Car Satellite Alarm on STM32F1
The theory of creating a home-made car satellite alarm system with a web-interface and eCall / ERA-GLONASS support based on STM32 microcontrollers as the basis for the Smart Car concept, and its use in Smart Home systems. Realization of the Volvo On Call technology analogue and Toyota Friends automobile social network.
I finally decided to write a continuation of the article “Satellite speedometer on STM32F1 and FreeRTOS” .
Let us consider how to make car satellite signaling with a web-interface with your own hands - the main ideas, the element base, technical details of the implementation. I note immediately that the cost comes at the level of one and a half thousand rubles (in the basic version), while industrial analogues (together with the installation) come out in the region of 30-50 thousand rubles. There is no subscription fee - there are only expenses for cellular communication (about 100 rubles per month. With a competent approach to minimizing the transmitted traffic - about 60 rubles will go away per month, or even less). Thanks to the support of Glonass, an additional advantage appears in connection with the expected 100% equipment of the Russian fleet with Glonass systems. And at the same time, the described device carries innovative capabilities that are not yet on the market.
The device described below is universal - it can be installed and working with the same success both on Zhiguli and Lexus - both on mobile objects (cars, trucks) and stationary (houses, cottages, etc.). ). Performs 3 main functions:
')
* Informational - an analog of Volvo On Call technology. Being at a considerable distance, you stay in touch with your car, if you have any device that has Internet access (computer, netbook, iPhone, iPad, Android device, etc.) - find the location of your car, remotely start the engine, get information about its technical condition, etc. The machine is controlled and monitored via SMS / voice calls (dtmf) / site. The site is an Internet portal to which, in automatic mode, objects equipped with this device “dump” information about their current state and take settings from it for their work. It is also an automobile social network (analogous to Toyota Friends) for the interaction of objects (cars, houses) and people.
* Security - includes:
a) label with 2.4GHz dialogue code based on STM32W, for automatic access to the object.
b) protection against jamming of the gsm signal (constant monitoring of the communication channel by the server + detection of the fact of jamming by the alarm itself)
c) the gsm / gps / glonass tracker function - if the car is stolen or placed at a car park, you can find out its current location.
d) hidden video surveillance - by rs485 video cameras consisting of STM32F4 and cmos-cameras on board are connected to the alarm system.
d) digital relays - even physically removing or disabling the alarm, the attacker will not achieve anything - the relays de-energize vital circuits and cannot be activated anymore, even directly supplying power to them. Also, digital relays control the pins in the doors — even if the attacker breaks the windows and / or breaks the lock locks — he cannot open the door, even breaking the lock — the doors will interfere with electronic pins in the doors that can only be unlocked by an alarm.
e) as an accessory, 1 or several gsm / gps / glonass beacons, also self-made, are used. Because for the reasons described below, the use of signaling alone is not enough. It is also recommended to use the hood lock, steering lock (for example, the Guarantor), armored film for glass (breaking glass to steal your belongings from the salon or to get inside will be extremely problematic - it protects even from the airgun bullets)
* Rescue - a car equipped with this device will be able to independently call emergency services, even if the driver and his passengers are no longer able to take any action. To realize this opportunity, the device has the support of eCall / ERA-Glonass technologies. Installation of such devices, according to forecasts, will be able to save 2,500 lives a year in Europe annually, 4,000 lives a year in Russia and a 14% reduction in the consequences of injuries in road traffic accidents.
* Logistics - for shipping companies. Monitoring and tracking the movement of vehicles, accounting for fuel consumption in the fleet, etc.
In order to show more clearly what is being discussed, I’ll give a video from the industrial version of this device (which, by the way, has less functionality at a significantly higher price):
And now - how to implement all this independently, ideas in general. In the end, we consider the implementation on STM32 microcontrollers.
