Dumbing Down a Smart Switch

Internet of Everything is the way to go for home automation these days. ITEAD makes an ESP-8266 switch that IoT-ifies your appliances. If you still have an ancient, 433 MHz style radio switch system, they even make one that does WiFi and 433 MHz. But if you’re too cheap to shell out for the dual-mode version, you can always add a $1 433 MHz radio yourself. Or at least, that’s what [Tinkerman] did.

IMG_20160522_163814x_thumbnailAside from the teardown and reverse-engineering of the WiFi-enabled switch, [Tinkerman] also flashed custom firmware into the switch’s ESP-8266, and worked it all into his existing home Node-RED framework. Now he’s got more possible ways to turn on his living-room lights than any person could possibly hope for!

If you want to get into this whole WiFi-based home automation game, you could do worse than to have a look at the series we ran on MQTT just a little while ago. Seeing [Tinkerman]’s Node-RED demo makes us think that we’ll have to give that a look for our home system as well.

52 thoughts on “Dumbing Down a Smart Switch

  1. This switch that Tinkerman used has a name: Sonoff. The same company is also selling a light bulb holder (called Slampher) that holds an ESP8266. I have flashed mine with Espruino and programmed them with my own Javascript code to control them through Domoticz. One of the functionalities I have is to use them as an alarm light. When my alarm is on and motion is detected, the light starts flashing at a half a second interval.

    1. I have a few questions about this.

      There are isolated traces for high voltage on both the top and the bottom. The bottom are tinned in solder and the top are not. Is it possible the top traces are not actually connected? What is the story behind this design?

      The enclosure is (or should be) rated to contain a short and arcing. If there were an arc to the wireless board, would it fail safe or is there a potential problem here?

      1. @[Mike Szczys] and [CRi]

        By default you would expect the top and bottom traces to be connected as it is a plated through hole board. It would make no real difference to safety if the tinned tracks were *not* connected as their spacing from the other tracks could only be the thickness of the board where the holes are.

        Fire can be caused without a short or arcing. In fact it most often is caused without a short as a true short wont dissipate heat. If you dissipate enough power as heat you can create fire without any initial arcing.

        It looks to me as if this board was sold without the 433MHz module because it didn’t pass certification with the module installed.

        *SOME* problems lol

        Look at the track widths of the mains traces. The top one is soldered to improve it’s current carrying capacity. The bottom one is solder so that the soldering of the top one doesn’t *stand out* so much. It is not acceptable to solder traces to reach current carrying capacities. It is however acceptable to solder traces only when the copper trace itself meats the required specification. There is no fusing here so the unit *MUST* be capable of carrying (at least) the full outlet rating.

        PCB trace clearance vs air gaping. The board was designed with the intention of reaching minimum isolation requirements. They failed at even the minimum target with the two through holes at the center under the lower main trace. They had to put a bridge in the center of the air gap for mechanical strength and in doing so they failed the minimum isolation test. More later.

        There are two series 1.5 M Ohm resistors (marked 155) on the right. I will bet these fro a series divider for the power supply. As big as they are – they are still to small for the isolation requirements due to the voltage across them.

        PCB trace clearance vs air gaping – minimum requirements!!!

        Minimum requirements should never be your design objective. Sure we see minimum requirements (or even less) with lots of stuff that comes from the likes of China and that is because the Chinese are not going to get sued when you or a member of your family is killed by such devices. Don’t buy them – I don’t!

        The formula for *minimum* PCB spacing and air gaping is very complex. It is dependent *not only* on voltage but also altitude (atmospheric pressure), temperature, humidity, condensing point (dew point), particulate pollution and even the proportional make up of elements in the air.

        If you want to work with minimum requirements then you need to learn / understand all of the above and when you do, I doubt that you would still want to work with minimum requirements.

        The better approach is to have lots and lots of room for error (and some spark gaps).

        The basics – Air gaps are much more effective than PCB spacing in the case of condensing point (dew point) because when water condenses on a PCB it will cover a high proportion of surface area relatively evenly so – to get the equivalent PCB spacing you need very large clearances. Conformal coatings help greatly in the respect because it causes the condensed moisture to bead in small balls rather then spread out flat over a much greater surface area.

        Getting back to voltage – what was that again? 110Volts? 220Volts? 240Volts? … None of these should be design targets. Voltages vary quite a lot in *normal* conditions. In other conditions such as an electrical storm it is *not* unusual to see 1000Volts or even 2000Volts so you have to design in a failure mode for some arbitrary voltage.

