Low cost, long range, or low power — when it comes to wireless connectivity, historically you’ve only been able to pick two. But a group at the University of Washington appears to have made a breakthrough in backscatter communications that allows reliable data transfer over 2.8 kilometers using only microwatts, and for pennies apiece.
For those unfamiliar with backscatter, it’s a very cool technology that modulates data onto RF energy incident from some local source, like an FM broadcast station or nearby WiFi router. Since the backscatter device doesn’t need to power local oscillators or other hungry components, it has negligible power requirements. Traditionally, though, that has given backscatter devices a range of a few hundred meters at most. The UW team, led by [Shyamnath Gollokota], describe a new backscatter technique (PDF link) that blows away previous records. By combining the spread-spectrum modulation of LoRa with the switched attenuation of incident RF energy that forms the basis for backscatter, the UW team was able to cover 2800 meters for under 10 microwatts. What’s more, with printable batteries or cheap button cells, the backscatter tags can be made for as little as 10 cents a piece. The possibilities for cheap agricultural sensors, ultracompact and low power wearable sensors, or even just deploy-and-forget IoT devices are endless.
We’ve covered backscatter before, both for agricultural uses and for pirate broadcasting stations. Backscatter also has also seen more cloak and dagger duty.
Continue reading “Hybrid Technique Breaks Backscatter Distance Barrier”
Oscillators with components that aren’t electrically connected to anything? PCB traces that function as passive components based solely on their shape? Slots and holes in the board with specific functions? Welcome to the weird and wonderful world of microwave electronics, brought to you through this teardown and analysis of a Doppler microwave transceiver module.
We’ve always been fascinated by the way conventional electronic rules break down as frequency increases. The Doppler module that [Kerry Wong] chose to pop open, a Microsemi X-band transceiver that goes for about $10 on eBay right now, has vanishingly few components inside. One transistor for the local oscillator, one for the mixer, and about three other passives are the whole BOM. That the LO is tuned by a barium titanate slug that acts as a dielectric resonator is just fascinating, as is the fact that PB traces can form a complete filter network just by virtue of their size and shape. Antennas that are coupled to the transceiver through an air gap via slots in the board are a neat trick too.
[Kerry] analyzes all this in the video below and shows how the module can be used as a sensor. If you need a little more detail on putting these modules to work, we’ve got some basic circuits you can check out.
Continue reading “Doppler Module Teardown Reveals the Weird World of Microwave Electronics”
If you’ve never been a patient at a sleep laboratory, monitoring a person as they sleep is an involved process of wires, sensors, and discomfort. Seeking a better method, MIT researchers — led by [Dina Katabi] and in collaboration with Massachusetts General Hospital — have developed a device that can non-invasively identify the stages of sleep in a patient.
Approximately the size of a laptop and mounted on a wall near the patient, the device measures the minuscule changes in reflected low-power RF signals. The wireless signals are analyzed by a deep neural-network AI and predicts the various sleep stages — light, deep, and REM sleep — of the patient, negating the task of manually combing through the data. Despite the sensitivity of the device, it is able to filter out irrelevant motions and interference, focusing on the breathing and pulse of the patient.
What’s novel here isn’t so much the hardware as it is the processing methodology. The researchers use both convolutional and recurrent neural networks along with what they call an adversarial training regime:
Our training regime involves 3 players: the feature encoder (CNN-RNN), the sleep stage predictor, and the source discriminator. The encoder plays a cooperative game with the predictor to predict sleep stages, and a minimax game against the source discriminator. Our source discriminator deviates from the standard domain-adversarial discriminator in that it takes as input also the predicted distribution of sleep stages in addition to the encoded features. This dependence facilitates accounting for inherent correlations between stages and individuals, which cannot be removed without degrading the performance of the predictive task.
Anyone out there want to give this one a try at home? We’d love to see a HackRF and GNU Radio used to record RF data. The researchers compare the RF to WiFi so repurposing a 2.4 GHz radio to send out repeating uniformed transmissions is a good place to start. Dump it into TensorFlow and report back.
Continue reading “AI Watches You Sleep; Knows When You Dream”
RF filters are really just a handful of strategically placed inductors and capacitors. Yes, you can make a 1 GHz filter out of through-hole components, but the leads on the parts turn into inductors at those frequencies, completely ruining the expected results in a design.
The solution to this is microstrip antennas, or carefully arranged tracks and pads on a PCB. Anyone can build one of these with Eagle or KiCad, but that means waiting for an order from a board house to verify your design. [VK2SEB] has a better idea for prototyping PCB filters: use copper tape on blank FR4 sheets.