1. The overall structure of the system.
- as I wrote earlier, the device is suitable for use not only in mobile objects (cars, trucks, etc. - “Smart car”), but also in stationary (apartments, houses, cottages - “Smart house”). In general, car satellite signaling, as practice shows, turn out to be a good substitute for “Smart Home” systems for automation and security of apartments, cottages and other real estate objects. Of course, they cannot compete with such systems as “Smart Home”, such as LonWorks, Legrand and Bticino, but they can easily solve tasks that are priority for the consumer in automating their homes - security, remote monitoring and control, video surveillance, and so on. The consumer is not always ready to lay out for automation the money that costs systems like LonWorks - he needs a budget solution, which can become a car satellite alarm system. As an illustrative example, the resource http://home-online.ru/solutions.html
In the case of the “Smart Car” application, the device is placed in a metal case capable of withstanding loads of up to 40G, in which the alarm itself and the backup battery are placed. This is a requirement of the ERA-Glonass standard - a device in the event of an accident and subsequent possible fire should be able to contact emergency services and transfer the coordinates of the car, even if the driver and his passengers are no longer able to take any action on their part. In addition, instead of a SIM card, a SIM chip is used (for more details, see the GSM-module SIM900 section below).
In the case of the “Smart Home” application, the device is placed in a conventional compact plastic case with a battery for placement in a hidden place for an attacker, while its power part is placed in the case for mounting an electrical cabinet in a DIN rail:
Consider now the structure of the device itself, in the case of automotive applications:
To remove data on the condition of the vehicle (engine speed, oil and fluid pressure sensors, etc.), use the connection to the vehicle's diagnostic connector using CAN / LIN. In case our device does not support this brand of car, it is used to connect directly to the sensors and actuators of the car - tachometer / generator, nozzles, oil pressure sensors, coolant level, etc.
You can do without the immobilizer crawler, if the immobilizer supports remote start - this is set in its settings. Otherwise, you will most likely have to sacrifice one of the tags and use the crawler.
Setting up my alarm is done via USB - I use the USB CDC class in the STM32, so on the computer side the device is defined as a normal com port, and you can work with it through any terminalka (I use Putty).
Volume sensor - a standard external sensor is used, and an accelerometer can be used as a tilt sensor in the device itself - for example, LIS203DL (plus the fact that this accelerometer is installed on the stm32f4-discovery debug card and there are well documented examples of working with it).
To implement the autostart function in the case of manual transmission, we must be sure that the car is not in gear. To do this, the user must either get out of the car and set it to arm without shutting down the engine (arming with the engine running), or install reed switches at the gearbox (the implementation is described here )
Cameras on STM32F4
The element base of cameras is represented by a microcontroller STM32F407 + CMOS-camera + external memory. They are connected to the main signaling unit through the RS-485 interface (at the physical level, while the application uses ModBus ). The best option is to place the cameras as follows:
Cameras work in the mode of photographing. The STM32F4 microcontroller was not chosen by chance - it has a built-in synchronous parallel interface of the DCMI camera, which allows you to connect cmos-cameras up to 1 megapixel. Among others, it has a Snapshot mode, which is used. Using the direct memory access (DMA) mechanism, the data from the camera is immediately placed by the array in external memory connected via the microcontroller's FSMC interface - the computational resources of the kernel are not used. After the frame has been recorded, we transfer the data into a JPEG format - then they are sent via RS-485 to the central unit and are used to send a photo message to the system’s site and to create an MMS message with a photo (there is no computational load on the STM32 microcontroller - we stupidly receive from cameras and send further (to the server and in the form of mms) jpeg-data without processing them. The MMS modem is already engaged in the construction of an MMS message.
By the way, the use of cmos cameras with conventional microcontrollers is complicated by the fact that the same OV7670 camera is not able to transfer data with a frequency of less than 10 MHz + data from it needs to be placed somewhere. Therefore, to use cameras with conventional microcontrollers (as well as FPGAs), FIFO buffers are very often used, for example, AL422B, whose memory capacity is enough to store 1 frame of camera image:
The device of the main alarm unit
The main components of the main unit are microcontroller stm32f103, gps / glonass module, gsm-module SIM900.
GPS / GLONASS module
At the moment I use the well-known gps EB500, but it is planned to switch to GPS / Glonass module Geos-3M . If you compare it with the ML8088s / GL8088s, nv-08-c, then it differs favorably from the first one by its power consumption (judging by engineering samples), from the second by the price ($ 28 retail, $ 15 opt). By the way, it is planned to use GPS / Glonass module Geos-1M in e-mobiles.
