Friday Hack Chat: Energy Harvesting

Think about an Internet-connected device that never needs charging, never plugs into an outlet, and will never run out of power. With just a small solar cell, an Internet of Thing module can run for decades. This is the promise of energy harvesting, and it opens the doors to a lot of interesting questions.

Joining us for this week’s Hack Chat will be [John Tillema], CTO and co-founder of TWTG. They’re working on removing batteries completely from the IoT equation. They have a small device that operates on just 200 lux — the same amount of light that can be found on a desktop. That’s a device that can connect to the Internet without batteries, wall warts, or the black magic wizardry of RF harvesting. How do you design a device that will run for a century? Are caps even rated for that? Are you really going to download firmware updates several decades down the line?

For this week’s Hack Chat, we’ll be discussing what energy harvesting actually is, what TWTG’s ‘light energy’ technology is all about, and the capabilities of this technology. Going further, we’ll be discussing how to design a circuit for low-power usage, how to select components that will last for decades, and how to measure and test the entire system so it lives up to the promise of being always on, forever, without needing a new battery.

This is a community Hack Chat, so of course we’ll be taking questions from the community. If you have a question, add it to the discussion sheet

join-hack-chatOur Hack Chats are live community events on the Hack Chat group messaging. This Hack Chat will be going down noon, Pacific time on Friday, October 20th. Is it always five o’clock somewhere? Yes, so here’s a time zone converter!

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on

You don’t have to wait until Friday; join whenever you want and you can see what the community is talking about.

Hybrid Technique Breaks Backscatter Distance Barrier

Low cost, long range, or low power — when it comes to wireless connectivity, historically you’ve only been able to pick two. But a group at the University of Washington appears to have made a breakthrough in backscatter communications that allows reliable data transfer over 2.8 kilometers using only microwatts, and for pennies apiece.

For those unfamiliar with backscatter, it’s a very cool technology that modulates data onto RF energy incident from some local source, like an FM broadcast station or nearby WiFi router. Since the backscatter device doesn’t need to power local oscillators or other hungry components, it has negligible power requirements. Traditionally, though, that has given backscatter devices a range of a few hundred meters at most. The UW team, led by [Shyamnath Gollokota], describe a new backscatter technique (PDF link) that blows away previous records. By combining the spread-spectrum modulation of LoRa with the switched attenuation of incident RF energy that forms the basis for backscatter, the UW team was able to cover 2800 meters for under 10 microwatts. What’s more, with printable batteries or cheap button cells, the backscatter tags can be made for as little as 10 cents a piece. The possibilities for cheap agricultural sensors, ultracompact and low power wearable sensors, or even just deploy-and-forget IoT devices are endless.

We’ve covered backscatter before, both for agricultural uses and for pirate broadcasting stations. Backscatter also has also seen more cloak and dagger duty.

Continue reading “Hybrid Technique Breaks Backscatter Distance Barrier”

Doppler Module Teardown Reveals the Weird World of Microwave Electronics

Oscillators with components that aren’t electrically connected to anything? PCB traces that function as passive components based solely on their shape? Slots and holes in the board with specific functions? Welcome to the weird and wonderful world of microwave electronics, brought to you through this teardown and analysis of a Doppler microwave transceiver module.

We’ve always been fascinated by the way conventional electronic rules break down as frequency increases. The Doppler module that [Kerry Wong] chose to pop open, a Microsemi X-band transceiver that goes for about $10 on eBay right now, has vanishingly few components inside. One transistor for the local oscillator, one for the mixer, and about three other passives are the whole BOM. That the LO is tuned by a barium titanate slug that acts as a dielectric resonator is just fascinating, as is the fact that PB traces can form a complete filter network just by virtue of their size and shape. Antennas that are coupled to the transceiver through an air gap via slots in the board are a neat trick too.

[Kerry] analyzes all this in the video below and shows how the module can be used as a sensor. If you need a little more detail on putting these modules to work, we’ve got some basic circuits you can check out.

Continue reading “Doppler Module Teardown Reveals the Weird World of Microwave Electronics”

AI Watches You Sleep; Knows When You Dream

If you’ve never been a patient at a sleep laboratory, monitoring a person as they sleep is an involved process of wires, sensors, and discomfort. Seeking a better method, MIT researchers — led by [Dina Katabi] and in collaboration with Massachusetts General Hospital — have developed a device that can non-invasively identify the stages of sleep in a patient.

Approximately the size of a laptop and mounted on a wall near the patient, the device measures the minuscule changes in reflected low-power RF signals. The wireless signals are analyzed by a deep neural-network AI and predicts the various sleep stages — light, deep, and REM sleep — of the patient, negating the task of manually combing through the data. Despite the sensitivity of the device, it is able to filter out irrelevant motions and interference, focusing on the breathing and pulse of the patient.

