Radio Tuning The Quicksilver Way

Modern radios are often digital affairs, in which the frequency is derived from a stable crystal oscillator and varied through a microprocessor controlled frequency synthesiser. It won’t drift, and it’s exactly on the frequency dialed in. Older radios though relied on a tuned circuit, a combination of capacitor and inductor, for their frequency selection. If you were curious enough to peer inside — and we know you were — you’d have seen the moving vanes of a variable capacitor controlled by the tuning knob.

Of course, there is another way to adjust a tuned circuit: by changing the value of the inductor. Older car radios for instance moved a ferrite slug inside a coil to tune from station to station. But that method is not good enough for [David Mills]. Being in possession of some finely graduated syringes he decided to try liquid tuning by increasing the volume within the coil.

Solutions of salts made little difference, so he reached for some mercury. The result is an RF inductor wound round a syringe body, with a body of mercury whose position can be adjusted by the plunger. He measures the Q factor of the coil with air core or mercury core, and as the inductance decreases with more mercury, so does the Q.

We see home-made parts from time to time, and there’s nothing too special about permeability tuning. However, this unusual take on the matter makes this one rather special. We doubt we’ll see its like very often in the future.

Network Analysers: The Electrical Kind

Instrumentation has progressed by leaps and bounds in the last few years, however, the fundamental analysis techniques that are the foundation of modern-day equipment remain the same. A network analyzer is an instrument that allows us to characterize RF networks such as filters, mixers, antennas and even new materials for microwave electronics such as ceramic capacitors and resonators in the gigahertz range. In this write-up, I discuss network analyzers in brief and how the DIY movement has helped bring down the cost of such devices. I will also share some existing projects that may help you build your own along with some use cases where a network analyzer may be employed. Let’s dive right in.

Network Analysis Fundamentals

As a conceptual model, think of light hitting a lens and most of it going through but part of it getting reflected back.

The same applies to an electrical/RF network where the RF energy that is launched into the device may be attenuated a bit, transmitted to an extent and some of it reflected back. This analysis gives us an attenuation coefficient and a reflection coefficient which explains the behavior of the device under test (DUT).

Of course, this may not be enough and we may also require information about the phase relationship between the signals. Such instruments are termed Vector Network Analysers and are helpful in measuring the scattering parameters or S-Parameters of a DUT.

The scattering matrix links the incident waves a1, a2 to the outgoing waves b1, b2 according to the following linear equation: \begin{bmatrix} b_1 \\ b_2 \end{bmatrix} = \begin{bmatrix} S_{11} & S_{12} \\ S_{21} & S_{22} \end{bmatrix} * \begin{bmatrix} a_1 \\ a_2 \end{bmatrix} .

The equation shows that the S-parameters are expressed as the matrix S, where and denote the output and input port numbers of the DUT.

This completely characterizes a network for attenuation, reflection as well as insertion loss. S-Parameters are explained more in details in Electromagnetic Field Theory and Transmission Line Theory but suffice to say that these measurements will be used to deduce the properties of the DUT and generate a mathematical model for the same.

General Architecture

As mentioned previously, a simple network analyzer would be a signal generator connected and a spectrum analyzer combined to work together. The signal generator would be configured to output a signal of a known frequency and the spectrum analyzer would be used to detect the signal at the other end. Then the frequency would be changed to another and the process repeats such that the system sweeps a range of frequencies and the output can be tabulated or plotted on a graph. In order to get reflected power, a microwave component such as a magic-T or directional couplers, however, all of this is usually inbuilt into modern-day VNAs.
Continue reading “Network Analysers: The Electrical Kind”

An Unconference Badge That’s Never Gonna Give You Up

When your publication is about to hold a major event on your side of the world, and there will be a bring-a-hack, you abruptly realise that you have to do just that. Bring a hack. With the Hackaday London Unconference in the works this was the problem I faced, and I’d run out of time to put together an amazing PCB with beautiful artwork and software-driven functionality to amuse and delight other attendees. It was time to come up with something that would gain me a few Brownie points while remaining within the time I had at my disposal alongside my Hackaday work.

Since I am a radio enthusiast at heart, I came up with the idea of a badge that the curious would identify as an FM transmitter before tuning a portable radio to the frequency on its display and listening to what it was sending. The joke would be of course that they would end up listening to a chiptune version of [Rick Astley]’s “Never gonna give you up”, so yes, it was going to be a radio Rickroll.

The badge internals.
The badge internals.

I evaluated a few options, and ended up with a Raspberry Pi Zero as an MP3 player through its PWM lines, feeding through a simple RC low-pass filter into a commercial super-low-power FM transmitter module of the type you can legally use with an iPod or similar to listen on a car radio. To give it a little bit of individuality I gave the module an antenna, a fractal design made from a quarter wavelength of galvanised fence wire with a cut-off pin from a broken British mains plug as a terminal. The whole I enclosed in a surplus 8mm video cassette case with holes Dremmeled for cables, with the FM module using its own little cell and the Pi powered from a mobile phone booster battery clipped to its back. This probably gave me a transmitted field strength above what it should have been, but the power of those modules is so low that I am guessing the sin against the radio spectrum must have been minor.