Using instead of the usual GPS dual GPS / Glonass module gives us two main advantages:
1) Using the GPS + Glonass mode allows you to improve the accuracy and success of determining the coordinates (because we have more satellites available - not only GPS, but also Glonass).
2) Now the commercialization of Glonass technology is gaining momentum. Already at the legislative level, the installation of Glonass terminals is required for installation on a number of vehicles. Therefore, the support of Glonass in the automotive device is an additional competitive advantage, ensuring its attractiveness in the market.
Working with the module does not cause problems - the module takes over all the mathematical processing, producing text lines with ready data (NMEA protocol). On how to organize their analysis and work with the module on the STM32 microcontroller - I wrote in the last article, "Satellite speedometer on the STM32F1 and FreeRTOS" . By the way, the Geos-3M module supports data output in binary form.
When using such modules, the main problem is the increased noise level at the parking lot, which is expressed in the drift of coordinates and speed on a fixed object. And during the night, a car, if no additional measures are taken, can wind up more than one circle on the map, while remaining in reality still all the time. The best solution to this problem without the use of additional components, which I know is to control the change in azimuth while calculating coordinates (do not take into account when a small change) - with this approach we do not take into account garbage, and we get savings in memory and traffic.
In any case, any kind of mathematical processing of the GPS / Glonass module is not ideal - even in the best case, it turns out that we do not take into account the low speed and a small change in coordinates. In the case of automotive applications, the use of a 3-axis gyroscope and an automobile speedometer, together with the Glonass / GPS module, is capable of fundamentally solving this problem. As such a gyro you can take, for example, L3G4200D ($ 19). For automotive use, the A3G4250D gyroscope has already been announced, but it is not yet available for sale. Such a gyro works on the I2C / SPI bus:
So, how do we help connecting the gyroscope and speedometer?
a) we get the opportunity to quite easily beat the drift in the parking lot - discard false data about the speed and change of coordinates in the parking lot with GPS / Glonass
b) When GPS / Glonass signals disappear, we get the opportunity to continue to conduct geographical positioning on the speedometer and gyroscope - continue to track.
In the parking mode, when the car is stationary, the GPS / Glonass module tells us that we are moving at a low speed, the coordinates are drifting. But from the gyroscope we get zeros, which gives us reason to believe that we are standing still and the module readings can be ignored. When the GPS / Glonass signal disappears in motion, we take the speed information from the speedometer, and the information about the bends (angular speeds) from the gyroscope.
By implementation - we don’t really care what speed sensor is used and where it is taken from in the car. Almost everywhere the amplitude of the speed signal is 12 volts, the difference is only in the number of pulses per second. Here you can simply enter the self-calibration - in the movement by GPS / Glonass automatically determine how many pulses per 1 meter of the path, and memorize the resulting constant.
It is also necessary to enter the temperature calibration of the gyroscope using GPS / Glonass, since its side effect is temperature drift.
It should be noted here that calculating the path according to the readings of the gyroscope and speedometer using the Cortex M3 is a very dubious task. The data must be sent to the server, on which the calculation will be made. But if we are ready to abandon Glonass, leaving only GPS, you can look at the LEA-6R GPS modules - it has a DR (dead reconing) function that allows you to connect additional path information channels directly to the module — a gyroscope and a speedometer. Accordingly, both the microcontroller and the server are unloaded in this case in terms of calculating the coordinates - the module itself is already engaged in this, producing ready-made NMEA data. Which significantly reduces the time and complexity of the development of the finished device. It is a pity, but such decisions that support Glonass are not visible on the horizon: - (
And now - it's time to consider working with a GSM modem.
GSM / GPRS SIM900 module
Previously, the use of the sim300 gsm module was common in embedded systems, but soon a sim900 ($ 21) came to replace it, and after a while, its lightweight budget version sim900r began to be released (unlike sim900, this is a dual-band module with reduced program memory and with restrictions on use in countries - only in Russia and bordering countries). The SIM900 is a quad band (850/900/1800/1900) GSM / GPRS module with an integrated TCP / IP stack. Allows you to send MMS-messages, has built-in support for the application layer protocols HTTP, FTP, and in the latest firmware - DTMF decoding, GSM jamming detection (Jamming Detection) and eCall / ERA-GLONASS rescue systems (the latter will be described in detail below) ). You can control the modem using AT commands, connect via UART or I2C.
