plc

35 Articles

An Affordable And Programmable PLC

December 8, 2022 by 74 Comments

We’re all used to general purpose microcontroller boards such as the Arduino or its many imitators, but perhaps we don’t see as much of their industrial cousins. A programmable logic controller (PLC) is a computer designed to automate industrial machinery, and comes with protected interfaces and usually a specific PLC programming environment. Thus [Galopago]’s work with an inexpensive Chinese PLC clone is especially interesting, providing a route forward to using it within the Arduino IDE ecosystem.

Opening it up, the processor is identified as an STM32F103, and the connection needed to place it in bootloader mode is identified. Then it can be programmed from the Arduino IDE, even though its bootloader can’t be changed. Then to complete the process it’s necessary to identify the various different inputs and outputs by old-fashioned hardware reverse engineering.

This PLC may not be quite as robust as some products costing much more money, but it still represents a cost-effective way to access a microcontroller board with much of the interface circuitry already installed that would normally be required for controlling machinery. We expect that we’ll be seeing it appear on these pages over the coming months, and perhaps there might even be another comparison in the air.

Jared Holladay

The Safest Model Roller Coaster

December 2, 2021 by 9 Comments

[Jared Holladay] is a computer engineering student at the University of Cincinnati and a life-long roller coaster fanatic. A lot of people look at roller coasters as an exciting example of physics, like potential energy versus kinetic energy or inertia, and rightly so. [Jared] looks at them and wonders about the controls. Video also below and there is a feature-length explanation with more details. Some Hackaday readers and writers can identify the components, so we think his coaster model belongs here.

Like many folks in this field, he’s built K’nex models to get a handle on construction. He’s toured STEM shows with the tracks and undoubtedly wowed kids, adults, and physics teachers, but since he can speak to the programming, he is a triple threat. Now, he’s growing out of the toy construction plastic and moving into 3D printed parts with needle-fine tolerances.

His latest base is extruded aluminum, like what you’d want in a rigid CNC or printer. In addition to the industrial-grade surface, Rockwell Automation sent him a safety programmable logic controller, PLC, and a touchscreen HMI. Our fellows in the industry tell us those are far beyond the price scope of regular hobbyists. But fear not; your Arduino clones will suffice until you get your first grant.

The point of all the ruggedized hardware, aside from authenticity, is to implement safety features the same way you would in the industry. The redundant PLC connects to inductive prox sensors to check train speed and location. Other moving parts, like friction brakes, have sensors to report if there is a jam. After all, it’s no good if you can’t stop a train full of people. There are hundreds of things that can go wrong. Just ask [Jared] because he programmed on-screen indicators for all of them and classified them to let an operator know if they can keep the ride moving or if they need to call maintenance.

Not all homemade coasters are scale models, and some of the traditional ones have more than meets the eye.

Continue reading “The Safest Model Roller Coaster”

Samsung tablet with custom side loaded hack software

Smart Home Hack Breaks Down Walls Figuratively And Literally

September 15, 2021 by 11 Comments

Are you ready for a tale of poorly supported hardware, clueless contractors, and bad coding? Look no further than [Neighborino]’s excellent write-up where he details his pursuit of smart home pwnership.

[Neighborino]’s smart home system controls the windows, blinds, outlets, and HVAC. But by the time the high-rise apartment was ready for occupancy in 2015, the smart home controllers were already showing their age. You see, the contractor had installed an app to run the home’s programmable logic controllers (PLCs) on stock Galaxy Tab 3 hardware. Yes, that’s a tablet originally released in 2013. They then built the tablets into the wall of each apartment, dooming the homeowner to rely on the vendor forevermore.

It was not long before [Neighborino] and their fellow residents were dealing with stability problems. Bloatware from both Samsung and Google was causing major slowdowns, and the PLC system’s unpublished WiFi password prevented replacement of the controllers.

Being an Android developer by trade, [Neighborino] set siege to the walled garden before him. The writeup details the quest to execute what would be a straightforward hack on anything but the x86 hardware that was being targeted.

de-bloating app strips all non-essential software.
A debloating app strips all non-essential software.

The first fruit of [Neighborino]’s efforts was a hack for the aged tablets that would display the WiFi password, allowing owners to connect their own controllers to their smart homes. Of course, this is Hackaday, so you know that [Neighborino] didn’t stop there.