At the event, a lot of people were intrigued by the badge, and a few of them were even Rickrolled by it. But for me the most interesting aspect lay not in the badge itself but in its components. First I looked at making a PCB with MP3 and radio chips, but decided against it when the budget edged towards £20 ($27). Then I looked at a Raspberry Pi running PiFM as an all-in-one solution with a little display HAT, but yet again ran out of budget. An MP3 module, Arduino clone, and display similarly became too expensive. Displays, surprisingly, are dear. So my cheapest option became a consumer FM module at £2.50 ($3.37) which already had an LCD display, and a little £5 ($6.74) computer running Linux that was far more powerful than the job in hand demanded. These economics would have been markedly different had I been manufacturing a million badges, but made a mockery of the notion that the simplest MCU and MP3 module would also be the cheapest.

Rickrolling never gets old, it seems, but evidently it has. Its heyday in Hackaday projects like this prank IR repeater seems to have been in 2012.

In-Band Signaling: Quindar Tones

So far in this brief series on in-band signaling, we looked at two of the common methods of providing control signals along with the main content of a transmission: DTMF for Touch-Tone dialing, and coded-squelch systems for two-way radio. For this installment, we’ll look at something that far fewer people have ever used, but almost everyone has heard: Quindar tones.

Continue reading “In-Band Signaling: Quindar Tones”

Piezomagnetic Trick Shrinks 2.5 GHz Antennas

To a ham radio operator used to “short”-wave antennas with lengths listed in tens of meters, the tiny antennas used in the gigahertz bands barely even register. But if your goal is making radio electronics that’s small enough to swallow, an antenna of a few centimeters is too big. Physics determines plausible antenna sizes, and there’s no way around that, but a large group of researchers and engineers have found a way of side-stepping the problem: resonating a nano-antenna acoustically instead of electromagnetically.

Normal antennas are tuned to some extent to the frequency that you want to pick up. Since the wavelength of a 2.5 GHz electromagnetic wave in free space is 120 cm mm, most practical antennas need a wire in the 12-60 cm mm range to bounce signals back and forth. The trick in the paper is to use a special piezomagnetic material as the antenna. Incoming radio waves get quickly turned into acoustic waves — physical movement in the nano-crystals. Since these sound waves travel a lot slower than the speed of light, they resonate off the walls of the crystal over a much shorter distance. A piezoelectric film layer turns these vibrations back into electrical signals.

Ceramic chip antennas use a similar trick. There, electromagnetic waves are slowed down inside the high-permittivity ceramic. But chip antennas are just slowing down EM waves, whereas the research demonstrated here is converting the EM to sound waves, which travel many orders of magnitude slower. Nice trick.

Granted, significant material science derring-do makes this possible, and you’re not going to be fabricating your own nanoscale piezomagnetic antennas any time soon, but with everything but the antenna getting nano-ified, it’s exciting to think of a future where the antennas can be baked directly into the IC.

Thanks [Ostracus] for the tip in the comments of this post on antenna basics. Via [Science Magazine].

Doppler Module Teardown Reveals the Weird World of Microwave Electronics

Oscillators with components that aren’t electrically connected to anything? PCB traces that function as passive components based solely on their shape? Slots and holes in the board with specific functions? Welcome to the weird and wonderful world of microwave electronics, brought to you through this teardown and analysis of a Doppler microwave transceiver module.

We’ve always been fascinated by the way conventional electronic rules break down as frequency increases. The Doppler module that [Kerry Wong] chose to pop open, a Microsemi X-band transceiver that goes for about $10 on eBay right now, has vanishingly few components inside. One transistor for the local oscillator, one for the mixer, and about three other passives are the whole BOM. That the LO is tuned by a barium titanate slug that acts as a dielectric resonator is just fascinating, as is the fact that PB traces can form a complete filter network just by virtue of their size and shape. Antennas that are coupled to the transceiver through an air gap via slots in the board are a neat trick too.

[Kerry] analyzes all this in the video below and shows how the module can be used as a sensor. If you need a little more detail on putting these modules to work, we’ve got some basic circuits you can check out.

Continue reading “Doppler Module Teardown Reveals the Weird World of Microwave Electronics”

Attack Some Wireless Devices With A Raspberry Pi And An RTL-SDR

If you own one of the ubiquitous RTL-SDR software defined radio receivers derived from a USB digital TV receiver, one of the first things you may have done with it was to snoop on wide frequency bands using the waterfall view present in most SDR software. Since the VHF and UHF bands the RTL covers are sometimes a little devoid of signals, chances are you homed in upon one of the ISM bands as used by plenty of inexpensive wireless devices for all sorts of mundane control tasks. Unless you reside in the depths of the wilderness, ISM band sniffing will show a continuous procession of chirps; short bursts of digital data. It is surprising, the number of radio-controlled devices you weren’t aware were in your surroundings.

Some of these devices, such as car security keys, are protected by rolling encryption schemes to deter would-be attackers. But many of the more harmless devices simply send a command in the open without the barest of encryption. The folks at put up a guide to recording these open data bursts on a Raspberry Pi and playing them back by transmitting them from the Pi itself.

It’s not the most refined of attack because all it does is take the recorded file and retransmit it with the [F5OEO] RPiTX software. But they do demonstrate it in action with a wireless lightbulb, a door bell, a wireless relay, and a remote-controlled switched socket. Since the data in question is transmitted as OOK, or on-off keying, the RPiTX AM mode stands in for the transmitter.

You can see it in action in the video below the break. Now, have you investigated the ISM band chirps in your locality?

Continue reading “Attack Some Wireless Devices With A Raspberry Pi And An RTL-SDR”