PICS User’s Manual 07 June 2004 PERSONAL IDENTIFICATION CREDENTIAL SYSTEM (PICS) USER’S MANUAL Contract No. GS23F0108J Delivery Order No. F19628-02-F-0048 07 June 2004 Prepared for Electronic Systems Center ESC/FD 5 Eglin Street Hanscom AFB, MA 01731-2100 DISTRIBUTION STATEMENT C: Distribution authorized to U.S. Government agencies and their contractors for Administrative and Operational Use, 4 April 2002. Other requests for this document shall be referred to ESC/FDP, 5 Eglin Street, Bldg.
PICS User’s Manual 1.0 07 June 2004 SCOPE This document is intended to provide guidance to the end user of the Personal Identification Credential System (PICS) for normal operations. This revision covers the Production Prototype system only. It describes typical operation of the Personal Identification Credential (PIC), the PICS Enrollment Station, and the PICS Reader.
PICS User’s Manual 1.2 07 June 2004 Documentation Conventions Screen Labels Represents labels that appear on the screen in the PICS Manager software. Database Field Names Represents fields in the PICS database. User Entered Data Represents data which the user must enter. File Contents Represents the listing of files used by the system.
PICS User’s Manual 2.
PICS User’s Manual 3.0 07 June 2004 DESCRIPTIONS The Personal Identification Credential System (PICS) provides access control using a Personal Identification Credential (PIC), which can be issued to individual users. The PIC is a small, handheld, wireless biometric device small enough to fit in a shirt pocket. In the initial application, users will operate the PIC from within a vehicle in order to gain access to a facility.
PICS User’s Manual 07 June 2004 should occur quickly. If the finger slides across the sensor slowly, the sensor my read an image before the finger is actually in place. Figure 1 shows correct and incorrect placements of the fingertip on the sensor. Correct Incorrect Figure 1 PIC Fingertip Placement Once the finger is placed on the sensor, the LED will start blinking amber indicating that the PIC is reading the sensor and processing the image.
PICS User’s Manual 07 June 2004 it will frequently solve this problem. Blinking Successful Match Green Green indicates that the fingerprint was matched successfully. A blinking green LED should be accompanied by a single, short, low pitch beep. Initially, the LED should blink green. Once the PIC has received confirmation from the PICS Reader that the PIC has been validated, the LED will remain on continuously and another short, high pitched beep will be emitted.
PICS User’s Manual 07 June 2004 should be used with some caution since it compromises the security of the system. The enrollment process places information in the database which is used by the PICS Reader Service to update the database in the Reader itself. It is not necessary for the Reader and the PICS Reader Service to be operating during enrollment, but it is recommend ed. NOTE: THE MANUFACTURER IS NOT RESPONSIBLE FOR ANY RADIO OR TV INTERFERENCE CAUSED BY UNAUTHORIZED MODIFICATIONS TO THIS EQUIPMENT.
PICS User’s Manual 07 June 2004 Figure 2 PICS Manager Users Screen 3.2.1.2 Configuration Screen The Configuration Screen is shown in Figure 3. It contains three sections. The Enrollment Comm Port should be set to the RS-232 port that has the Enrollment Station RF Interface attached. The baud rate should be set to 38400. The Light Tree Comm Port should be set to disabled at present. The Database Configuration section contains a path to the Interbase database, a database user name and a database password.
PICS User’s Manual 07 June 2004 Figure 3 PICS Manager Configuration Screen 3.2.1.3 Enroll Screen The operation of the Enrollment Screen is the most complicated part of the PICS Manager software. The typical operation is as follows: 1) First, the operator selects the correct user from the list on the USERS screen. If the user is not in the list, the operator may have to add the user. Once the user is selected, the operator presses the ENROLL button.
PICS User’s Manual 07 June 2004 PIC will be deleted. For this reason, it is important to be sure that there is one and only one PIC turned on during this process. 4) The operator would then press either the Enroll Finger button or the Enroll Duress button. The enrollment operation is identical for both buttons, except the PIC will identify the finger enrolled as a duress finger and inform the PICS Reader during the verification process.
PICS User’s Manual 07 June 2004 Figure 4 PICS Manager Enrollment Screen Figure 5 Start PIC Enrollment Dialog Box 3.3 Operation of PICS Reader Control The PICS Reader Control is a Windows NT service which runs in the background on a designated computer (most likely the same computer which hosts the Interbase database) and maintains the PICS Reader. All communication to the PICS Reader occurs from the PICS Reader Control.
