Cut false alarm rates on security robots

The false alarm rate is the only metric that matters in perimeter protection. It decides whether a security robot relieves the control room or becomes a burden. This piece separates two terms that get mixed in practice: the technical false positive rate at sensor level, and the verified false alarm rate after fusion and escalation. The first is high in raw form on every system. The second must stay under 8 percent per month. Otherwise no autonomous system pays back.

False alarm rate as an operational metric

The false alarm rate measures the share of sensor triggers without a real threat. Quarero records it per 1,000 patrol kilometers and per 30-day window. Conventional PIR fence systems in outdoor sites produce 40 to 70 percent false positives, depending on vegetation and wildlife density. [Source required] The target corridor for autonomous platforms sits under 8 percent verified false alarms per month. Important: the raw false positive rate of individual sensors is significantly higher. Only sensor fusion brings the verified value into single digits.

The cost effect is directly measurable. Each manual verification ties up 12 to 18 minutes of control room capacity, from alarm receipt through camera review to entry in the shift log. [Source required] A fence system with 300 triggers per month produces 60 to 90 hours of bound control room time. Quarero therefore anchors a monthly evaluation with root cause categorization in the SLA. The categories are: animal, weather, reflection, vegetation, authorized person, sensor drift. Without this categorization no model update can be steered.

For context on personnel cost and call frequency in conventional guard services, see the BDSW industry data.

Root cause categories on the outdoor perimeter

Wildlife is the dominant driver. Deer, foxes and stray dogs trigger 35 to 50 percent of classical motion sensors, depending on location and season. [Source required] Logistics centers on the city edge show the highest values. Weather reflection follows: rain on metal roofs, snowfall in front of IR emitters and fog distort RGB detection. With fog under 50 meter visibility, any camera-only solution fails without thermal backup.

Vegetation creates its own class of contour alarms. Moving grass above 15 cm and swinging branches trigger contour classifiers that are not calibrated to volume. Authorized movement is the most uncomfortable category: employees whose shift data was not updated in the geofence appear as intruders. These false alarms are organizational, not technical. Sensor drift finally appears on LiDAR heads after frost cycles. Misaligned sensors produce systematic mismeasurements, documented in the maintenance log. Quarterly calibration is mandatory.

Sensor fusion as the reduction lever

The QR-2 outdoor patrol with thermal combines three sensor paths in 200 milliseconds. Thermal in the 8 to 14 micrometer range detects body heat independent of daylight. RGB delivers identification detail. Audio classification runs in parallel on a separate model. Cross-validation means: an alarm only forms when two independent sensor paths agree. A deer visible only in RGB but carrying the wrong thermal signature is discarded.

The QR-3 with LiDAR and drone detection adds a point cloud for volume classification. The system separates human (1.4 to 2.1 cubic meter hull volume) from animal (0.2 to 0.8 cubic meters). This volume measurement is the single most effective measure against wildlife alarms. The person detection model is trained on 4.2 million DACH-specific frames, including high-visibility vests, winter clothing and helmets. [Source or technical datasheet required] Models from US datasets fail on German protective clothing colors.

Audio spectral analysis identifies glass breakage, voices and tool sounds above 65 dB. It complements the optical paths where line of sight is missing. Sensor fusion classifies as safety-relevant under the EU Machinery Regulation, see Regulation 2023/1230.

Comparison values for the classical setup appear in the analysis Perimeter protection for industrial parks.

Escalation logic and control room integration

Escalation follows three stages: observation, approach, escalation to the human control room. At stage 1 the robot logs an anomaly without raising an alarm. At stage 2 it autonomously runs a verification patrol. It approaches the event location and runs a second sensor capture from closer distance. Only when the verification run confirms the threat is the control room alerted.

This logic reduces control room escalations to under 2 incidents per day and square kilometer of monitored area. Video stream and thermal image are transmitted to the dispatcher in parallel, who decides on the operational response in under 45 seconds. Every decision receives an audit trail with timestamp, raw sensor data and classifier confidence. The audit trail is not optional. It is a precondition for evidence handling toward insurer and law enforcement. BBK requirements for detection and reporting chains in critical infrastructure apply here, see BBK portal.

