DRAVYA

Work / 004 ACTIVE R&D

ZoneTrace

Real-time visitor tracking and zone control for the data centre: every person on the floor as a live dot, every zone enforced automatically.

Client
Internal R&D
Domain
Indoor positioning
Period
Ongoing
Classification
RESTRICTED
sub-metre positioning accuracy
live location update rate
AoA anchors per floor grid
cloud dependency · runs on-prem
ZoneTrace / Operations Console
LIVE14:32:07Site: REFERENCE
Live Floor Map· inside
Data Hall A · Restricted
Network Room
Office / Tour
Loading & Lobby
R-1
R-2
R-3
R-4
MAIN ENTRY
EMERG EXIT
DOOR
SECURITY
GATE 2
DOCK
AV-301 · R-3 ONLY
E · Escort (staff) V · Escorted visitor AV · Authorized Alarm 10 AoA anchors · 1 Hz · ±0.5 m
Active Visitors 0
Live Alerts
Reports
Today's visits·
Open alarms0
FIG 01 · LIVE CONTROL ROOM · LOCATED VISITORS, ENFORCED ZONES · ANONYMIZED LAYOUT
DATA HALL · RESTRICTED NETWORK ROOM OFFICE / TOUR LOBBY & LOADING V · ESCORTED E · ESCORT AV · AUTHORIZED ALARM · ZONE BREACH 10 AoA ANCHORS 1 Hz UPDATE ±0.5 m ON-PREM ENGINE · NO CLOUD
FIG 01 · LIVE FLOOR MAP · LOCATED VISITORS, ENFORCED ZONES · ANONYMIZED LAYOUT

01 · Problem

A data centre cannot prove where its visitors actually went. Movement is manually escorted and loosely controlled: between escorts there are blind spots, no live view of the floor, and no reliable record after the fact. The escort remembers the visit; nothing measures it.

That gap is now a liability. SOC 2, ISO 27001, PCI-DSS and the Uptime Institute all expect controlled, evidenced physical access, and “trust the escort” does not survive an audit. Unescorted proximity to live racks is a real intrusion and sabotage vector, and every unverifiable visit is exposure: failed audits, contractual penalties, incident liability.

The constraint that shaped everything: the location data can never leave the building. Where a visitor stood inside a data centre is exactly the kind of record a data centre cannot ship to someone else’s cloud.

02 · Approach

Put every visitor on the map, in real time. Each visitor wears a tamper-evident wristband that broadcasts a secure Bluetooth signal; ceiling-mounted Angle-of-Arrival anchors measure that signal’s bearing, and an on-site engine fuses the bearings into a sub-metre position.

Two choices drive the whole design:

  • Angle-of-Arrival, not room-level beacons. Proximity beacons tell you which room; AoA tells you where in the room, to roughly half a metre. On a data-centre floor, “near rack row 3” and “between rows 2 and 3” are different security events.
  • A band, not a badge. A wristband ties identity to position continuously, and detecting its removal is itself a signal. A badge tapped at a door tells you about the door, once.

03 · How it works

Four steps, and the data never leaves the floor.

#StageWhat happens
01WristbandEach visitor’s band broadcasts a secure BLE signal
02AoA anchorsPer-zone ceiling anchors measure the signal’s angle of arrival
03On-prem engineAn on-site positioning engine computes sub-metre location at 1 Hz
04Live dashboardOperators see every visitor, zone and alarm in real time

The positioning engine runs fully on-premises: no cloud dependency, no visitor-location data crossing the building line. It integrates outward into the systems a facility already runs: CCTV, SIEM, and access control.

04 · What it enforces

Once every visitor is a live coordinate, control stops being a manual act:

  • Zone authorization: auditors, contractors and tour groups each get their own allowed area, enforced automatically rather than escorted by memory.
  • Dwell-time & path history: how long each visitor spent in every zone, logged to the second, with the complete route replayable for audit or incident review.
  • Safety on the band: tamper-detect (removal raises an instant alarm with last-known location), an SOS panic press, man-down / no-motion detection, and escort-pairing that alarms if a visitor and their escort separate beyond range.
  • Alarm pipeline: detect → classify by severity → notify (dashboard, SMS, email, SOC/SIEM webhook) → acknowledge & escalate → resolve, every step timestamped. Alarms can slew the nearest cameras to the zone automatically, and one tap turns the live floor into an evacuation muster list.

Every visit becomes immutable, timestamped evidence, so a compliance audit is a one-click export, not a fire drill.

05 · Status

Active R&D. The sensing approach and specs are settled (sub-metre AoA positioning at 1 Hz, on an on-prem engine), and the program is built to prove out in stages: a Phase 1 pilot instruments a single restricted zone on a real floor, validating accuracy, alarms and the operator workflow before anything scales site-wide.

Every deployment is tuned to a specific floor plan, zone map and security policy. Facilities that want controlled, evidenced physical access can start a conversation.