveillance system is carried out by following the steps described below and illustrated in Figure 3.

The intelligent switch ¾ recognises (step 300) that a device, in figure 3 a video camera 2, has been connected to one of its local ports 20 and identifies its type. The identification of the type of device that is connected to the switch can occur in different ways.

In one embodiment, the device sends a DHCPDISCOVER broadcast message, with the source IP address conventionally set to 0.0.0.0, and the destination address set to 255.255.255.255 (broadcast address). This message, as known, contains the MAC address of the device that generates it.

The switch receives the DHCPDISCOVER message and extracts the OUI prefix from the MAC address. By using this prefix the switch identifies the manufacturer of the device and completes the procedure for assigning the IP address by exchanging with the device the DHCPOFFER, DHCPREQUEST, and

DHCPACKNOWLEDGE packets, in accordance with the protocol.

The processor 21 of the switch interrogates the memory area 22 and obtains, based on the prefix OUI, the communication protocol (e.g. ONVIF or proprietary) and one or more sets of credentials (e.g. user name and password) to be used for authenticating itself with the device.

The processor 21 generates and transmits one or more messages that do/ do not allow the switch to authenticate itself with the device according to the authentication protocol to be used with the latter.

In another embodiment, the device can send packets using the DHCPv6 protocol (Dynamic Host Configuration Protocol for IPv6, defined in RFC 3315, RFC 4361 and RFC 6221) and the assignment of addresses takes place by means of the SOLICIT, ADVERTISE, REQUEST, and REPLY packets.

In another embodiment, the device can send packets using the NDP protocol (Neighbor Discovery Protocol, defined in RFC4861) and assignment of addresses takes place by means of the ROUTER SOLICITATION, ROUTER ADVERTISEMENT, NEIGHBOR SOLICITATION, NEIGHBOR ADVERTISEMENT, and REDIRECT packets.

The authentication phase being complete, the processor 21 generates an interrogation message prompting the device to define its own device typology and/ or functions supported, e.g. surveillance video camera, infrared sensor, etc.

In a different embodiment, it is the device that announces itself to the switch and provides the switch, via a configuration request or on request by the switch, the identification data of its manufacturer (identifiable by means of a text string or the OUI of its MAC address) and the device type, e.g. video camera.

In the event that a device Di, _j connects to a switch Si, the switch can wait a few seconds to check if the device announces itself, otherwise it can begin to query the device at the Data Link layer to identify it. In the particular case in which the connected device uses the ONIF protocol, recognition may take place by means of the WS-Discovery function provided by that protocol.

Once the type of the connected device has been identified, the processor 21 of the switch ¾ interrogates the memory area 22 and retrieves the rules necessary for the configuration of the device. The retrieval of these rules can be done based on the manufacturer (identified by the OUI prefix) and on the device type.

The switch then transmits (step 301) the configuration data to the device.

For example, based on rules stored in the memory 22, the processor 21 of the switch determines that for a video camera of a given manufacturer, e.g. identified by a given OUI prefix, it is necessary to transmit, according to a given format, the frame rate and the image size to be used; in this case the processor 21 generates and transmits, on the port to which the device is connected, one or more data packets packaged according to the selected communications protocol and containing information on the frame rate and image size (e.g. 768 x 1024 pixels) that can be chosen to maintain a default bit rate lower than a certain value.

If the switch identifies that the connected device is a video recorder and detects in the memory area 22 that for video recorders it is necessary to set up a URL with which to locate the video stream to be recorded, and the time for which the recording must be retained, then the switch provides one or more URLs of the video cameras connected to it and transmits to the connected video recorder a predefined value, e.g. 72 hours, for the retention time of the recordings.

In general, the switch ¾ performs a default configuration of the device which is connected to it and any other devices that need to communicate with the new device. The configuration includes two parts, not both of which may necessarily be performed:

^• intra-device configuration: the switch configures all the parameters, both at the network level and in the application executed by the device, which modify the behaviour of the device connected to the switch. The IP address, user credentials, and encryption settings are, for example, in this category.

• inter-device configuration: the switch configures all the parameters that control the correct operation of functions involving two or more devices connected to the same switch. An example of these functions is the configuration of the network video recorders for the recording of the video cameras. In this case, the switch recognises that one or more video recorders and one or more video cameras are connected to its ports. In this case, the switch retrieves from the video cameras the URLs of the video streams and configures them in the video recorders, so that they know where to retrieve the video streams that must be saved. This configuration is useful because a video recorder is capable of recording the video cameras even if the connection to the central VMS is interrupted.

