Zigbee Home Automation Gives Us Another Reason Not To Get Up

[Russell] sent in a neat home automation project he’s been working on. Even though the project only has two devices so far, we can already see the potential of his project.

Instead of the X10 standard that has been a staple of home automation for more than 30 years, [Russell] went with ZigBee modules. Aside from being much faster and more flexible than X10 home automation modules, ZigBees also open up a bunch of projects that would be impossible if he went with X10. With some well-placed IR transmitters hidden in his living room, it would be possible to have a TV and cable box controlled via the Internet.

So far, [Russell] built an network-controlled RGB ‘mood lamp’ and an infrared remote for his central air. Everything is controlled through a web app, and [Russell] says that additional modules can be easily added to the code.

Check out [Russell]’s demo of his project after the break.


27 thoughts on “Zigbee Home Automation Gives Us Another Reason Not To Get Up

  1. skimming his page, I didn’t see anything about security. although i realize it’s a bit obscure, it’d probably be a decent idea to obfuscate the control commands being sent so that it’s not trivial to just play back commands and have your house “hacked”

    1. Basic ZigBee security encrypts network traffic with a 128 bit AES key. The specification also allows for using Elliptic Curve Cryptography (public/private key crypto) to securely give new nodes the network key when they join the network.

    2. Indeed, I forgot to mention that that’s one of the things I plan to implement soon. I plan to incorporate 2 layers: ssl, which is pretty easy to implement with pythons twisted library, and some basic authentication, like a password field that is on the site which would just go along with the command. I’m not sure if the websockets implementation that I’m using supports ssl (wss, I’ll check) but if not I could probably implement something else there. I’m not running anything critical yet so if my A/C starts going bonkers, I’ll feel more of an urge to get going!

    1. From what I could see, he’s using the IR to operate his existing remotely-IR-controlled thermostat.

      A few blinking LEDs is a lot cheaper than spending $160 for a new ZigBee-enabled Honeywell thermostat.

  2. I don’t understand why it is using Zigbee (a wireless radio technology) with IR transmitters. What is the purpose ?

    The project page was also not clear, but I admit I only skimed through.

  3. In this instance, IR would be the standard way to connect to the devices they list. For the HA system I’ve been working up, I have IR in and out both. In so that my Harmony remote can control devices throughout the house and out so that the system itself can control things such as my AV system. I have a multi zone receiver and a set of speakers in my bedroom that connects to my living room receiver. I can either buy the very expensive RF remote JUST so I can turn the volume up / down or I can control the volume using my iPhone connected to either a web app or via wifi/OSC and just have an IR transmitter in the same room as the receiver send the commands. Easy choice for how I plan on using it. I, also have xbees as part of mine, but in my case specifically so that I can have my garage door tell me if it’s open or not. Aside from that, I just use x10 custom commands to control most everything.

  4. Re: security,
    Even if the zigbees support encryption, it’s not a bad idea to at least support encryption in the protocol, so you could encrypt it over any transport. (Much more flexible then)
    But it looks like this only supports zigbee for transport?

    Russell, I’d put some time into thinking out your protocol (early on) for whatever level of complexity you think this could possibly be used for. I think you could probably flush that out a bunch more.

    Looks like a cute project though.

    Negative points for specifically asking only for constructive comments (on the article page), but overall, a good start.

  5. I recently released a game on a next-gen platform that claims to have secure files. It was shown to us that that they are not secure, all of our data was exposed. Now we’re writing our own encryption.

    Why is zigbee so much faster and extensible than x10?

    1. X10 sends signals encoded on the 60 Hz powerline frequency. It sends one-half bit per zero crossing, and it uses six null zero crossings to initiate a transmission frame. There’s a 4 bit start code, a 4 bit house code, and a 4 bit command code. Every frame is sent twice to improve reliability. In total, X10 can send maybe 20 bits per second, so you’re looking at about one second to send one command to one device.

      In addition to this thrilling performance, X10 is subject to noise on the electrical lines, and the house wiring must often be modified with the addition of a capacitive bridge to carry the X10 signal from one leg of the AC power to the other. The signal carries until blocked by a transformer, so multiple devices on a single circuit can talk to each other (think apartment buildings or condos.) With a four bit house code, there is no security at all.

      ZigBee operates via RF at 915 MHz, and sends data at a 40kbit rate. The protocol they use is a true layered network protocol. ZigBee devices are all transceivers that automatically participate in a mesh network. Each device in your mesh can act as a router to carry the signal from device to device with no wiring, and no setup or configuration other than to be added to the network. It’s also designed for ultra-low power consumption, so battery operated sensors will last for months on a pair of AA batteries.


      1. ZigBee operates via RF at 915 MHz, and sends data at a 40kbit rate
        beside that ZigBee supports 2.4 GHz, 250Kbit.

        Battery powered enddevices are supposed to work for years (think of lightswitches).

        My personal favor of ZigBee is the application (APL) Layer with all official zigbee profiles like Home Automation / Building Automation. And moreother the ZigBee Cluster Library (ZCL) is a generic beast :-)

    2. Don’t write your own encryption method. Incorporate a well-known open encryption mechanism which has already been proven to be secure (for now).

      People writing their own encryption code are often convinced of its security since they can’t break it. Unfortunately, this is usually because they’re not smart enough, not because it’s actually secure.

  6. Cool project! Keep up the good work, and perhaps look into swapping the ZigBee-modules for more basic (and thus much cheaper) transceiver modules?

    One thing I never understood though, that perhaps one of the bright minds on HaD can explain to me..

    How would one implement an event-driven system? Let’s say you add wall-mounted switches to give you a familiar and intuitive control interface for your lights. You press it, it sends a command to the computer, which relays it to whichever device(s) are appropriate.

    Now, what happens if you had two different switches, and you activated both at the same time? Both, of course, using the same radio frequency. The only way I can see this working is having the switches retransmit their data after waiting for a random amount of time, until a confirmation is received from the computer..

    1. All of this is taken care of by ZigBee. If you transmit a packet, you have 4 retransmissions on the MAC layer, if you don’t receive a MAC Ack. Furthermore, you can enable Aps Ack on the application layer, giving 3 retransmissions, each having 4 retransmissions on the MAC layer.
      If you are having standard Lightswitches and On/Off or Lighting devices from the Home Automation profile, you just bind the On/Off switch cluster to the On/Off clusters on the appropriate appliances and call it a day.

  7. Thanks for the feedback guys. I was planning on doing this later but the calls called for it sooner. I’ve implemented SSL for both the web server (and AJAX call handling), and websockets. I’ve also implemented a simple authentication with just a password. The password is set through a promt and it’s md5 hash is stored in a cookie. On connection via websockets, the client is ignore untill the hashed password is sent. for POSTs, it is sent with every request. This way, your passwords are stored safely in your cookies and noone can sniff them since they’re transmitted over SSL. I’ll add some documentation for it, though I put the important bits in comments.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.