Despite having to deal with two different versions of Android and tablets that were built into the wall of the apartments of non-hacker neighbors, [Neighborino] succeeded in sideloading an APK. This freed them from the shackles of the company that installed the original system and gets longer life out of their Snowden-era Samsungs. A de-bloating tool frees up memory and restores the systems to a nearly performant status. A reboot scheduler keeps the x86 tablets running without user intervention, and of course the WiFi password revealer makes yard waste out of the previously walled garden.

If Smart Home hacks are your thing, we recently covered a Voice Controlled Smart Home setup, and less recently another that combined a Smart Home with a Dumb Terminal. Be sure to share your own smart home hacks with us via the Tip Line!

SCADA Security Hack Chat

July 12, 2021 by 18 Comments

Join us on Wednesday, July 14 at noon Pacific for the SCADA Security Hack Chat with Éireann Leverett!

As a society, we’ve learned a lot of hard lessons over the last year and a half or so. But one of the strongest lessons we’ve faced is the true fragility of our infrastructure. The crumbling buildings and bridges and their tragic consequences are one thing, but along with attacks on the food and energy supply chains, it’s clear that our systems are at the most vulnerable as their complexity increases.

And boy are we good at making complex systems. In the United States alone, millions of miles of cables and pipelines stitch the country together from one coast to the other, much of it installed in remote and rugged places. Such far-flung systems require monitoring and control, which is the job of supervisory control and data acquisition, or SCADA, systems. These networks have grown along with the infrastructure, often in a somewhat ad hoc manner, and given their nature they can be tempting targets for threat actors.

Finding ways to secure such systems is very much on Éireann Leverett’s mind. As a Senior Risk Researcher at the University of Cambridge, he knows about the threats to our infrastructure and works to find ways to mitigate them. His book Solving Cyber Risk lays out a framework for protecting IT infrastructure in general. For this Hack Chat, Éireann will be addressing the special needs of SCADA systems, and how best to protect these networks. Drop by with your questions about infrastructure automation, mitigating cyber risks, and what it takes to protect the endless web of pipes and wires we all need to survive.

join-hack-chatOur Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, July 14 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.

Evaluating Raspberry Pi As A Programmable Logic Controller

August 24, 2020 by 102 Comments

It should be no surprise to many that one can use a Raspbery Pi SBC as an industrial controller, but is it any good at that? That was the question which [Dough Reneker] and [William Shaffer] built a test rig to see how a Raspberry Pi performs in head to head tests. They compared a Python-based control loop on a Raspberry Pi 3B against an C0-12DD1E-2-D AutomationDirect CLICK Programmable Logic Controller (PLC) using a simple water heating example.

A major snag with using the Raspberry Pi as a PLC is the lack of industrial I/O capacity. This requires additional hardware, in this case adding a four-channel ADC board as well as a custom board to condition the signals. The Raspberry Pi looks for 0-3 V inputs where industrial control applications are usually in the -10 to 10 V range and often use a 4-20 mA current loop.

Using a PLC leverages so-called ladder logic, where each action depends on conditions. With each update scan, the PLC ensures that all input conditions are translated into the appropriate output conditions in real-time. It’s only job is to monitor the process at hand and it does this very well.

Here the flexibility and generic nature of the Raspberry Pi running Linux was a disadvantage. Unlike the PLC, the lack of a hard real-time OS means you can’t guarantee the Pi will be as responsive to changing inputs.

The behavior of the two systems showed that while both did the task they were programmed for, the Raspberry Pi was decidedly more erratic. Although one could program around a lot of these issues (presumably using Linux in stripped-down, soft real-time configuration with interrupt-driven native code), the effort needed to make a Raspberry Pi system suitable for an industrial environment shows why single-board computers haven’t seen adoption as replacements for PLCs.