Preferably, each switch Si is also provided with a user interface through which the installer can change the default parameters or update the switch by uploading information for the installation of new devices connectable to the video surveillance system 1.

When the device configuration is complete, the switch adds (step 302) to the VMS 5 the device just recognised and configured. To do this, the VMS is configured in such a way as to accept requests from switches St-S4 to add new devices to the system 1.

Beneficially, the new devices are registered by the switches with names characterised by a "sorting" prefix, which exploits the fact that the VMS in general tends to sort the devices in their interfaces in alphabetical order. Such a prefix thus comprises a first field that makes it possible to group the devices by switch, a second field that indicates to which switch port each device is connected, and a third field that indicates the device name, said third field can in turn be divided into sub-fields, for example to indicate the make and model of the device. An example of a device name registered with the VMS could be

Switch #01 - Port #01 - Videotec - Ulisse Compact HD30x , where the prefix

Switch #01 - Port #01

indicates both the switch to which the device is connected and the port, to facilitate identification of the products if necessary and

Videotec

and

Ulisse Compact HD30x

are respectively the brand and model of the device.

By way of example, the assisted installation step for a video recorder 6 is illustrated in figure 4.

The switch Si recognises (step 400) that a video recorder 6 is connected to one of its local ports 20 and, after having identified the device type, proceeds (step 401) with the intra-device configuration by assigning an IP address to the video recorder (if the DHCP server function is implemented) and other parameters such as the retention time for the recordings.

The inter-device configuration is subsequently performed: the switch ¾ instructs the video recorder to create a recording task for a video stream that is located at a certain URL.

With reference to figure 5, the assisted installation of an access control system (e.g. a volumetric or infrared sensor) is now described. The installation is performed in a manner similar to that described above for the installation of a video camera, with the only difference being that instead of adding video streams, doors are added to the VMS. The switch Si detects (step 500) that an alarm detection system 3 has been connected to a port thereof, and after having identified the device type, configures (step 501) some of its specific parameters. For example, if the switch ¾ identifies that the access control device connected is a device for controlling access to a door, it can configure the device so that it enables, for example, the free passage of people through the door at certain times and not at other times, or it can configure the device so that it allows the opening of the door only after checking a physical or electronic key, optionally with the emission of an alarm event when the door is opened. If the door access control device supports saving user credentials, the switch can upload a set of previously authorised access credentials, for example those for the system installers. When configuration of the alarm detection system 3 is complete, the switch adds (step 502) this device to the VMS.

The above examples thus illustrate how the switch is able to set up the parameters of the software applications that run on the devices.

The switches subsequently monitor the status of the links to detect any network congestion issues due either to a high number of installed devices or to network problems such as the loss of a link. In the event of problems, the switches provide, among the functions stored in the memory area 22, that of reconfiguration of the application parameters of the devices connected thereto in a manner dependent on the network topology.

The switches ¾ exchange information about devices linked to them and the bandwidth requirements thereof periodically or if an event, for example the installation or removal of a device from the system, materialises. Each switch is thus aware of the entire network topology (link, link capacity, and bandwidth requirements for each of the various devices connected to the network) and is able to coordinate with the others in order to transmit data from the devices Di,j to the VMS (and vice versa), according to a spari ing tree protocol.

In the example of figure 1, assuming that the links L _j2 , Li, _3/ L ₂ ,4, L ₃ ,4, have a capacity of 100 Mbit/s, that the video cameras generate data traffic of 15 Mbit/s, and that the access detection system generates data traffic of 0.1 Mbit/s, the switches coordinate with each other in such a way as to transmit data packets in the most balanced way possible. Assuming the result of the spanning tree, the data of the video cameras connected to the switch S ₂ will thus be sent to the VMS via the link Li, ₂ , while the data of the other devices connected to the switches S ₃ and S will be sent to the VMS via the links L3 and Li, ₃ according to the spanning tree path identified by the dashed arrows shown in figure 1.

In addition to executing a spanning tree protocol, the switches are configured to set the bit rate of the various devices as a function of the network topology so as to ensure that the VMS correctly receives the video streams.

Beneficially, the switches Si are each equipped with a user interface, which can be accessed from a PC via the network, which allows the user to set a number of parameters, such as the priority level for the installed devices.

In the event of deterioration of network connectivity and congestion of reception of video streams by the VMS, switches S1-S4 react by reconfiguring the devices connected thereto based on both the network topology and the priority levels of the various devices. Video cameras intended to record shots that are more important than others (e.g. an entrance rather than a corridor) will thus be set to a higher priority level and in the event of network degradation, are assured a bit rate greater than that granted to video cameras with lower priorities.

