2021-06-20

New door entry and alarm system

I am thinking of the next generation of my SolarSystem alarm system.

It started as RS485, a slot in replacement for a Galaxy system using the same external devices, and running on a Raspberry Pi with USB RS485 adaptors. It worked quite well.

The next generation used ESP8266, then ESP32 based WiFi connected devices. This works well.

Next generation

I am now planning to get rid of the Raspberry Pi and RS485 completely. The idea is the ESP32 modules work together over a mesh WiFi. Yes, one of them would connect to a conventional WiFi access point, but they can work without that - off 12V battery backup if needed, with no "controller" as such.

This is not that complex - devices need to know what inputs and outputs link to what areas and states in the system, and broadcast information to allow every unit to know when alarm armed, or triggered, etc. Using secure AES encrypted DESFire key fobs on door controllers the alarm can be set and unset.

There would still be a "controller" to configure the system, program fobs, record logs, and so on. But this could be a cloud based service. Some of you know my love of cloud based services (not), and as this is all open source it would allow the cloud service to be run locally. But the server is not a "live" part of the system - it allows config, and so on - via a simple web page. Obviously communications would then be secure to the server.

This makes everything simpler to set up as you just need a local WiFI internet access.

To make it work I now have designs (and several prototype boards and cases) for key components:

  • Door controller module and NFC reader (can be used as 6 input 1 output module)
  • Bell box module (also usable as a 2 input 4 output module)
  • General purpose I/O (5 GPIO with ADC if needed)
  • Keypad module (fits in galaxy keypad and talks RS485 to it locally)

The nice thing is that just one of these, eg door control, can be set up to talk to local WiFi/NAT and connect to a cloud service allowing configuration of an access system. But you can then add other modules, and set up a whole alarm system if you want. The key fobs have access controls such as which doors, and times of day and days of week that are allowed.

More serious work needed

The issue is that I need to do quite a lot to complete the design and coding for this - not just in the modules, but the controller system and database back end. This is all pure R&D work at present with no concrete customers for the system (though we have had some interest), which can make it a bit hard getting the motivation - but a real customer would also help ensure we are steering the project in the right direction.

Bootstrapping security

One of the design challenges is bootstrapping the security of key fobs and controllers. They need AES keys, and these need to be secure, and need to get in to devices and fobs.

In simple practical terms, you can just buy fobs from the likes of Amazon, and then use one one of the NFC modules - e.g. one of the doors - to program the fob. Similarly you can make ESP32 modules, or use off the shelf modules like nodemcu and flash the code.

But you have to be very sure that this is actually being done by someone authorised to program fobs. Even then, if someone wanted to, they could capture that initial config and get the AES key used. Once the AES key is know the system for a whole site can be compromised.

Once the fob is programmed, any capture of the communications does not help you, but the initial set up of a fob is inherently insecure - this is the bootstrap problem - it has to be insecure as the fob is blank and it has to get the keys - so someone can "pretend to be a blank fob" and get the keys in the same way.

You have the same issue with end devices and a cloud system - you have to be sure the device is the device you think it is. If someone can get a fake device on a system it can get keys. So the devices need a secure client identity too.

I suspect the answer is simple - design the system so that the controller will only do initial config of devices and fobs locally (e.g. USB connected). The controller then sends out the devices and fobs pre-set for the site. Of course this means for a cloud based service the service operator provides the devices and fobs - which may make it more commercially viable to operate a cloud service.

Security

Of course any system has to consider security - the AES/DESFire fobs are massively more secure than 125kHz fobs used by Galaxy Max readers. The WiFi is a bit of a trade off: It is way more secure using WIFi and TLS than RS485 (Galaxy modules can have messages inserted on the bus without it noticing!). It is possible to disrupt (just as cutting an RS485 bus is, which is exposed on outside of building if using Max readers), but like RS485 it would trigger an alarm. At the end of the day you have to be more secure than breaking a window.

2021-06-10

Never quite finished?!

The good news is I now have the "proper" PCBs for my door controller and NFC reader...

I have to say they look good - proper boards, and using solder paste and oven means a very professional result.


PCB Train do a nice job, but these were on a three week lead time. Both boards work. However, in the three weeks since I ordered I have made a few design changes.

The door controller changes are very minor - instead of 3 inputs with 3 GND on the 6 pin connector I have all 6 pins connected to GPIO, where you drive some pins to GND if you want. This allows a lot more options if needed, etc. The pins all have BAV99S and 100Ω for some ESP protection, and 33pF to help reduce noise. It is a small change, and so the existing boards are more than usable. The only snag is I mis-ordered as 1.6mm not 0.8mm boards, and I have designed cases to be as small as I can to fit in a back box. I think 1.6mm will still fit, but it is annoying.

The bigger issue is the NFC board. As I say, they work. But the tuning is perhaps not spot on. The newer design boards have a loop both sides, allowing the board to be 40mm x 40mm not 42mm x 42mm. However, the newest boards are better - the main thing is they do not get hot which is a big clue (i.e. the antenna is clearly better and easier to tune), and I have them working with more range. So I would rather use the new boards. They too are also 0.8mm which saves space.

So, all in all, I decided to order some new boards - two week lead time. However I have a few dozen of these boards. As I say, they work, and I am testing with them, and may well use some, but once I get the replacements I will end up throwing these away, I am sure, which is a shame.

So, if a hackspace, or other good cause, wants either of these bare boards, to play with. The schematics and code are all on GitHub. Note, need hot air gun at least for the PN532, and fine tipped soldering iron. Let me know. Email me at pcb1@revk.uk

Long term?

These, and some other related modules, should be able to make a WiFi mesh with (not having to be always on-line) "cloud" control and management (on or off site) to work as an alarm and access system.

FB9000

I know techies follow this, so I thought it was worth posting and explaining... The FB9000 is the latest FireBrick. It is the "ISP...