Continue reading “Evaluating Raspberry Pi As A Programmable Logic Controller”

Hackaday Links Column Banner

Hackaday Links: April 26, 2020

April 26, 2020 by 15 Comments

Gosh, what a shame: it turns out that perhaps 2 billion phones won’t be capable of COVID-19 contact-tracing using the API that Google and Apple are jointly developing. The problem is that the scheme the two tech giants have concocted, which Elliot Williams expertly dissected recently, is based on Bluetooth LE. If a phone lacks a BLE chipset, then it won’t work with apps built on the contact-tracing API, which uses the limited range of BLE signals as a proxy for the physical proximity of any two people. If a user is reported to be COVID-19 positive, all the people whose BLE beacons were received by the infected user’s phone within a defined time period can be anonymously notified of their contact. As Elliot points out, numerous questions loom around this scheme, not least of which is privacy, but for now, something like a third of phones in mature smartphone markets won’t be able to participate, and perhaps two-thirds of the phones in developing markets are not compatible. For those who don’t like the privacy-threatening aspects of this scheme, pulling an old phone out and dusting it off might not be a bad idea.

We occasionally cover stories where engineers in industrial settings use an Arduino for a quick-and-dirty automation solution. This is uniformly met with much teeth-gnashing and hair-rending in the comments asserting that Arduinos are not appropriate for industrial use. Whether true or not, such comments miss the point that the Arduino solution is usually a stop-gap or proof-of-concept deal. But now the purists and pedants can relax, because Automation Direct is offering Arduino-compatible, industrial-grade programmable controllers. Their ProductivityOpen line is compatible with the Arduino IDE while having industrial certifications and hardening against harsh conditions, with a rich line of shields available to piece together complete automation controllers. For the home-gamer, an Arduino in an enclosure that can withstand harsh conditions and only cost $49 might fill a niche.

Speaking of Arduinos and Arduino accessories, better watch out if you’ve got any modules and you come under the scrutiny of an authoritarian regime, because you could be accused of being a bomb maker. Police in Hong Kong allegedly arrested a 20-year-old student and posted a picture of parts he used to manufacture a “remote detonated bomb”. The BOM for the bomb was strangely devoid of anything with wireless capabilities or, you know, actual explosives, and instead looks pretty much like the stuff found on any of our workbenches or junk bins. Pretty scary stuff.

If you’ve run through every binge-worthy series on Netflix and are looking for a bit of space-nerd entertainment, have we got one for you. Scott Manley has a new video that goes into detail on the four different computers used for each Apollo mission. We knew about the Apollo Guidance Computers that guided the Command Module and the Lunar Module, and the Launch Vehicle Digital Computer that got the whole stack into orbit and on the way to the Moon, but we’d never heard of the Abort Guidance System, a backup to the Lunar Module AGC intended to get the astronauts back into lunar orbit in the event of an emergency. And we’d also never heard that there wasn’t a common architecture for these machines, to the point where each had its own word length. The bit about infighting between MIT and IBM was entertaining too.

And finally, if you still find yourself with time on your hands, why not try your hand at pen-testing a military satellite in orbit? That’s the offer on the table to hackers from the US Air Force, proprietor of some of the tippy-toppest secret hardware in orbit. The Hack-A-Sat Space Security Challenge is aimed at exposing weaknesses that have been inadvertantly baked into space hardware during decades of closed development and secrecy, vulnerabilities that may pose risks to billions of dollars worth of irreplaceable assets. The qualification round requires teams to hack a grounded test satellite before moving on to attacking an orbiting platform during DEFCON in August, with prizes going to the winning teams. Get paid to hack government assets and not get arrested? Maybe 2020 isn’t so bad after all.

Watch The Low-Cost Mechatronics Lab Dispense Candy, Sort Cups

November 26, 2018 by 5 Comments

A lot can be done with simple motors and linear motion when they are mated to the right mechanical design and control systems. Teaching these principles is the goal behind the LCMT (Low Cost Mechatronics Trainer) which is intended primarily as an educational tool. The LCMT takes a “learn by doing” approach to teach a variety of principles by creating a system that takes a cup from a hopper, fills it with candy from a dispenser, then sorts the cups based on color, all done by using the proper combinations of relatively simple systems.

The Low Cost Mechatronics Trainer can be built for under $1,000 and is the wonderful work of a team from the Anne Arundel Community College in Maryland, USA. The LCMT is clearly no one-off project; there are complete CAD files and build documentation on the site, as well as a complete lab guide for educators.

A demo video of the assembled system is embedded below, with a walkthrough done by [Tim Callinan]. It’s worth a watch to see how cleanly designed the system is, and the visual learners among you may learn a thing or two just by watching the system go through its motions.

Continue reading “Watch The Low-Cost Mechatronics Lab Dispense Candy, Sort Cups”