Diluting a board for this module for debugging on your own is a thankless task, especially since the debug board for this module is quite inexpensive - $ 65, so I recommend taking it:
To support Era-Glonass, DTMF decoding, etc. You need to update the firmware - to do this, contact the distributor in your region (I applied to MT-Systems), then flash it through the debug-port.
Debugging work with the module is more convenient from the computer. Fortunately, I initially put USB support into the device for setting the settings, I did this: I connected the library from ST to implement USB CDC - class, which made it possible to communicate with the device through any terminal that works with a serial port (the device is seen as a virtual computer in the system). port). The device sends commands to the SIM900 module, while echo-repeater is turned on in the module - i.e. all that he sends, he sends back, along with the answer. And the microcontroller sends the entire response from the UART from the SIM900 via USB to me at the terminal. Those. in the process of device interaction with the SIM900, the whole communication process + is clearly visible on the screen from the terminal, it is possible to manage the communication process by setting unique breakpoints. This greatly simplifies the writing of the functionality for working with the SIM900 and its debugging.
Getting started with the SIM900 module is described here and here , so I’ll focus on the most interesting points:
SIM900: GPRS
The device, by default, once per minute sends data (current coordinates, vehicle speed, etc.) to a web server and receives settings from it. Let's take a simple example to see how you can implement sending data via HTTP to your server (the operator in our case is MTS):
SIM900: Protection against GSM signal jamming
An attacker can easily break the connection of our device with the server via the GSM channel, and for this it has 3 ways:
1) GSM signal jamming
- With the help of such a simple device worth $ 119, you can silence 3G / GSM / CDMA modems within a radius of 5-20 meters. And the disturbing channel of communication of satellite gsm signaling with the server will be broken.
2) Substitution of the cellular operator's base station
There are devices that fit in the case and allow you to impersonate the base station of the cellular network:
The GSM modem of the device will not be able to distinguish the real base station from the fake mobile one, and in the event of an alarm it will not be able to send data on the alarm channel.
3) SIM card cloning.
- the number used by the gsm-alarm system has a second SIM card, which is in the hands of intruders. And if you muffle the alarm signal with a jammer from claim 1, then a device with this number (with an attacker) will be available and will not give alarms. If the alarm check is based on a periodic dial-up, then dialing will be carried out on a fake SIM card, and the alarm will not trigger.
4) Field detector for detecting radio repeaters (including GSM devices)
- used to localize the installed alarm. You can buy for $ 43 such a miracle device:
- allows to detect radio transmitters emitting in the range of 1 MHz to 2.6 GHz. The screen displays the radiation frequency of the device and the signal level, which allows you to find the location of the alarm installation and neutralize it.
To protect against p.4, they install gps / gsm-beacons in addition to the standard signaling system, which will be discussed in the section “SIM900: Using custom applications. GPS / Glonass - beacons. ".
To protect against Clauses 1 and 3, the SIM900 module supports the Jamming Detection function, designed to detect attempts to jam the signal - this is what the AT + SJDR command is for. If the modem is jammed, the message “+ SJDR: JAMMING DETECTED” will be displayed. Of course, the modem will not have time to contact the server and transmit the alarm data. But the device can turn on the siren, block the car and remember that it was jammed - after the connection is resumed, this information will go to the server.
To protect against all the above points in modern satellite gsm alarms, they use GSM channel monitoring. The bottom line is that the gsm-modem binds to the server with a given frequency - for example, it sends data via HTTP. If during the last N minutes the modem has not contacted the server, this is a reason to raise the alarm and call / send SMS from the server to the owner of the machine. Of course, this is not a panacea for 100% of cases - somewhere just a bad reception of a GSM signal. In other cases, the attacker can affect the human psyche - periodically jamming the signal and forcing the owner of the car to run out to his car. After some time, the owner will get tired of this and he will turn off the control of the communication channel, thereby giving the car a green light to the hijacker. But nevertheless, control of the communication channel turns out to be a tangible help in solving the problem of protection against theft.