PICS User’s Manual 07 June 2004 maintainer. The top row of buttons are available regardless of which screen is selected. The Enable button allows the service to communicate with the PICS Reader. If it is unselected, the service will disconnect from the PICS Reader. The About button display an about dialog which contains the software version number. The RF Test button places the PICS Reader in a test mode, in which it will send RF test messages to a PIC.
PICS User’s Manual 07 June 2004 Figure 6 PICS Reader Control Monitor Screen 3.3.2 Log Screen The log screen displays a dump of the log from the PICS Reader. If the function is enabled in the PICS Reader and the service is configured to automatically download the log, this screen will be updated automatically. The log will also be stored in a file defined on the Config screen. Pressing the Dump button will force downloading the latest log information.
PICS User’s Manual 07 June 2004 Figure 7 PICS Reader Control Log Screen 3.3.3 Database Screen The Database screen can be used by the maintainer to verify the contents of the Reader database, clear it out, and force a new download of the database. Under normal circumstances, the Auto Update button should always be selected. After using this screen, the maintainer/operator should ensure that this button is selected. If this button is not selected, the database in the Reader will not be kept up to date.
PICS User’s Manual 07 June 2004 Figure 8 PICS Reader Control Database Screen 3.3.4 File Transfer Screen This screen provides the ability to send and receive files to/from the Reader. This screen should only be used by qualified personnel, as changing the wrong file could prevent the Reader from booting. The File Xfer screen is shown in Figure 9.
PICS User’s Manual 07 June 2004 Figure 9 PICS Reader Control File Transfer Screen 3.3.5 Configuration Screen The Configuration screen allows the maintainer to change the configuration of the PICS Manager software. Once the system is set up, the configuration should require very little change. Figure 10 shows the Configuration screen. With the PICS Reader Service installed and running, the Config screen can only be reached by right clicking on the icon in the task bar and selecting Config.
PICS User’s Manual 07 June 2004 Figure 10 PICS Reader Control Configuration Screen 3.3.5.1 Reader IP Address This field sets the Reader’s IP Address. The Reader must use a fixed IP address, which should be entered into this field. Changing the Reader’s IP address is discussed later in this document. 3.3.5.2 Database Location This field specifies the location for the Interbase database file. This location is determined during the initial setup of the database.
PICS User’s Manual 3.3.5.4 07 June 2004 Create Database Button The Create Database button is used to create a database at the location specified by the database location and with a user name and password specified. The operator should be sure that the path for the file exists prior to clicking this button. This should only be required during system initialization. See details in paragraph 3.3.6. 3.3.5.
PICS User’s Manual 07 June 2004 CREATE TABLE "PICS" ( USER_ID VARCHAR(64) NOT NULL, USER_ID_LEN INTEGER, PIC_KEY VARCHAR(512), NAME VARCHAR(64), PIC_ID VARCHAR(24), PIC_KEY_LEN INTEGER, DURESS_ID VARCHAR(64), DURESS_LEN INTEGER, PIN VARCHAR(16), CONSTRAINT "USER_ID" PRIMARY KEY ("USER_ID") ); CREATE TABLE "PICS_UPDATE" ( USER_ID VARCHAR(64) NOT NULL, PIC_ID VARCHAR(24) NOT NULL, CMD VARCHAR(32), CMD_INDEX INTEGER ); CREATE ROLE Administrators; CREATE ROLE Users; GRANT GRANT GRANT GRANT 3.
PICS User’s Manual 07 June 2004 Figure 11 PICS Status Display 3.5 Reader Operation The PICS Reader contains an embedded PC running an embedded, real time operating system. The Reader software uses an initialization file called reader.ini, which is located in the root directory. The reader.ini file also points to one or more lane initialization files, one for each lane. A keyboard and monitor may be attached to the Reader for troubleshooting purposes and configuration management. In addition, the reader.
PICS User’s Manual 07 June 2004 SUCH MODIFICATIONS COULD VOID THE USER'S AUTHORITY TO OPERATE THE EQUIPMENT. 3.5.1 PICS Reader Initialization File A sample listing of the reader.ini file is shown below. [SYSTEM] DISPLAY ENABLE=1 LANE COUNT=1 [TCPIP] IP ADDRESS=172.16.32.225 NET MASK=255.255.255.0 DEFAULT GATEWAY=172.16.32.1 DNS SERVER=0.0.0.0 PORT NUMBER=50000 [LANE 1] LANE NAME=Lane 1 CFG FILE NAME=c:\hanscom.cfg [LOGGING] ENABLE=1 Table 2 Reader.
