User:Bertrik Sikken: Difference between revisions
|  Add idea |  Add TTN-HAB gateway idea | ||
| Line 28: | Line 28: | ||
| == Project ideas == | == Project ideas == | ||
| This is a list of ideas I'm thinking about, but have not fully developed into an actual project yet. | This is a list of ideas I'm thinking about, but have not fully developed into an actual project yet. | ||
| === TTN - HAB balloon telemetry bridge === | |||
| This idea is about using the-things-network as a receiver for amateur balloon telemetry. | |||
| Receiving telemetry from amateur balloons is currently typically done on the 434 MHz band using RTTY modulation, sending ASCII strings to dedicated receivers. | |||
| The operator of each receiver has to be prepared for receiving the telemetry, by tuning to the correct frequency at the correct time, setting up a dedicated software client that decodes the RTTY modulation and forwards the data to a central system over the internet. | |||
| The central system accepts data from many such receivers, performs deduplication, keeps track of who received what and updates a nice graphical map of where each balloon is and where the receivers are. | |||
| A network like the-things-network can help a lot, it has a lot of gateways already (in the netherlands at least..), already performs deduplication. | |||
| Also LoRa as a modulation scheme is much more sensitive than RTTY. | |||
| In short, the idea is: | |||
| * you attach a LoRaWAN transmitter to the balloon | |||
| * the LoRaWAN transmitter is pre-configured with a set of keys generated by the TTN | |||
| * the bridge software listens for packets received by the TTN and decodes the payload data into an id, latitude, longitude, altitude of the balloon | |||
| * for each packet, we know which gateways received it and where they are. So we can "fake" a client for each gateway and construct an ASCII sentence according to the HAB server conventions  | |||
| * the HAB server still sees the same messages like it would if there many traditional receivers, so doesn't need any modification. | |||
| This way, the entire things network can be used to receive balloon telemetry! | |||
| There is no longer a need for operators to be present at their receiver at the exact time the balloon is launched, making manual adjustments, etc. | |||
| The Netherlands is already covered by many TTN gateways, greatly increasing the chance the balloon telemetry will be picked up. | |||
| Stuff to do: | |||
| * come up with a simple but flexible way to encode telemetry in a binary packet, to be transmitted over TTN. | |||
| * figure out how to receive data from TTN, I think this is an MQTT stream | |||
| * figure out how to find the coordinates of each TTN gateway | |||
| * figure out the protocol between dl-fldigi and the HAB server | |||
| * implement this (in Java for example)! | |||
| === WiFi "top" === | === WiFi "top" === | ||
Revision as of 19:42, 31 July 2017
| User info Bertrik Sikken | |
|---|---|
| Name | Bertrik Sikken | 
| Nick | bertrik | 
| Tagline | heb ik niet | 
You can reach me at bertrik@sikken.nl or bertrik@gmail.com
Studied Electrical Engineering at Twente University.
Main interests:
- reverse-engineering things (USB stuff, mp3 players), working on http://rockbox.org
- studying bats and making electronics for recording/listening to bat sounds
- radio stuff, in particular software-defined radio
Projects I work(ed) on (refresh):
Project ideas
This is a list of ideas I'm thinking about, but have not fully developed into an actual project yet.
TTN - HAB balloon telemetry bridge
This idea is about using the-things-network as a receiver for amateur balloon telemetry.
Receiving telemetry from amateur balloons is currently typically done on the 434 MHz band using RTTY modulation, sending ASCII strings to dedicated receivers. The operator of each receiver has to be prepared for receiving the telemetry, by tuning to the correct frequency at the correct time, setting up a dedicated software client that decodes the RTTY modulation and forwards the data to a central system over the internet. The central system accepts data from many such receivers, performs deduplication, keeps track of who received what and updates a nice graphical map of where each balloon is and where the receivers are.
A network like the-things-network can help a lot, it has a lot of gateways already (in the netherlands at least..), already performs deduplication. Also LoRa as a modulation scheme is much more sensitive than RTTY.
In short, the idea is:
- you attach a LoRaWAN transmitter to the balloon
- the LoRaWAN transmitter is pre-configured with a set of keys generated by the TTN
- the bridge software listens for packets received by the TTN and decodes the payload data into an id, latitude, longitude, altitude of the balloon
- for each packet, we know which gateways received it and where they are. So we can "fake" a client for each gateway and construct an ASCII sentence according to the HAB server conventions
- the HAB server still sees the same messages like it would if there many traditional receivers, so doesn't need any modification.
This way, the entire things network can be used to receive balloon telemetry! There is no longer a need for operators to be present at their receiver at the exact time the balloon is launched, making manual adjustments, etc. The Netherlands is already covered by many TTN gateways, greatly increasing the chance the balloon telemetry will be picked up.
Stuff to do:
- come up with a simple but flexible way to encode telemetry in a binary packet, to be transmitted over TTN.
- figure out how to receive data from TTN, I think this is an MQTT stream
- figure out how to find the coordinates of each TTN gateway
- figure out the protocol between dl-fldigi and the HAB server
- implement this (in Java for example)!
WiFi "top"
This idea is about a simple demo application that shows the number of unique WiFi stations detected. This gives an idea about how busy a place is.
A bit like the CPU load in the unix/linux "top" tool, this is indicated as a number at different timescales, e.g. number of unique WiFi stations detected in the last minute, last 5 minutes and last 15 minute, last hour, etc.
The implementation is done using an ESP8266 in promiscuous mode. Using the callback for promiscuous mode, a table is built with an entry for each unique MAC address:
- only "stations" (like phones, laptops, etc) are recorded in this table, not access points
- the table records the following:
- the unique MAC address
- the time is has been seen first
- the time is has been seen last
 
