Get Neck-deep Into ZigBee

February 20, 2012 by Mike Szczys 11 Comments

Here’s a bulky tutorial that will round-out your understanding of ZigBee wireless communications (translated). The protocol is great for hobby electronics projects because it uses low-power short range wireless devices to build a mesh network. The guide covers both hardware and software, but also takes the time to explain what that hardware is doing in the background.

As you can see, several different renditions of an XBee module are used as examples. They pretty much all rely on a series of SparkFun breakout boards that each serve different purposes. Once you’ve acquired these modules, there’s a fair number of choices needed to configure them to play nicely with each other. We read most of the tutorial (we’ll save the rest for later enjoyment) and had no problem following along even without owning the hardware or being able to use the interface as we learned.

Whenever we cover XBee modules we always like to mention that it’s quite easy to use these for remote sensors with no additional microcontroller needed.

Zigbee Home Automation Gives Us Another Reason Not To Get Up

August 24, 2011 by Brian Benchoff 27 Comments

[Russell] sent in a neat home automation project he’s been working on. Even though the project only has two devices so far, we can already see the potential of his project.

Instead of the X10 standard that has been a staple of home automation for more than 30 years, [Russell] went with ZigBee modules. Aside from being much faster and more flexible than X10 home automation modules, ZigBees also open up a bunch of projects that would be impossible if he went with X10. With some well-placed IR transmitters hidden in his living room, it would be possible to have a TV and cable box controlled via the Internet.

So far, [Russell] built an network-controlled RGB ‘mood lamp’ and an infrared remote for his central air. Everything is controlled through a web app, and [Russell] says that additional modules can be easily added to the code.

Check out [Russell]’s demo of his project after the break.

Continue reading “Zigbee Home Automation Gives Us Another Reason Not To Get Up” →

Extracting Secured Firmware From Freescale Zigbee Radios

May 25, 2011 by Mike Nathan 17 Comments

decapped_MC13224

[Travis Goodspeed] recently tore down the Freescale MC13224 wireless radio chip in an effort to demonstrate how the device’s firmware could be read, even when locked down in “secure” mode. While you might not recognize the Freescale MC13224 radio by name alone, you are certainly familiar with some of its practical applications. Found in the QuahogCon and Ninja Party badges among other consumer goods, the popular Zigbee radio turned out to be a fairly easy conquest.

[Travis] first used acid to decap one of the microcontrollers to see what was going on under the plastic casing. Inside, he discovered a discrete flash memory chip, which he removed and repackaged using a wedge wire bonder. He was easily able to extract the firmware, however decapping and repackaging a flash chip isn’t necessarily the most user-friendly process.

After digging further, he discovered that holding one of the chip’s pins low during boot would allow him to run custom code that recovers the firmware image once the pin is pulled high once again. This far more practical means of firmware recovery can be easily facilitated via a circuit board revision, as [Travis] mentions in his blog.

Zigbee-powered Wireless Scale

March 11, 2011 by Noah Dunker 5 Comments

[joe] wanted to make it easy to record his weight every day, and added a few bits to decode the weight and send it to his computer. The end result is a ZigBee-powered wireless scale. Additionally, his scale can track more than one person’s data simply by knowing whose previous weight the new measurement is closest to. Now [joe] and his family can spend more time working out, and less time messing with spreadsheets and data entry.

[joe]’s build is not only elegant, but well-documented, too. He walks through the reasons he chose this specific floor scale, reverse engineering it to decode the weight, then provides links to his schematics, source code, and pretty much everything else you would need to play along at home.

CES Update: A Visit To The Zigbee Booth

January 8, 2010 by Devlin Thyne 7 Comments

We visited the Zigbee Alliance booth yesterday and talked to Atmel and TI reps. The very knowledgeable Atmel rep showed us a new development kit for Zigbee radios and gave us some of these modules above. We will be getting more information about this kit later on. The TI rep pointed us to the TI Engineer 2 Engineer Community.

Hacking ZigBee Chips: CC2430

December 21, 2009 by Mike Szczys 2 Comments

[Travis Goodspeed] took an in-depth look at the debugging protocols for some ZigBee chips and posted his findings. In particular he’s looking at the CC2430 System-on-chip. These chips have a debugging protocol that is not hard to implement if you know what you’re doing. Certainly his tips make it easier for the rest of us. Don’t miss the info about reading from, writing to, and overcoming security of this hardware.

Zigbee AES Key Sniffing

March 15, 2009 by Eliot 8 Comments

zigbeesniffing

[Travis Goodspeed] posted a preview of what he’s working on for this Summer’s conferences. Last weekend he gave a quick demo of sniffing AES128 keys on Zigbee hardware at SOURCE Boston. The CC2420 radio module is used in many Zigbee/802.15.4 sensor networks and the keys have to be transferred over an SPI bus to the module. [Travis] used two syringe probes to monitor the clock line and the data on a TelosB mote, which uses the CC2420. Now that he has the capture, he’s planning on creating a script to automate finding the key.