        An example – in order – mains in (maximum available isolation), current fuse (same isolation), 500 Volt air gap arrester (Printed on PCB), transient spike arresters (transorb 1.5 – 2.0 x mains) 750Volts isolation, and the rest can be 1.5 to 2.0 times the mains voltage to any high voltage area or step down PSU.

        How many mm is a life worth?

        I will try to find a link about clearances.

        1. Hmm.

          The design LOOKs to me like the following:

          AC mains input from one terminal that go to a relay then out to the other. I sincerely hope that only LINE is interrupted.

          It LOOKS like a small transformer is on board to power the low voltage section of the circuit. The spacings on the PCB are likely too close to meet UL specifications. For a product like this I would guess UL-60950, the general standard for IT equipment.

          What this board needs more than anything else is to be potted or conformal coating applied. The dielectric properties would help meet the spacings safety requirements, as long as this is allowed by the relevant safety standard.

          The gapping in the PCB is done to add CLEARANCE (through air spacings) between traces rather than CREEPAGE (over surface spacings) because minimum spacings requirements for CLEARANCE is less than that required for CREEPAGE.

          Input fusing can be done within the transformer’s primary or secondary using a thermal link and insulation system that is UL listed.

          However, there is no current limit in the path from terminal to relay to terminal.

          Unmasking traces so that they wick up solder and gain “an extra oz” is a reasonable way to increase a trace’s size, the issue is that it is difficult to get uniformity in high volume production.

          Usually the dielectric withstand voltage requirements are 1000VAC + 2* input vac rating, although this is dependent on each UL standard.

          That said, all I can say is LOL to any ground plane that has slots in it for a wireless product. Good luck tuning that or passing harmonics at an FCC lab.

          The squiggly PCB trace is 1/2 of the antenna. The other half is the ground plane.

          There is an antenna coupling capacitor but no parallel elements to allow tuning (impedance matching) of this RF design. Generally I would expect to see a C – L – C between the RF chip and the coplanar waveguide area.

          1. Probably the antenna is tuned “just good enough” – nobody wants to adjust a PI-Filter (CLC) in a cheap mass production device. This is no kW radio transmitter. Some of the chips even include automatic antenna matching circuitry, but I don’t see such info about the ESP.
            All/most of the safety considerations would only apply, if there are connected metal parts on the outside, which can be touched. If this is not the case, the PSU needs not even to be isolated (could be a capacitve dropper), like in any cheap radio controlled socket.

    2. Once you have the case on, it’s not like it’s going to move. It’s fiberglass substrate, not gummi worms. Also, it’s not like you’ll transmit mains over wireless and blow something up, all you’ll do is trip the breaker if something shorts.

      1. Trip the breaker?? RCD??

        You obviously don’t mean an earth imbalance safety breaker! Do you see an earth wire anywhere! No

        So you must mean a over current breaker, what’s that where he is ??? perhaps 10A at 110V … so the over current breaker trips at about 1100 Watts – fine!

        What happens at 1000Watts – well it won’t trip the breaker but hey dissipating 1000Watts in that little plastic case it fine because it’s coated with kryptonite hardened dilithium crystals that are good for up to 1.7 GigaWatts in any galaxy where the laws of physics don’t apply.

  2. I’ll stick to my rs485 network with powerlines and sleeping nodes. Aside from the security risks IoT is far from energy efficient imho. I’m running a server anyways so there’s one entry that is far easier to keep safe from intrusion. And if a node comes offline I’ll know it straight away.

    1. Yeah, with multiple ESP8266 always on, each powered from a 5V supply with a 3.3V LDO it comes to about 1 EUR/year here in Europe, thinking of average electricity price. Have 30-50 of them, you end up with quite some extra bill.
      Had a nice ‘485 automation link in my student apartment. Never reinstalled it once i moved, i though it was time to go wireless.

    1. Have some Sonoffs for several months now. It is interesting stuff, but certainly not close to pass CE security tests… Good for playing, but I won’t install them at home unattended as is. I hope that ITead will eventually come with a certified version soon, if they want to sell them to user Joe Smith.