SIM900: Get coordinates in the absence of GPS / Glonass signals
About the current location of the car, we get the coordinates from the GPS / Glonass - satellites. But a situation may arise in which the receipt of these coordinates is impossible (for example, there is no signal). In this case, the calculation option in the coordinates via the link speedometer + gyroscope I already considered above. But there is another solution - the base stations of the cellular operator can come to our aid, one of which we are connected to. We can get information from base stations such as LAC and CELLID (area code and base station identifier, respectively). This information uniquely identifies this base station among other current cellular operator. And the coordinates of the base stations are widely known. Therefore, knowing which modem the base station is connected to, it is possible to determine the geographical coordinates (longitude and width) of this station, and thus the approximate coordinates for finding the modem itself. Geographic coordinates for lac and cellid base stations can be obtained through the Yandex API, Google, opencellid.org, location-api.com. By the way, mobile operators do not publish the coordinates of their base stations in the public domain. Therefore, the same Yandex receives this information from its users who have downloaded Yandex applications and have a gps receiver on the phone.The Yandex application receives the cellid and lac of the base station from the gsm modem of the phone, and from the gps receiver, the current geographic coordinates, and sends it to the Yandex server, and the lists of the geographic coordinates of the Beeline, MTS and Megaphone base stations are updated.
So, we want to determine your coordinates by GSM. To do this, the SIM900 module needs to issue the AT + CREG = 2 command - it will issue a response in the + CREG format: <stat>, <lac>, <ci>. Also, we will automatically receive this answer when the modem of the current base station is changed. Then we transmit these via GPRS to our server. The server on the basis of this data takes geographic coordinates from its cache, and in the absence of the cache, it makes a request for one of the services for determining the coordinates of base stations - for example, Yandex, and we get coordinates in the format. More details on the use of these services can be found at http://www.xakep.ru/post/48378/
As a result, the user on the site is given a map with a shaded area, which shows the approximate location of the vehicle based on gsm coordinates.
The AT + CIPGSMLOC command appeared in SIM900 modems not so long ago, immediately immediately issuing the geographic coordinates of the gsm network. But she doesn’t carry anything fundamentally new in herself - this command performs everything that I wrote above. Receives lac, ci, sends them to Google and gives the result.
At the same time, I note that some modems have the ability to consistently connect to everyone in the BS in sight. This can be used to clarify the gsm coordinates - in this case we can find out the lac, ci of all the nearest BSs, find out the geographical coordinates from them - they will be the vertices of the polygon where our module is located:
SIM900: Using custom applications. GPS / Glonass - beacons.
Car satellite signaling is, of course, good. But it can be found and deactivated. For example, using the field detector discussed above. Gps / gsm beacons, which are miniature devices with a GPS (or GPS / Glonass) receiver, a GSM modem and a battery, come to the rescue. Such beacons are difficult to detect visually, because they are well hidden in the hidden places of the car. Field detector is difficult to identify them - because most of the time, such a beacon just sleeps, only occasionally waking up to register on the network, transmit its coordinates to the server, and fall asleep again.
The question may arise - what about the microcontroller? The answer is - it is not needed. In modern GSM modems there is a special memory area for launching user applications. For example, the Sierra Wireless modems use the OpenAT operating system, in which your programs can run. And SIM900 supports Embedded AT technology - you simply create your program in the SIM900DevIDE environment, load it with firmware into the modem - and enjoy life. There is no need to spend money on a separate controller - the modem itself will take data from the GPS / Glonass receiver and send it to your server. Along with the SIM900DevIDE environment, there are already examples of programs, so you won't have to write your application from scratch.
SIM900: eCall / ERA-GLONASS rescue systems.