What’s novel here isn’t so much the hardware as it is the processing methodology. The researchers use both convolutional and recurrent neural networks along with what they call an adversarial training regime:

Our training regime involves 3 players: the feature encoder (CNN-RNN), the sleep stage predictor, and the source discriminator. The encoder plays a cooperative game with the predictor to predict sleep stages, and a minimax game against the source discriminator. Our source discriminator deviates from the standard domain-adversarial discriminator in that it takes as input also the predicted distribution of sleep stages in addition to the encoded features. This dependence facilitates accounting for inherent correlations between stages and individuals, which cannot be removed without degrading the performance of the predictive task.

Anyone out there want to give this one a try at home? We’d love to see a HackRF and GNU Radio used to record RF data. The researchers compare the RF to WiFi so repurposing a 2.4 GHz radio to send out repeating uniformed transmissions is a good place to start. Dump it into TensorFlow and report back.

Continue reading “AI Watches You Sleep; Knows When You Dream”

Rapidly Prototyping RF Filters

RF filters are really just a handful of strategically placed inductors and capacitors. Yes, you can make a 1 GHz filter out of through-hole components, but the leads on the parts turn into inductors at those frequencies, completely ruining the expected results in a design.

The solution to this is microstrip antennas, or carefully arranged tracks and pads on a PCB. Anyone can build one of these with Eagle or KiCad, but that means waiting for an order from a board house to verify your design. [VK2SEB] has a better idea for prototyping PCB filters: use copper tape on blank FR4 sheets.

The first, and simplest, filter demonstrated is a simple bandstop filter. This is really just a piece of fiberglass with copper laminated to one side. Two RF connectors are soldered to the edges and a strip of copper tape strung between them. Somewhere around the middle of this copper tape, [VK2SEB] put another strip of copper tape in a ‘T’ configuration. This is the simplest bandstop filter you can make, and the beauty of this construction is that it can be tuned with a razor blade.

Of course, a filter can only be built with copper tape if you can design them, and for that [SEB] is turning to software. The Qucs project is a software tool for designing and simulating these microstrip filters, and after inputting the correct parameters, [SEB] got a nice diagram of what the filter should look like. A bit of taping, razor blading, and soldering and [SEB] had a working filter connected to a spectrum analyzer. Did it work? To a limited extent; the PCB material probably wasn’t right, and board houses are more accurate than a razor blade, but [SEB] did manage to create a 10 GHz filter out of fiberglass and copper tape.

You can check out the video for this experiment below.

Continue reading “Rapidly Prototyping RF Filters”

Hackaday Prize Entry: Open Narrowband RF Transceiver

We have so many options when we wish to add wireless control to our devices, as technology has delivered a stream of inexpensive devices and breakout boards for our experimentation. A few dollars will secure you all your wireless needs, it seems almost whatever your chosen frequency or protocol. There is a problem with this boundless availability though, they can often be rather opaque and leave their users only with what their onboard firmware chooses to present.

The Open Narrowband RF Transceiver from [Samuel Žák] promises deliver something more useful to the experimenter: an RF transceiver for the 868 or 915MHz allocations with full control over all transmission parameters. Transmission characteristics such as frequency, bandwidth, and deviation can be adjusted, and the modulation and encoding schemes can also be brought under full control. Where a conventional module might simply offer on-off keying or frequency shift keying, this module can be programmed to deliver any modulation scheme its chipset is capable of. Spread-spectrum? No problem!

Onboard, the device uses the TI CC1120 transceiver chip, paired with the CC1190 front end and range extender. Overseeing it all is an ST Microelectronics STM32F051 microcontroller, which as you might expect is fully accessible to programmers. Interfaces are either USB, through an FTDI serial chip, or directly via a serial port.

There are a host of transceiver chips on the market which just beg to be exploited, so it is very good indeed to see a board like this one. It’s worth noting though that the CC1120 has a much wider frequency band than that of the CC1190, and with a different front end and PA circuitry, this could cover other allocations including some amateur bands.

SDR Sniffing Electric Gates

Most wireless OEM hardware traditionally use 433MHz OOK modules to exchange information. The encoding and encryption of this data stream is left as a task for the embedded software designer. In most cases, the system can be hacked using a replay attack where an RF packet is recorded and replayed to emulate a valid user. [Gilad Fride] hacked his parking gate using this technique but decided to go the extra mile of connecting it to the internet.

He used an RTL-SDR dongle and ook-decoder by [jimstudt] to sniff out the gate code and this code was tested using an Arduino. The final implementation was done around an Onion Omega which talks directly to the RF transmitter module using the fast-gpio binary. Internet connectivity was achieved using Onion Cloud API which is used to trigger the execution of code thereby sending the gate opening signal.

[Gilad Fride] uses the IFTTT Do button to provide a GUI and he demonstrates this in action using an iPhone in the video below. The project can be extended to open garage doors or turn off the lights of your room over the internet.

If you are looking to hack your home security system, look no further as SDRs have be used to communicate with wireless products effectively in the past. We are hoping manufacturers take a hint and start using better encryption.  Continue reading “SDR Sniffing Electric Gates”