      BTW, I don’t see where is the “teardown and reverse-engineering” effort here, ITead already provides the schematics on the corresponding Wiki page:

      1. I always wonder about such “schematics”. OK, it is better than nothing, but it has not a single drawn connection. The components have been thrown together on the sheet and “connected” with labels. Perhaps this is the way some programmers understand hardware.

        The Flash could have been drawn easily on the right side of the ESP and then actual connections (lines) been drawn. Also the 2N7002 could have been connected to the CPU. Doing so a much more READABLE schematic would have been easily possible. As HW designer myself I would want this already for my own use, understanding and overview of my design.

        1. The first page (digital) doesn’t qualify the definition of schematic. It’s more or less a graphical netlist.

          The second page (Analog) *is* a schematic.

          I see a lot of people now, presenting net-lists as they were schematics but they are not.

          I wonder what is causing this drift away from *correct* schematics. Is it the limitations of modern software tools or is it just laziness?

          I am lazy in some senses as I don’t bother with schematic entry on either FPGA or PCB CADs. I just go straight to VHDL or the PCB layout. Sometimes I make a mistake in PCB layout but it take me less time to fix the layout and run off a second board than it would take to do the schematic entry.

          But if I need to make a schematic then it will be a *proper* schematic.

          1. Yes, “graphical netlist” is the name for such (probably) laziness. You are right, the 2. page is good. I had only a short fast look on it at this time.
            It is definitely no limitation of the SW tools. I went more or less strait to the layout (from a schematic on paper) in times where the “PCB-CAD” was an etch resistant pen. But now, as we have tho tools I prefer a readable schematic. It is much more easy for debugging also.

  3. Hi, I’m Tinkerman. Most of what you say is true. These devices are far from passing CE certification so yes, don’t use them unless you know what your doing, if anything happens your insurance won’t pay for it if they find out.
    The RF module is really close to the mains traces, somewhat dangerous if they happen to be in touch, so i was very cautious when soldering the module to allow some air in between, creepage on the other hand should be on the save side.
    “Teardown” means basically open the case :D, you can download the schematic from the wiki as Squonk42 states, but you will still have to grab a multimeter and locate the traces to the RF module header.
    S.buschetta and Bogdan’s point is also very interesting. WiFi is not ready for IoT, too power hungry. I use ISM for most of my sensors at home for that reason. But still, ESP8266 is a sweet toy to play with, WiFi-AP-STA and OTA makes it a plug-n-play solution for most homes.

    1. Interesting. Now you made me think what would happen if I use some good quality remote sockets but control them other than through the original remote in case something goes wrong.
      I guess they offer all the documentation because there is no secret in making it and nobody would bother to buy the parts instead of the complete thing because of the price.

  4. If you put the entire device inside a closed, insulated box, with wireless communications, creepage and clearance distances really don’t matter at all.

    You don’t need to have any part of the system galvanically isolated from the AC line – in fact, with many of these kinds of small power metering or remote control appliances it’s common to simply use a transformerless capactive reactance power supply, where you’re not even trying to put any isolation in there at all, and you have the entire device, the microcontroller and everything, referenced to the AC line.

    This is quite common in commercial products, and is in no way incompatible with marketing a product which meets safety standards such as UL.

    Of course, if you go hacking such a device,taking it apart, or hacking in extra wires in there to bring out signals externally outside the double-insulated box, it’s your responsibility to understand what you’re doing and understand whether you’re working with an isolated power supply – a device that is bought to market and is safe as-sold does not have any responsibility to babysit you in this context.

      1. A non-isolated supply does not necessarily mean a capacitive divider. A traditional transformer based SMPS can also be made cheaper if isolation is not needed (smaller core, no opto, …). For relatively low current, but higher than what the capacitor can deliver, it is also possible to leave out the transformer and simply charge a capacitor as long as the mains voltage is <5V. Capacitor needs to be big enough to survive for 10ms of course.

        1. For cheap ass designs a reactive based power supply can be used.

          For higher power cheap ass designs a non-isolated buck converter can be used, you can supply quite a bit of power in these designs, ST has a VIPer reference design for up 305VAC in this configuration.

          One has to make sure that NO part of the product is accessible to end users and openings are not larger than 4mm in diameter in the PLASTIC housing.

          You certainly can pass UL with a design like this provided that the failure mode of critical components to do not cause a risk of fire, electric shock or a weakening of the enclosure due to heating that would lead to a reduction in required minimum spacings.

          Think fusable resistors, etc.

          There are required minimum spacings between circuits of opposite polarity on any PCB.