The first, and simplest, filter demonstrated is a simple bandstop filter. This is really just a piece of fiberglass with copper laminated to one side. Two RF connectors are soldered to the edges and a strip of copper tape strung between them. Somewhere around the middle of this copper tape, [VK2SEB] put another strip of copper tape in a ‘T’ configuration. This is the simplest bandstop filter you can make, and the beauty of this construction is that it can be tuned with a razor blade.
Of course, a filter can only be built with copper tape if you can design them, and for that [SEB] is turning to software. The Qucs project is a software tool for designing and simulating these microstrip filters, and after inputting the correct parameters, [SEB] got a nice diagram of what the filter should look like. A bit of taping, razor blading, and soldering and [SEB] had a working filter connected to a spectrum analyzer. Did it work? To a limited extent; the PCB material probably wasn’t right, and board houses are more accurate than a razor blade, but [SEB] did manage to create a 10 GHz filter out of fiberglass and copper tape.
You can check out the video for this experiment below.
Continue reading “Rapidly Prototyping RF Filters”
We have so many options when we wish to add wireless control to our devices, as technology has delivered a stream of inexpensive devices and breakout boards for our experimentation. A few dollars will secure you all your wireless needs, it seems almost whatever your chosen frequency or protocol. There is a problem with this boundless availability though, they can often be rather opaque and leave their users only with what their onboard firmware chooses to present.
The Open Narrowband RF Transceiver from [Samuel Žák] promises deliver something more useful to the experimenter: an RF transceiver for the 868 or 915MHz allocations with full control over all transmission parameters. Transmission characteristics such as frequency, bandwidth, and deviation can be adjusted, and the modulation and encoding schemes can also be brought under full control. Where a conventional module might simply offer on-off keying or frequency shift keying, this module can be programmed to deliver any modulation scheme its chipset is capable of. Spread-spectrum? No problem!
Onboard, the device uses the TI CC1120 transceiver chip, paired with the CC1190 front end and range extender. Overseeing it all is an ST Microelectronics STM32F051 microcontroller, which as you might expect is fully accessible to programmers. Interfaces are either USB, through an FTDI serial chip, or directly via a serial port.
There are a host of transceiver chips on the market which just beg to be exploited, so it is very good indeed to see a board like this one. It’s worth noting though that the CC1120 has a much wider frequency band than that of the CC1190, and with a different front end and PA circuitry, this could cover other allocations including some amateur bands.
Most wireless OEM hardware traditionally use 433MHz OOK modules to exchange information. The encoding and encryption of this data stream is left as a task for the embedded software designer. In most cases, the system can be hacked using a replay attack where an RF packet is recorded and replayed to emulate a valid user. [Gilad Fride] hacked his parking gate using this technique but decided to go the extra mile of connecting it to the internet.
He used an RTL-SDR dongle and ook-decoder by [jimstudt] to sniff out the gate code and this code was tested using an Arduino. The final implementation was done around an Onion Omega which talks directly to the RF transmitter module using the fast-gpio binary. Internet connectivity was achieved using Onion Cloud API which is used to trigger the execution of code thereby sending the gate opening signal.
[Gilad Fride] uses the IFTTT Do button to provide a GUI and he demonstrates this in action using an iPhone in the video below. The project can be extended to open garage doors or turn off the lights of your room over the internet.
If you are looking to hack your home security system, look no further as SDRs have be used to communicate with wireless products effectively in the past. We are hoping manufacturers take a hint and start using better encryption. Continue reading “SDR Sniffing Electric Gates”
You may not realize it, but how fast a person walks is an important indicator of overall health. We all instinctively know that we lag noticeably when a cold or the flu hits, but monitoring gait speed can help diagnose a plethora of chronic diseases and conditions. Wearables like Fitbit would be one way to monitor gait speed, but the Computer Science and Artificial Intelligence Lab at MIT thinks there’s a better way: a wireless appliance that measures gait speed passively.
CSAIL’s sensor, dubbed WiTrack (PDF), is a wall-mounted plaque that could be easily concealed as a picture or mirror. It sends out low-power RF signals between about 5- and 7-GHz to perform 3D motion tracking in real time. The WiTrack sensor has a resolution of about 8 cm at those frequencies. With their WiGait algorithms (PDF), the CSAIL team led by [Chen-Yu Hsu] is able to measure not only overall walking speed, but also stride length. That turns out to be critical to predicting the onset of such diseases as Parkinson’s, which has a very characteristic shuffling gait in the early phase of the disease. Mobility impairments from other diseases, like ALS and multiple sclerosis, could also be identified.
WiTrack builds on [Hsu]’s previous work with through-wall RF tracking. It’s nice to see a novel technique coming closer to a useful product, and we’ll be watching to see where this one goes.
Continue reading “Measuring Gait Speed Passively to Diagnose Diseases”