ERA-Glonass is a system designed to reduce mortality and injuries on Russian roads, based on the use of Glonass. If a person gets into an accident - a car equipped with a terminal of this system is capable of calling emergency services on its own, without the involvement of a person. There is also a manual opportunity to call them, by pressing the “SOS” button (something similar is in Volvo On Call and Lexus Link, but there are paid services there + the cost of the equipment itself is quite high). In order for cars coming from EU countries to us to receive emergency assistance in Russia, and vice versa, so that our car equipped with the ERA-GLONASS terminal can work with the western infrastructure when going abroad, there is full compatibility with the European system eCall. Those.if we have the support of ERA-GLONASS - then being abroad in the EU countries, we can use the eCall emergency response system. According to preliminary forecasts, the use of terminals of ERA-Glonass / eCall systems will allow 2,500 lives to be saved in Europe every year, 4,000 in Russia — and to reduce the effects of injuries due to road accidents by about 14%. So far there is only testing and deployment of ERA-Glonass and eCall systems. The final launch of eCall is scheduled for 2014, and ERA-Glonass is scheduled for the end of 2013 (we are optimists, however!). Since 2013, all cars produced from the assembly line should already have the support of ERA-GLONASS. But more than a dozen years will pass before most of our population have cars with the ERA-GLONASS / eCall terminal already built in,Therefore, the built-in support in our devices of these systems for a long time will carry a very significant competitive advantage, especially since in terms of hardware implementation, this support does not incur any additional material costs.
The ERA-GLONASS terminal is easy to make yourself - for this, modems that support data transfer technology over a voice channel have already appeared - the in-band modem function. Let's see how it works:
But first we answer the question - why not just use regular GPRS, SMS? The fact is that they introduce a significant delay in data transmission. In in-band modem mode, the data is transmitted instantly; the call will be given the maximum priority by the mobile operator, even in the event of a cellular network overload. If the network is overloaded, then the active calls of other subscribers will be interrupted so that your terminal can contact the service 112.
In the event of an accident (determined by the vehicle’s sensor readings), or if you press the SOS button yourself, then you make an emergency call to service 112 and send it to a PSAP server (in Russia, to the PSAP server of the federal operator NIS-GLONASS, which supports 3GPP version 8.6 .0 / 9.4.0. PSAP stands for Public Service Answering Point) MSD message (MSD-Minimum Set of Data, minimum data set) with a limit of 140 bytes, which contains the following information:
1) Control data: is the call test, can you trust these geo-coordinates, type of vehicle (passenger car abundance (class M1), city / intercity bus (M2-M3), light commercial vehicle (N1), truck (N2, N3) motorcycle - classes L1e-L7e)
2) Vehicle identification data: Your car’s VIN number
3) Vehicle propulsion storage type: what your car drives (gas, diesel, gasoline, hydrogen, electric motor) - you can specify several values ​​at the same time (if, for example, the machine uses both gas and electric energy for movement)
4) Time stamp: We specify the current date, including seconds
5) Current location of vehicle: we specify the geographical longitude and width received from our GPS / Glonass module. If you do not know, you can simply not fill in the field.
6) Direction of vehicle: the direction of movement of the machine along the magnetometer built into the terminal, in degrees, with 0 being the magnetic north. The countdown goes clockwise, in steps of 2 degrees. Those.if we have a deviation of 120 degrees from magnetic north, then in MSD we indicate 60. Or simply 0xFF, if the direction of movement is not known.
7) Location delta with respect to recentVehicleLocationN1: The difference in geographical coordinates between the current coordinates and those coordinates that were recorded at the time of the incident. These fields are also optional.
8) Number of passengers: minimum known number of passengers. If we don’t know, we specify 0xFF. Automatically calculated as follows: there are sensors in the safety belts of the car that fix if the seat belt is clicked on (for us this means that the passenger has taken the appropriate place) - the number of activated sensors and write to this field.
9) Optional additional data: any additional information (binary / bcd / xml / asn.1 / ascii), the format is not strictly regulated.
10) CRC32 - CRC32 checksum of our MSD message.
Total MSD length cannot exceed 140 bytes. The default connection is initiated by the client (i.e., us), but it can also be initiated by the PSAP server of service 112.