The adjustment of the bit rate is made by switches according to the method described below with reference to figures 6 and 7.

Each switch Si initiates a link status monitoring process, step 600, and checks (step 601) if all links satisfy the bandwidth capacity required by the devices Di,j connected to the network.

Take for example a situation in which a link is interrupted, as shown in figure 7, where the link hi, 2 is no longer present. The switches Si and S2 detect the interruption of the link and communicate this to the other two switches S3 and S , thus all the switches are made aware of the interruption of the link Li, ₂ .

When the switches detect the interruption of the link L _lf2 , they reconfigure themselves to transmit data packets according to the new spanning tree indicated by the dashed arrows in figure 7.

In this configuration, the switches S;i-S4 verify that 8 x 15 Mbit/s + 0.1 Mbit/s = 120.1 Mbit/s would be transported on the link Li,3, which is greater than the maximum capacity of the link L1 ; this means that data packets will be lost.

When the switches identify a critical issue such as this, they perform a bit rate optimisation algorithm (step 602) that, taking into account the network topology, solves the problem of determining the maximum quality for each device present in the CCTV network subject to the constraint that the sum of all the data flow bit rates that are transported on each connection between the switches does not exceed the capacity of each link.

In mathematical terms, the algorithm solves the following system of equations:

νί £ [ψ|],ν/€[1,Μ, ]

Vi e [l.|S|],7€[l,|S|]

Where:

• Si is the i-th switch that constitutes the network of the system 1.

^• S is the set of all the switches which make up the network. | S | is the cardinality of this set.

^• Li,j is the link that connects the i-th switch to the j-th switch. In this case, Li,j = Lj,i, because in CCTV applications there are no unidirectional connections.

• i, _] is the maximum transmission capacity of the link Li,j from the i-th switch to the j-th switch. In general, G, _j differs from C _j ,i, because some links may be made with asymmetric connections, such as for example UMTS/HSPA+, in which the uplink and downlink have different band widths. Given a particular i and j, G,, = 0 implies that there is no transmission from i to j. Ci,j = 0 and Cj,i = 0 simultaneously means that the switches i and j are not connected.

• Di,j is the device connected to the j-th port of the i-th switch.

· Qi, _j is the quality of the signal to be transmitted on the device Di,j. For devices such as access control devices, this will be a constant rather than a variable value. Qj,j = 0 if the j-th port of the i-th switch is not connected to anything. Since, in general, the number of switch ports is not constant, we consider that j takes values in the interval [1, Mi], where Mi is the number of ports of the i-th switch.

• P _a ,b specifies which type of device is connected to the b-th port of the a-th switch. This indicates if the device is a video camera, a video recorder, an access control device, or a device of other type or null type. ^• The function ,j (a, b, Q _a ,b, Pa,t>) is the function which maps the bit rate capacity generated by the device connected to the b-th port of the a-th switch on the connection that goes from the i-th switch to the j-th switch. This function takes as input not only the device quality but also the specification of where the device is connected, namely the parameters a and b, to apply a different modulation of the bit rate based on the shot to be recorded. It also takes into account the device type, P _a ,t _> , to understand if and how it is possible to modulate the bit rate depending on the device type.

To better illustrate the algorithm, an example relevant to the situation of figure 7 is taken. Being:

C _1<2 = C.2,1 = 0 Mbit/s because it is interrupted

C-3,4 = Q,3 = 100 Mbit/s

C.2,4 = C ₄ ,2 = 100 Mbit/s

Ρ¾ι = video camera

P ₂ ,2 = video camera

¾3 = video camera

Ρ¾ι ⁼ video camera

P ₃ 2 = video camera

P3 = video camera

P ₄ ,i = video camera

P ₄ ,2 = video camera

P4,3 = access control

Qu = (width 1920, height 1080p, frame rate 60 fps)

Q.2,2 = (width 1920, height 1080p, frame rate 60 fps)

Q_2,3 = (width 1920, height 1080p, frame rate 60 fps)

QJ = (width 1920, height 1080p, frame rate 60 fps)

Q_3,2 = (width 1920, height 1080p, frame rate 60 fps)

Q ₃ ,3 = (width 1920, height 1080p, frame rate 60 fps)

Q ₄ ,i = (width 1920, height 1080p, frame rate 60 fps)

Q4,2 = (width 1920, height 1080p, frame rate 60 fps)