Benchmarks from DACH pilot operations

The following values come from QR-2 and QR-3 deployments between 2024 and 2026. A chemical park with 1.8 km of fence length reduced the false alarm rate from 62 to 6.4 percent in 90 days. Two thirds of the reduction came from sensor fusion, one third from geofence maintenance and shift synchronization.

A logistics center with 240,000 square meters reduced nightly guard patrol interventions by 71 percent. The remaining interventions were genuine incidents: two confirmed break-in attempts and eleven unauthorized persons on site in six months. A KRITIS substation recorded zero confirmed false drone detection alarms over six months. The QR-3 drone detection uses acoustic and LiDAR signatures in parallel.

A hospital site achieved 88 percent fewer false dispatches of the external guard service. Here the lever was less the sensor stack, more the escalation logic: patients walking on the parking lot at night were correctly classified as non-threatening and not escalated.

Economic effect of the reduced false alarm rate

Every avoided guard service dispatch saves 180 to 320 euros, including travel, minimum response time and report fee. The range depends on region and night or weekend surcharges. At 12 avoided dispatches per month the QR-2 already pays for itself operationally. The monthly rate in the Robotics-as-a-Service model is 3,500 euros.

Compared with a 24/7 guard post (15,000 to 25,000 euros monthly, depending on collective agreement and location) the OpEx reduction comes to around 80 percent. [Source required] What works: substitution for pure observation posts. What does not work: substitution for access control with §34a obligation. Robots do not replace the Sachkundeprüfung, they replace patrol rounds.

Insurance premiums fall by an average of 7 percent when the documented false alarm rate stays under 10 percent. [Source required] Insurers accept the reporting as evidence of active risk reduction. In the RaaS model there is no CapEx, deployment runs within 48 hours, minimum term is 24 months. A detailed cost comparison sits in the guard service cost comparison and the three-tier pricing model.

Calibration and continuous improvement

The first four weeks are a learning phase. Quarero runs the system at elevated sensitivity and manually tags every alarm. This phase is non-negotiable: it learns local patterns. These include wildlife windows, employee shifts and normal vegetation movement. Skip this phase and the false alarm rate stays double for months.

After that comes a monthly model update per site. Local vegetation and shift patterns are learned, classifiers fine-tuned. The security manager maintains the geofence through a web console, the shift calendar synchronizes automatically. Quarterly sensor calibration follows EN ISO 13482 for mobile service robots. Calibration protocols go into the maintenance log.

Every 90 days an escalation review takes place with control room, plant security and Quarero. Topics are categorized false alarms, threshold adjustments, geofence changes and new threat scenarios. The review is mandatory in the master agreement. Without structured feedback the false alarm rate rises again after six months.

Contractual anchoring of the false alarm rate

The SLA threshold sits at a maximum of 8 percent verified false alarms in a rolling 30-day window. Breaches trigger a service credit per the penalty tier in the master agreement. Three consecutive monthly breaches lead to an extraordinary escalation review with binding measures.

The monthly performance report contains a raw data export for internal audits. Security managers get evidence for the management board and supervisory board. Data sovereignty stays with the operator, storage sits in the DACH region, processing is GDPR and BSI compliant. Raw sensor data does not leave the plant without documented purpose binding.

A handover workshop for plant manager and security manager is mandatory at onboarding. Contents: web console, report interpretation, escalation paths and control room interface. Without this workshop the report structures do not feed into internal audits.

For KRITIS operators an additional point applies: the false alarm rate forms part of the effectiveness measurement under §30 BSIG. [Direct link to §30 BSIG required] The monthly reports transfer directly into reporting to the BSI. Skip the structured reporting at the start and you lose this downstream compatibility.

Next step: start a pilot request for the site-specific false alarm forecast and submit site data for the upfront risk assessment. Quarero delivers a site-specific forecast of the achievable false alarm rate within ten business days. The basis is comparable deployments plus the local factors of vegetation, wildlife density and shift structure.