One of the first modems that implemented in-band modem to work with eCall / ERA-GLONASS was the SL6087 modem from Sierra Wireless. But a couple of months ago, such support appeared in the firmware for the SIM900 modems I used by SimCom. Moreover, it is possible not only to send a ready-made MSD message already formed: but also to shift this function to the modem itself, specifying the values ​​of the MSD message fields through AT commands:
The operator of the ERA-GLONASS service will display this information as follows:
For testing it is not necessary to contact NIS-Glonass at all - you can organize a test PSAP server on your side with a modem on OpenAT, you can read more here
The device that implements this functionality is placed in a metal case that can withstand a load of 40G (after all, the device must function in the event of an accident), and has a built-in battery for autonomous operation.
Also, additional requirements apply to the SIM card - using a regular SIM card is hardly acceptable here, because In the event of an accident, the mechanical contact of the SIM card with the device may most likely be broken. Here comes their counterparts for use in embedded devices - SIM chips that have two main advantages compared to SIM cards:
1) Best contact due to the lack of mechanical connections - the SIM chip is soldered to the board, and not inserted mechanically into the holder,
2 ) Extended temperature range (-40 ... +105 degrees Celsius), as well as increased resistance to the effects of dust, damping, humidity, shock, corrosion, chemically aggressive environment.
Also, for SIM chips, cellular operators (MTS, Beeline, Megafon) provide advanced service (though not cheap) for M2M telemetry, for monitoring and monitoring devices equipped with this chip. You can, for example, introduce restriction bars to prevent situations when an object is roaming and, therefore, large amounts of funds begin to flow from the account.
In conclusion of this section, I would add that the idea itself has many advantages, moreover, it is really useful and necessary, but with all this it is not without flaws. The infrastructure of Russia is not fully prepared for the implementation of this technology - only 97% of the territory covers cellular communication, therefore emergency assistance will not be available everywhere. Moreover, even in densely populated areas there are areas where cellular communication does not work or works very badly. For example, in South Butovo, I know a place where using cellular communication is quite problematic - sometimes it does not exist at all. Negligence cannot be overlooked - it happens that by calling the police, the ambulance, you can never wait for the result, get a refusal to leave, although the situation is really urgent. Or do not call. At all,Many Russian state projects in the field of information technologies are implemented on the “troika with minus” - take as an example at least the “Gosuslugi” portal, which with enviable consistency pleases us with “Communication error with the department” and “Internal server error”, moreover, at the very last stage of the application, when it has already spent a lot of time to fill in all the data ... But even if it is not possible to achieve 100% of the efficiency of this project, the implementation will still not be meaningless, because in any case it will reduce the death rate The level of injuries on the roads of our country will also allow working with emergency services of other countries when traveling internationally.which with enviable consistency pleases us with “Communication Error with the Office” and “Internal server error”, moreover, at the very last stage of the application, when it has already spent a lot of time to fill in all the data ... But even if it is not possible to achieve 100% of the effectiveness of this project - all the same, the implementation will not be meaningless, because in any case it will reduce mortality and injuries on the roads of our country, and allow working with emergency services of other countries during international travel.which with enviable consistency pleases us with “Communication Error with the Office” and “Internal server error”, moreover, at the very last stage of the application, when it has already spent a lot of time to fill in all the data ... But even if it is not possible to achieve 100% of this project’s performance - all the same, the implementation will not be meaningless, because in any case it will reduce mortality and injuries on the roads of our country, and allow working with emergency services of other countries during international travel.because in any case, it will reduce mortality and injuries on the roads of our country, and allow you to work with the emergency services of other countries during international travel.because in any case, it will reduce mortality and injuries on the roads of our country, and allow you to work with the emergency services of other countries during international travel.
Remote alarm access devices: tags, key chains, gsm devices
In the current implementation, my device acts as a slave alarm. For remote door opening is a full-time alarm with its own remote controls. But let's consider the options for customization of homemade alarm for remote access to the alarm system for remote monitoring, removal / arming, unlocking / locking the doors, their advantages and disadvantages in terms of security (i.e., ACS car devices):
1) the usual key chains with one-way / two-way data transmission channel - surely each of you has. Press the button - the car is disarmed and the doors are unlocked. Push again - the doors are locked, the car is armed. When unlocked / armed, the key fob sends a fixed unique code to the alarm (usually at 433 MHz). The alarm checks the code in its database - if it matches, the code is accepted. The disadvantage is obvious - when applying code grabber, we listen to the broadcast, and at the moment when the owner of the car presses the key fob button, we just stupidly write down the code that the key fob broadcasts on the air. In the future, an attacker can reproduce this code and unlock the machine.
