RF

197 Articles

Portable MRI Machine Comes To The Patient

May 8, 2020 by 40 Comments

To say that the process of installing a magnetic resonance imager in a hospital is a complex task is a serious understatement. Once the approval of regulators is obtained, a process that could take years, architects and engineers have to figure out where the massive machine can be installed. An MRI suite requires a sizable electrical service to be installed, reinforced floors to handle the massive weight of the magnet, and special shielding in the walls and ceiling. And once the millions have been spent and the whole thing is up and running, there are ongoing safety concerns when working around a gigantic magnet that can suck ferromagnetic objects into it at any time.

MRI studies can reveal details of diseases and injuries that no other imaging modality can match, which justifies the massive capital investments hospitals make to obtain them. But what if MRI scanners could be miniaturized? Is there something inherent in the technology that makes them so massive and so expensive that many institutions are priced out of the market? Or has technology advanced far enough that a truly portable MRI?

It turns out that yes, an inexpensive MRI scanner is not only possible, but can be made portable enough to wheel into a patient care room. It’s not without compromise, but such a device could make a huge impact on diagnostic medicine and extend MRI technologies into places far beyond the traditional hospital setting.

Continue reading “Portable MRI Machine Comes To The Patient”

GPU Turned Into Radio Transmitter To Defeat Air-Gapped PC

April 24, 2020 by 31 Comments

Another week, another exploit against an air-gapped computer. And this time, the attack is particularly clever and pernicious: turning a GPU into a radio transmitter.

The first part of [Mikhail Davidov] and [Baron Oldenburg]’s article is a review of some of the basics of exploring the RF emissions of computers using software-defined radio (SDR) dongles. Most readers can safely skip ahead a bit to section 9, which gets into the process they used to sniff for potentially compromising RF leaks from an air-gapped test computer. After finding a few weak signals in the gigahertz range and dismissing them as attack vectors due to their limited penetration potential, they settled in on the GPU card, a Radeon Pro WX3100, and specifically on the power management features of its ATI chipset.

With a GPU benchmarking program running, they switched the graphics card shader clock between its two lowest power settings, which produced a strong signal on the SDR waterfall at 428 MHz. They were able to receive this signal up to 50 feet (15 meters) away, perhaps to the annoyance of nearby hams as this is plunk in the middle of the 70-cm band. This is theoretically enough to exfiltrate data, but at a painfully low bitrate. So they improved the exploit by forcing the CPU driver to vary the shader clock frequency in one megahertz steps, allowing them to implement higher throughput encoding schemes. You can hear the change in signal caused by different graphics being displayed in the video below; one doesn’t need much imagination to see how malware could leverage this to exfiltrate pretty much anything on the computer.

It’s a fascinating hack, and hats off to [Davidov] and [Oldenburg] for revealing this weakness. We’ll have to throw this on the pile with all the other side-channel attacks [Samy Kamkar] covered in his 2019 Supercon talk.

Continue reading “GPU Turned Into Radio Transmitter To Defeat Air-Gapped PC”

So. You Bought A VNA. Now What?

April 23, 2020 by 33 Comments

It’s never too late in life for new experiences, but there’s a new experience I had a few weeks ago that I wasn’t expecting. I probably received my first piece of test equipment – a multimeter –  in the early 1980s, and since then every time I’ve received a new one, whether an oscilloscope, logic analyser, spectrum analyser or signal generator, I’ve been able to figure out how to use it. I have a good idea what it does, and I can figure out whatever its interface may be to make it do what I want it to. My new experience came when I bought a piece of test equipment, and for the first time in my life didn’t have a clue how to use it.

That instrument is a Vector Network Analyser, or VNA, and it’s worth spending a while going through the basics in case anyone else is in the same position. My VNA is not a superlative piece of high-end instrumentation that cost the GDP of a small country, it’s the popular $50 NanoVNA that has a fairly modest frequency range and performance, but is still a functional VNA that can take useful measurements. But I’m a VNA newbie, what does a VNA do? Continue reading “So. You Bought A VNA. Now What?”

A Practical Look At Chokes For EMI Control

March 15, 2020 by 6 Comments

Radio frequency electronics can seem like a black art even to those who intentionally delve into the field. But woe betide the poor soul who only incidentally has to deal with it, such as when seeking to minimize electromagnetic interference. This primer on how RF chokes work to reduce EMI is a great way to get explain the theory from a practical, results-oriented standpoint.

As a hobby machinist and builder of machine tools, [James Clough] has come across plenty of cases where EMI has reared its ugly head. Variable frequency drives are one place where EMI can cause problems, and chokes on the motor phase outputs are generally prescribed. He used an expensive choke marketed as specific for VFD applications on one of his machines, but wondered if a cheap ferrite core would do the job just as well, and set to find out.