PICS User’s Manual Section 07 June 2004 Meaning This value specifies the DNS server. DNS SERVER The Reader does not support DNS. This value should be set to 0.0.0.0 This specifies the port number that the Reader will accept socket PORT NUMBER connections on. It is currently hard coded in the PICS Manager software to 50000. This is the name the reader will refer LANE NAME to this lane by. It is included in all status messages and log events.
PICS User’s Manual 07 June 2004 [IO_GATE] RED_A=0,0x01 GREEN_A=0,0x02 YELLOW_A=0,0x04 YELLOW_B=0,0x08 GATE=1,0x10 BLUE_A=0,0x20 LOOP_ENTER=1,0x40 LOOP_EXIT=1,0x80 GATE IDLE UP=1 GATE TIMEOUT=15 [MSG_GATE] COMPORT=101 BAUD RATE=9600 PARITY=NONE DATA BITS=8 STOP BITS=1 TERMINATION CHAR=13 HEX CONVERT=0 [KEYPAD] PORT=-1 BAUD RATE=9600 PARITY=NONE STOP BITS=1 DATA BITS=8 TERMINATION CHAR=35 Table 3 Lane Configuration File Field Definitions Section Field DEBUG ENABLE GATE INTERFACE COUNT SYSTEM ID UNIT COM
PICS User’s Manual Section IO_GATE Field RED_A RED_B GREEN_A GREEN_B YELLOW_A YELLOW_B BLUE_A BLUE_B WHITE_A WHITE_B ALARM GATE LOOP_ENTER LOOP_OBSTRUCT LOOP_EXIT GATE IDLE UP GATE TIMEOUT COMPORT BAUD RATE PARITY MSG_GATE STOP BITS DATA BITS TERMINATION CHAR HEX CONVERT 07 June 2004 Meaning Specify m,n, where m is a 1 to invert the sense of the signal (low is true instead of high is true). N is the bit mask for the particular bit. The system currently only supports 8 bits total.
PICS User’s Manual Section Field PORT BAUD RATE KEYPAD PARITY STOP BITS DATA BITS TERMINATION CHAR 07 June 2004 Meaning Identifies the comm port to use for sending gate messages. The hardware ports are 0 and 1 and the USB ports start at 100 and go up. Actual baud rate desired (e.g. 9600) String containing ‘NONE’, ‘EVEN’, ‘ODD’, ‘MARK’ or ‘SPACE’. 1 5 to 8 Character to use for termination (typically a carriage return (13).
PICS User’s Manual 4.0 4.1 07 June 2004 Installation Reader Refer to EG&G Drawings 126764-10, PICS Installation and 126762-10, Assy, PICS Reader Terminal Unit. CAUTION This unit is powered by 120 VAC. This voltage can be extremely dangerous and can cause death. Always use an insulated probe when attempting to measure 120 VAC and be extremely careful not to touch places where this voltage is present. The PICS Reader Terminal Unit is contained in a 16” x 16” x 8” NEMA 4X enclosure.
PICS User’s Manual 5.0 5.1 07 June 2004 Specifications Reader Physical Size: 16x16x8 inches Weight: 25 lbs Power: 88 – 132 VAC, 8 Amps Communication Access Control System Interface: RS-232, configurable baud rate, parity, data bits and stop bits Enrollment Station Interface: 100BaseT Ethernet Radio 5.2 Frequency: 915.00 MHz TX Power: 0 dBm max (power attenuated for application, typical radiated power less than 1mW) Modulation: FSK @ 38.
PICS User’s Manual 07 June 2004 Emissions: Antenna: 5.3 Linx Technologies, ANT-916-SP, -1 dBi Gain PIC Physical Size: 2.25 x 3.48 x 0.60 inches Weight: 3.2 oz. Power: Internal Lithium Polymer, nom. 3.7 VDC, 900 mAH. 80 mAmps average current draw (when activated) Radio Frequency: 915.00 MHz TX Power: 0 dBm max (1mW max.) Modulation: FSK @ 38.
