I’ve been working on reverse engineering the radio signals used by some home energy monitoring plugs. At the beginning, I thought it would be as easy as buying some 433MHz transceivers and reading the data off the air! After the transceivers arrived and were getting nothing I asked the bristol hackspace mailing list for some help.
Thanks to Nathan’s pointers about my radio being too ‘clever’ to be able to pick up another radio’s signal (unless all settings were perfect), and suggestion of using his SDR, I decided to invest in one myself. A post by Tomaž Šolc
was also very useful in understanding how SDR could help with finding the signal and working out what the modulation type was.
SDR stands for software defined radio, and it’s recently become very popular when Antti discovered a very cheap radio chip could potentially do SDR
. What it allows us to do is create a radio receiver defined in software instead of hardware. We can then progressively build a radio that can receive the signal we’re looking to decode. Here’s what my basic radio looks like so far:
Then using a gnuradio patch
and the SDR, managed to find the signal, identify the modulation, demodulate it and check that the packet is what I expect
Here we can see the first 3 bytes are 0b10101010, and the data byte is the 0b11111111 towards the end of the packet.
The next step is to capture some packets from the energy monitors and then try and work out the format of the data packets. Watch this space!