- the wifi channel is switched at some interval
- every minute (for example), the stats are calculated from the table and published on MQTT
Operations on this table:
- entries older than 60 minutes are removed from the table.
- when we see a new unknown MAC, it's added to the table (if it fits) and we set the first-seen timestamp
- when we see a known MAC, the last-seen timestamp is updated
- getting stats from the table, for example:
- number of unique station MACs seen in the last minute
- number of unique station MACs seen in the last 5 minutes
- number of unique station MACs seen in the last 15 minutes
- number of unique station MACs seen in the last 60 minutes
 
- perhaps we can get stats using either the first-seen or the last-seen timestap?
Possible issues:
- privacy: the unique MAC of any Wifi station is never exposed, only cumulative numbers. If you're really concerned, consider turning off your WiFi devices (e.g. using airplane mode)
- random MACs: apparently some devices randomize their MAC address if they're not connected to a station. Not sure yet how to handle that.
- switching between promiscuous mode (for sniffing) and station mode (for reporting stats): I don't know how complicated this is, we'll see.
Understand Bluetooth AP
I'm trying to understand how to set up a bluetooth AP on a basic Linux system, such that you can connect to it using an Android phone or tablet.
The idea is that there is some kind of useful application running on the Linux system, and that the "app" on the tablet/phone provides the user interface, connecting to the Linux system using REST.
Possible useful links:
- https://www.linux.com/learn/weekend-project-personal-area-networking-bluetooth
- https://www.osnews.com/story/9836/Make_your_Arch_Linux_a_Bluetooth_Access_Point: quite old, uses rfcomm, basically a serial port over bluetooth
- http://bluez.sourceforge.net/contrib/HOWTO-PAN: describes setting up a network using the "pand" utility, can't find that utility
- bluetooth device class calculator
- http://blog.fraggod.net/2015/03/28/bluetooth-pan-network-setup-with-bluez-5x.html
- bt-pan script as referred by the link above
- Is Your Personal Area Network Giving You the BlueZ?
My starting point is:
- a Yocto based Linux distribution
- a Linux 4.1 kernel
- Bluez 5
Understanding the various Linux drivers and tools in the Linux bluetooth stack
- btusb: the Linux kernel driver module for many USB/bluetooth adapters, 'modprobe'-ing this module also magically takes care of downloading firmware needed
- hciconfig, low-level configuration utility for manipulating a bluetooth controller. A bit like ifconfig, it can bring the interface up or down, set options, etc.
- hcitool, yet another utility to perform low-level bluetooth operations, like querying the name of paired devices
- bluetoothd, the bluetooth daemon
- /etc/bluetooth/main.conf : supposedly (one of) the configuration files for bluetoothd
- bluetoothd can be accessed over DBUS apparently, see Bluez docs
 