          1. @Dodo @evad I am aware of cheaper SMPS without isolation from some big manufacturers, however I am not sure there are already IC clones from Asia for less money than an isolated one.
            On the other hand, they might have used an isolated one for easier development and the safety of the users, knowing they will hack them.

        1. The OP is saying that creepage and clearance doesn’t matter it is in an insulated box.

          You jumped in adding the word “isolation”. I fully agree that secondary supplies do not need to be isolated in some cases.

          BUT! what do you think burns down houses? How many Watts does it take to start a fire and do you think your going to get that many Watts from some SMD part? Well no! you’re know going to get 20 Watts, 200 Watts or 2000 Watts from some 1/10 Watt part – it will explode or disintegrate long before that.

          What *is* going to get you enough Watts to burn down your house is a higher voltage with a low source impedance (ie mains) arcing across a higher impedance like insufficient creepage or an air gap.

          So it follows that you’re not going to get the UL or CE that you mention unless these issues are addressed.

          1. Well you wont get any insurance where I live – if you have done DIY electrics – unless of course – you ARE a qualified electrician. In fact you would get charged with a criminal offence.

            Being “well travelled” doesn’t necessarily mean you *have* seen it all. There will be members here from the countries that you haven’t been to.

          2. That pretty much sums up the situation. I’d have to start a kickstarter to get enough units built to make the certification economically worthwhile. Unless I can find gear that does exactly what I need and can have the firmware replaced and then secured, without physically opening up the units. Even then I don’t think I could legally wire them in myself.

      1. Nothing to do with them, it is the insurance company that is the problem. Any chance not to pay a claim and they will take it. What are you, a person that has never owned insurable property?

        1. Where do you get your insurance? Satan’s Blood-deals Associated? My insurance is reasonable and has enough common sense to allow any modifications to the house that are approved by the city’s utilities inspectors. But, if you don’t have the wherewithal to deal with businesses that you pay with your hard earned money to do as they should, then maybe you should just stay in your little kitten cage, wherever it is.

          1. The “city” here can’t inspect or certify electronics according the standards body we have, which is federal, those building inspection guys only know electrical work and that work has to be done or signed off by an electrician with a licence ( their union controls that very tightly), even then they are not going to do it for free which makes the entire exercise economically pointless. So assuming I am stupid, is stupid. I just live in a country where you are not allowed to fart without a certificate in flatulence and even then if you let one rip when the wind is blowing the wrong way you’ll get in trouble. Yeah sure I live in a nanny state, but we don’t have the social problems other first world countries do.

            I’d love to drop custom controllers into every place where I have light switches and wall outlets, but they’d have to be of my design because there is no way I’m trusting some over worked Chinese software engineer’s idea of what is secure and future proof (up-gradable and not cloud dependant etc.).

            I asked about insurance because I do want to solve the issue, I don’t need useless insults from you, particularly insults based on really stupid assumptions. As far as I can see there are no significant variations between the insurance vendors here and they are all underwritten by the same even smaller group of companies.

    1. Failure modes.

      When a relay fails it’s a small bit of smoke, if any, and the device shuts off.
      Failure mode of a triac? Really bad stuff can happen.
      Try running a mini-fridge with 60Hz DC.

      I know that this smart-switch isn’t the safest device, but what I typed is why most use relays. Even my stereo has a relay for itself. And they are very simple obviously to implement into a device.

      1. 60Hz DC :-) In my understanding DC has 0Hz. And there are good chances, that a mini fridge will run with DC. It is either peltier with SMPS or absorbtion, which is just a heater coil. Normal fridge is different (induction motor)

        But I think the main reason is cost and power dissipation. A TRIAC at 10A has at least 10W of losses which are very difficult to get rid in this small plastic enclosure.

        1. Well, my mini-fridge has a compressor. It’s like 6 years old… I really should get a new one. ;)

          “60Hz DC” haha opps. From what I’ve read some failure modes for solid-state would be basically half rectified AC without any capacitor to smooth it out. I’m not sure what that waveform is called. I thought it was a (something??) sinewave but too tired.

          1. OK, then this comes to the definition of “Mini-Fridge”. Perhaps “Mini” in comparison too American Side-by-sides :-)
            I thought of hotel-mini-bar and similar sizes. If you go further down in size, I have camping fridge-box with compressor, which only takes DC – up to around 28V.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s