I was successful at turning a raspberry pi into an AKP (ademco key protocol ) bus sniffer. It's a very rough hack but essentially I used an optocouple r hooked up to the data line (yellow) of the ademco and on the other side o f the optocoupler I had it output to the GPIO14 (UART RX) pin. With minima l pain, I was able to set up ser2net and now I can open a telnet port and r ead everything on my alarm bus.
Only parts required were wire, breadboard, optocoupler, a few resistors as needed.
Oh, I don't mind doing so. I originally wanted to make a big article about it for hackaday as I love posting there. But then I realized it might be categorically stupid to announce to the world what kind of alarm system I u se in my home.
Suffice to say, the Ademco keybus protocol used in various alarm systems so ld by ADT is serial-based. With very minimal voltage conversion (step 12v dc down to 1.5v dc) you can hook up the data (yellow) to the RX pin on the raspberry pi and read the alarm as a serial device quite easily. This does not allow you to transmit on the alarm bus though because it is a 1 wire p rotocol with a second wire used to signal bus assertion and other such stuf f (it's kind of an odd protocol really)
I used an optocoupler but you could probably also use a MAX or possibly eve n a straight-forward transistor circuit. My deal with the optocoupler is t hat I knew that the protocol is low-speed (4800bps, I think) and therefore an optocoupler is a sufficient choice and provides total isolation between the alarm and the pi.
Knowing what type of alarm you have, and bypassing said alarm is not quite the same, anyone driving by that sees your yard sign or sticker in the window knows what alarm system you have.
I would be quite interested on the details you found on the bus protocol.
e the same, anyone driving by that sees your yard sign or sticker in the wi ndow knows what alarm system you have.
Unless you leave the signs/stickers as-is and change out the hardware so yo u can hack your own system together... *ahem* ;-) ADT takes vendor board s and replaces the stock firmware with their own proprietary locked down st uff that basically cripples the hardware from utilizing its full potential until you pay their techs to come out and do another (expensive) firmware s wap to get more features. They can go shove it.
The bus protocol is pretty well-documented since the ademco keybus protocol was used in several different systems. I should caveat that I can *mostly
read it because it is a one-wire data line and there is another wire pull ed high by devices when they want to assert that they are transmitting, and other times works more like a clock line. I don't read that line, just t he data wire. And as such transmitting on the bus from the Pi is not possi ble unless I get a lot more clever beyond using resistors and a optocoupler . :-D
So... here's the code I've conjured up to sniff the bus written in Groovy. Basically all it does is read the telnet port for messages, but later I mi ght add better handling to identify the different message types. I think t hat one dangerous thing about doing this hack is that you also see messages from the keypads -- making it trivial to sniff passwords.
/** Derived from information found here:
formatting link
formatting link
formatting link
Hardware info: You could do this for $88 and no work:
formatting link
Or you could get a raspberry pi for $45 and an optocoupler for $1 and buil d the circuit in a few minutes. Nutech makes a great product. But $88 is too spendy for a hobby hack.
def host = "???.???.???.???" // IP address not shown. :-D def port = 4141 def requestSocket = new Socket(host, port)
requestSocket.setSoTimeout(100000) r = new BufferedReader(new InputStreamReader(requestSocket.getInputStream ())) w = new BufferedWriter(new OutputStreamWriter(requestSocket.getOutputStre am()))
If you're looking for an alarm to interface to, you might check out Cytech Comfort. It's a combined alarm and home automation system in its own right, but they publish details of the alarm's communication protocol and provide RS232 or ethernet interface cards so you can connect to it easily. You can do things like arm/disarm, pick up movement sensors, command it to switch outputs, have it command you to do something, see and log everything that happens, etc.
Obviously, this is not Pi specific. I was interfacing to their alarms over 15 years ago from PCs, but a Pi is more than capable of doing that now, at a power consumption that allows for battery backed operation for many hours.
--
Andrew Gabriel
[email address is not usable -- followup in the newsgroup]
t it for hackaday as I love posting there. But then I realized it might be categorically stupid to announce to the world what kind of alarm system I u se in my home.
sold by ADT is serial-based. With very minimal voltage conversion (step 12v dc down to 1.5v dc) you can hook up the data (yellow) to the RX pin on the raspberry pi and read the alarm as a serial device quite easily. This does not allow you to transmit on the alarm bus though because it is a 1 wire p rotocol with a second wire used to signal bus assertion and other such stuf f (it's kind of an odd protocol really)
ven a straight-forward transistor circuit. My deal with the optocoupler is that I knew that the protocol is low-speed (4800bps, I think) and therefore an optocoupler is a sufficient choice and provides total isolation between the alarm and the pi.
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.