- bluetoothctl, a more high-level configuration utility, basically a command line user interface towards bluetoothd as I understand it.
And some acronyms:
- NAP: network access protocol
- PAN: personal area network
- BNEP: bluetooth network encapsulation protocol
Getting somewhere: ?
- dbus-send --system --type=method_call --print-reply --dest=org.bluez /org/bluez/hci0 org.bluez.NetworkServer1.Register string:'nap' string:'bnep' 
- following this guide on the server-side (requires systemd): https://blind.guru/tag/bluetooth-pan.html#a-bluetooth-pan-access-point-with-systemd
investigate quadcopter remote control
It turns out that the typical little cheap Chinese quadcopters use a remote-control protocol that can be easily recreated using the famous NRF24L01+ chip (< $1 and easily connected to an arduino). This gives nice opportunity to either:
- transmit our own control signal, to control a quadcopter from something different than the manual remote control, e.g. automatic control
- receive the control signal, so the manual remote control that comes with a quadcopter can be used to steer other things (like a model car).
I haven't found a good overview of quadcopter remote control protocol specifications yet, there seem to be plenty examples of "here-is-the-code" however.
mini word clock in dutch
Basically an monochrome 8x8 word clock, in Dutch, showing local time in the Netherlands.
This git repo has the current code.
See here for a demo running on an arduino nano.
The plan is to run this from an ESP8266 instead of an arduino nano, so it can get the time from the internet using NTP. The time offset will be fixed to Dutch local time, i.e. GMT+1 taking into account summer time. Summer time will be determined using the general rule "from 2:00 local time on the last sunday of March until 3:00 local time on the last sunday of October".
Local date calculation:
- http://stackoverflow.com/questions/5590429/calculating-daylight-saving-time-from-only-date
- https://github.com/niekproductions/word-clock
Understanding LoRa
Ultimate goal is to create an SDR algorithm to decode LoRa without the need for dedicated LoRa hardware. This could be useful when tracking HABs transmitting LoRa for example. See DecodingLora and EncodingLora.
In particular, I should definitely check out this gr-lora project. Perhaps make it work for decoding balloon telemetry modes.
Cypress PSOC5
Play with the Cypress PSOC5 platform, which combines a ARM Cortex-m3 processor with configurable analog blocks. I'm thinking of combining it with a 24 GHz doppler radar sensor, to process the signal and present it as a USB audio device (stereo signal contains I and Q parts). See RadarOnAStick.
Simple Doppler motion sensors
You can find basic doppler microwave motion sensors based on a single transistor, with some weird traces on the PCB very cheaply, for example
Typically the microwave part of these consists of a single transistor with a rectangular area on one leg and a meandering trace (with lots of vias to the other side) on the other leg. The output of this circuit seems to go into a chip very much like the ones used in PIR sensors.
See also https://github.com/jdesbonnet/RCWL-0516 for a reverse engineering effort of these doppler radar modules.
Rust
Investigate the rust language.
ESP32
I have a Wemos "LOLIN32 V1.0.0" ESP32 board, play with it. Discover Bluetooth capabilities, low power modes. Compare it with ESP8266.
- ESP32 Arduino page by Wemos
Bare-bones Arduino bat detector
This is an idea for a very basic heterodyne bat detector, doing signal processing on an Arduino, requiring minimal external components.
The basic principle of a heterodyne detector is that it just mixes (multiplies) the audio signal with a square wave, low-pass filters the result and puts it on a speaker.
Multiplying with a square wave can also be considered to be just alternatively inverting and not-inverting the signal. So if you sample an ultrasonic signal at twice the rate you want to multiply, you can just subtract odd samples from even samples and low-pass filter that.