Q_4,3 = dummy value, constant 1. It is known that the quality of video streams for very small quantisation steps, i.e. for compression ratios that are not too high, followed by entropic coding, as for example in the case of H.264/AVC, can be linked to the bit rate by using a coefficient of 0.1 bits per pixel. In this case, whereas real-time video compressors achieve sub-optimal performance, we use a quality specification of 0.12 bits per pixel, which results in a bit rate for the video cameras equal to 1920 * 1080 * 60 * 0.12 = (approximately) 15 Mbit/s. As a result:

b ₂ ,i (2,1, (width 1920, height 1080p, frame rate 60 fps), video camera = 15 Mbit/s

b _¾ i (2,2, (width 1920, height 1080p, frame rate 60 fps), video camera = 15 Mbit/s

b ₂₁ (2,3, (width 1920, height 1080p, frame rate 60 fps), video camera = 15 Mbit/s

b¾i (3,1, (width 1920, height 1080p, frame rate 60 fps), video camera - 15 Mbit/s

b ₃ ,i (3,2, (width 1920, height 1080p, frame rate 60 fps), video camera = 15 Mbit/s

b _¾ i (3,3, (width 1920, height 1080p, frame rate 60 fps), video camera = 15 Mbit/s

b4,3 (4,1, (width 1920, height 1080p, frame rate 60 fps), video camera - 15 Mbit/s

b ₄ ,3 (4,2, (width 1920, height 1080p, frame rate 60 fps), video camera = 15 Mbit/s

b ₄ ,3 (3,3, 1, access control device) = 0.1 Mbit/ s

b ₃ ,2 (4,1, (width 1920, height 1080p, frame rate 60 fps), video camera = 15 Mbit/s

b3,2 (4,2, (width 1920, height 1080p, frame rate 60 fps), video camera = 15 Mbit/s

b¾,2 (3,3, 1, access control device) = 0.1 Mbit/ s

In this example, as a result of the inputs provided by the installer (such as, for example, a lower priority for the cameras of S ₄ ), the function bi,j (a, b, Q _a ,b, P _a ,b) for this system is defined to modulate the bit rate of the two video cameras connected to the switch S ₄ using a factor of 2 with respect to the video cameras connected to S2 and S3. The function bj _rj (a, b, Q _a ,b, Pa,b) is also defined not to modulate the bit rate for the access control device.

The function Q _a ,b for the video camera is defined as

Qa,b = frames per second of the video camera D _a , _b

That is to say, the image size is left unaltered and the video quality is reduced by reducing the frame rate.

Given these assumptions, the factor x with which to modulate the bit rate can be calculated as follows:

6 - 15(l - x)+ 2 - 15(l - 2*) + 0.1 < 100

90 - 90x + 30 - 60* + 0.1 < 100

- 1 0x < -20.1

x > = 0.134

1 50

From this value of x the switches deduce the target maximum bit rate, that for D ₄ ,i and D ₄ , ₂ is 15 Mbit/s * (l-2x) = 10.98 Mbit/s, while for the other video cameras it is 15 Mbit/s * (1-x) = 12.99 Mbit/s, and the bit rate of the access control device is left unaltered. It is thus possible to determine the maximum video camera quality that proves to be

10,98

60 = 43 fps

15

12,99

60 = 50 Jps

15 maintaining unchanged the video encoder quantisation step, and modulating only the frame rate.

Once the optimisation algorithm has completed, each switch accordingly determines (step 603), the parameters for the software applications that run on the devices connected thereto, determining the transmission bit rates of the latter. Each switch S ₁ -S4 transmits (step 604) to the devices connected thereto the new parameters for the software applications, which will thus reduce the bit rate, leading to an overall network traffic that is compatible with the network bandwidth capacity. The abovementioned description makes it possible to understand how the video surveillance system and the switches included therein make it possible to achieve the abovementioned objectives.

In particular, the ability of the switches to set the parameters of devices connected thereto based on the device type connected makes possible a quick but thorough configuration and/ or reconfiguration (in case of link failure) of the video surveillance system.

The field technician can then make many variations to the video surveillance system, for example by installing not only surveillance devices such as video cameras and alarm detection systems, but also other devices such as I/O devices, evacuation alarm devices (such as sirens or digital speakers), and more generally IP devices equipped with sensors and/ or actuators.

The device in question can still use different modulation strategies for the video camera bit rates, for example:

· reducing the frame rate while keeping the image size and video quality constant

• reducing the video quality while keeping the image size and frame rate constant

• reducing the image size while keeping the frame rate and video quality constant

• a combination of the three previous strategies with very precise intervals.

The frame rate can thus, for example, be modulated, reducing the initial bit rate by as much as 30%, and then the bit rate can continue to be reduced by reducing the video quality.