A sweep of some ferrite cores with a borrowed vector network analyzer proved unsatisfying, so [James] set up a simple experiment with a function generator and an oscilloscope. His demo shows how the impedance of a choke increases with the frequency of the test signal, which is exactly the behavior that you’d want in a VFD – pass the relatively low-frequency phase signals while blocking the high-frequency EMI. For good measure, he throws a capacitor in parallel to the choke and shows how much better a low-pass filter that makes.

We love demos like this that don’t just scratch an intellectual itch but also have a practical goal. [James] not only showed that (at least in some cases) a $13 ferrite can do the same job as a $130 VFD choke, but he showed how they work. It’s basic stuff, but it’s what you need to know to move on to more advanced RF filter designs.

Continue reading “A Practical Look At Chokes For EMI Control”

A Patch Antenna Is Just A Rectangle, It Should Be Easy To Design, Right?

March 1, 2020 by 20 Comments

If a grizzled RF engineer who bears the soldering-iron scars of a thousand projects could offer any advice, it would be that microwave antennas are not a field to be entered into lightly. Much heartache is to be saved by using an off-the-shelf design, and only the foolhardy venture willingly down the stripline into the underworld of complex microwave resonances.

But every would-be microwave designer has to start somewhere, and for [Adam Gulyas] that start came with a 2.4 GHz patch antenna. His write-up is a fascinating tale of the challenges and pitfalls of creating something which is deceptively simple at first sight but which becomes significantly more complex as he characterizes his design made real as a PCB.

The process started with a set of calculations to derive the patch dimensions and a bit of PCB work adding a stripline feed. This was produced on a PCB, a normal 1.6mm thick FR4 fiberglass board. When hooked up to a VNA its impedance was all wrong. Further, it had a resonance at the required frequency but also unexpected ones at 3.7 and 4.6 GHz. Simulation of the design also yielded a different resonance from the one calculated, and discussing it with others yielded the conclusion that the feed might be at fault. He ended up using an inset feed, with a co-axial cable emerging away from the edge of the patch, and was able to achieve a far better result.

We can all learn something from [Adam]’s write-up, and we salute him for staying the course to get the design to a usable point. It would be interesting to see the same antenna produced from a more consistent dielectric material than generic FR4. Meanwhile, if you are interested in microwave RF design, take a look at Michael Ossmann’s primer on the subject.

RF Modulation: Crash Course For Hackers

January 28, 2020 by 16 Comments

When you’re looking to add some wireless functionality to a project, there are no shortage of options. You really don’t need to know much of the technical details to make use of the more well-documented modules, especially if you just need to get something working quickly. On the other hand, maybe you’ve gotten to the point where you want to know how these things actually work, or maybe you’re curious about that cheap RF module on AliExpress. Especially in the frequency bands below 1 GHz, you might find yourself interfacing with a module at really low level, where you might be tuning modulation parameters. The following overview should give you enough of an understanding about the basics of RF modulation to select the appropriate hardware for your next project.

Three of the most common digital modulation schemes you’ll see in specifications are Frequency Shift Keying (FSK), Amplitude Shift Keying (ASK), and LoRa (Long Range). To wrap my mechanically inclined brain around some concepts, I found that thinking of RF modulation in terms of pitches produced by a musical instrument made it more intuitive.

And lots of pretty graphs don’t hurt either. Signals from two different RF dev boards were captured and turned into waterfall and FFT plots using a $20 RTL-SDR dongle. Although not needed for wireless experimentation, the RTL-SDR is an extremely handy debugging tool, even to just check if a module is actually transmitting. Continue reading “RF Modulation: Crash Course For Hackers”

Mr. Carlson Gets Zapped By Snow

January 25, 2020 by 47 Comments

As a Canadian, [Mr. Carlson] knows a thing or two about extreme winter weather. Chances are good, though, that he never thought he’d get zapped with high voltage generated by falling snow.

[Mr. Carlson]’s shocking tale began with a quiet evening in his jam-packed lab as a snowstorm raged outside. He heard a rhythmic clicking coming from the speakers of his computer, even with the power off. Other speakers in the lab were getting into the act, as was an old radio receiver he had on the bench. The radio, which was connected to an outdoor antenna by a piece of coax, was arcing from a coil to the chassis in the front end of the radio. The voltage was enough to create arcs a couple of millimeters long and bright blue-white, with enough current to give [Mr. Carlson] a good bite when he touched the coax. The discharges were also sufficient to destroy an LED light bulb in a lamp that was powered off but whose power cord was unlucky enough to cross the antenna feedline.

Strangely, the coil from which the arc sprang formed a 36-ohm shunt to the radio’s chassis, giving the current an apparently easy path to ground. But it somehow found a way around that, and still managed to do no damage to the sturdy old radio in the process. [Mr. Carlson] doesn’t offer much speculation as to the cause of the phenomenon, but the triboelectric effect seems a likely suspect. Whatever it is, he has set a trap for it, to capture better footage and take measurements should it happen again. And since it’s the Great White North, chances are good we’ll see a follow-up sometime soon.

Continue reading “Mr. Carlson Gets Zapped By Snow”