How this can be done in an AVR Arduino:
- sample the audio signal at twice the detection frequency, say 84 kHz. An AVR should just be able to do that.
- apply a 1-pole IIR high-pass filter to remove DC bias, this takes one shift instruction and one addition.
- multiply by the detection frequency, this means just inverting the odd samples.
- low-pass filter the signal, this can be done using a moving average filter, say 16 samples long (first null at 5.25 kHz). Theoretically, averaging 16 samples should result in two bits extra accuracy. This operation takes some storage, an addition and a subtraction.
- output the filtered signal using PWM, possibly at the same rate that we are sampling the input audio.
The microphone can be a 40 kHz piezo transducer, to keep it cheap (but also limited to 40 kHz). The pre-amplifier can be a single transistor with some resistors around it, providing about 40x gain. The arduino does the signal processing (mixing, low-pass filter) to shift the bat audio to human range. The speaker amplifier can just be a simple two transistor push-pull circuit, since the output from the Arduino is digital/PWM.
AVR Arduino sample rate
As far as I understand, the ADC clock can be set to 1 MHz. Conversion takes 13 cycles, so this can be a problem to reach a sample rate above 80 kHz.
Example C code
(this is the general idea, but I don't know if it compiles):
#define BUF_SIZE    16
static void ISR(void)
{
    static int16_t buffer[BUF_SIZE];
    static int16_t lowpass = 0;
    static int32_t sum = 0;
    static bool even = false;
    int16_t input, signal, mixed;
    // sample signal as 16 bits (10 bits significant)
    input = ....
    // HPF input signal
    signal = input - lowpass;
    lowpass += signal >> 4;
    // multiply by carrier
    mixed = even ? signal : -signal;
    even = !even;
    // calculate moving average sum
    sum += mixed ;
    sum -= buffer[index];
    buffer[index] = mixed ;
    index = (index + 1) % BUF_SIZE;
    // output LPF as 8-bit number
    out = sum >> 7;
    ...
}
Bat call cleaner
This idea is about a simple push-button tool to clean up bat call recordings, to make them more suitable for playback in a bat lure.
By cleaning up, I mean removing the background noise and turning it into a pure sine wave like signal characterized only by an instantaneous frequency and amplitude. Any harmonics will be lost.
This way, you can pick a nice bat call recording and turn it into a file suitable for playing back at relatively loud volume from a bat call player / lure, without the broadband noise.
The signal is put through the following signal processing stages:
- Apply a high-pass filter to get rid of non-ultrasonics like speech, say at 10 kHz
- Convert the signal into a complex analytic signal, by creating the imaginary part using a Hilbert transform.
- The Hilbert transform can be approximated by a FIR filter of appropriate length to get the desired bandwidth.
 
- Split the complex signal into an instantaneous frequency and amplitude.
- The frequency is determined by differentiating the instantaneous phase (inverse tangens i/q).
- The amplitude is determined by calculating the norm of the complex signal (sqrt of i^2 + q^2)
 
- Average/low-pass the frequency component, say at 0.1 ms intervals. Do the same to the amplitude.
- Re-synthesize the signal s using the simple model s = A.sin(2.pi.t/f) where A is amplitude, t is time and f is frequency, interpolating A and f.
Alternative:
- Apply a high-pass filter to get rid of non-ultrasonics like speech, say at 10 kHz
- chop the signal up in segments of (say) 100 ms and determine the total energy content in each segment
- choose the quietest segment and use this as a "background noise template"
- perform a fourier analysis on the template
 
- reduce the noise on the signal using the template:
- for each segment, apply for each frequency an attenuation based on the signal level compared to the template level
- resynthesize from fourier back into the time domain using an overlap-add method
 
=> perhaps there is already software which performs these steps?