2) The further development of alarms in this direction was KeeLoq “jumping code” technology - here the code changes every time, and if we intercept the code passed by the grabber, this will not help us. Nevertheless, the attackers and KeeLoq found an approach. All the mathematical power of this technology negates the physical implementation - no one tries to pick up the code. Instead, the parcel is spoiled, remembered, and transmitted the next time. The fact is that each bit of the KeeLoq package is encoded with three bits. The first bit is 0, then the significant bit, and the last is 1. If the grabber turns on the transmitter in place of the third bit (jam the alarm receiver), then the signal for the alarm will be corrupted and will be rejected. We will remember the signaling code in this way, and in the future we will be able to use it (if, of course,before that, the alarm system will not successfully receive the next parcel from the remote control). You can also take into account the fact that 3 identical packages are sent by the keyfob. It is possible to drown out the first half of the first parcel and the second half of the second, the third one completely - the signaling will reject the transmission, and we will have a working code. In the end, KeeLoq’s mathematics was really strong, but it was reduced to no physical implementation.
3) KeeLoq has been replaced by a dialogue code technology (using asymmetric encryption algorithms and 2.4 GHz frequencies), which is now used in modern signaling. No one has yet succeeded in breaking it, and the alarm manufacturers are so sure of the breaking resistance of this technology that the same StarLine offers 1 million rubles to anyone who can crack such an alarm. This million rubles has not been paid to anyone yet. Let's see how communication between the key fob and the alarm goes: When a new key fob is prescribed, the public key of the key fob is transferred to the alarm memory, and the Diffie-Hellman algorithm is used to transfer the keys on the open communication lines.
Implementing yourself is quite realistic, although it is quite expensive. In this regard, you can look at the STM32W microcontrollers with AES hardware encryption accelerator, working with 128-bit keys, and a 2.4 GHz transceiver. STM32W allows you to work in networks of Wi-Fi, ZigBee, Bluetooth and sleep mode has a consumption of about 1 microA, allowing you to use it in key chains. There are ready-made debug kits that allow you to quickly master its wireless capabilities (~ $ 50).
4) RFID tags - used for contactless access (“hands free”), communication range - up to 10 meters. You do not need to get out of your pocket and press the button - if the label is within the range of the alarm receiver, the car will be removed from the guard mode. Passive tags do not have their own power source; they receive energy through the air from an alarm by pointing currents on the built-in antenna. Active - have a built-in battery, which allows to reduce the power of the alarm reader and increase the range of communication. In general, tags operate at 2.4 GHz frequency (as the communication range increases with increasing frequency), and the communication range with the alarm reader is up to 10m.
5) Relatively recently, GSM-devices began to be used in automobile access control systems - removal / arming from cell phones and smartphones. And more and more often, looking at the future of car alarms, they speak of a complete rejection of key fobs in favor of GSM devices - smartphones, cellular. But in its pure form, this undertaking stumbles upon a rake: there is no 100% coverage of the territory by cellular communication, there is a high probability of remaining in a remote area with a blocked car and a dead smartphone, the need to pay for communication. Plus, users themselves are not yet ready to abandon the use of key fobs. However, everything is moving towards the fact that in a short time we will come to the tag + smartphone tag, and the use of key fobs will be a thing of the past.
In the case of smartphones, the main disadvantages - paid gsm-connection and insufficient network coverage - can be nullified by providing Wi-Fi signaling with the module, which will be discussed further.
Providing Wi-Fi access to signaling
In modern mobile devices - telephones and smartphones, and also netbooks and tablets - there is built-in support for Wi-Fi, which can be used for remote direct access to our device, bypassing the server. Consider the most popular solution - the WiFi module MRF24WB0MA worth $ 22 from Microchip:
- unfortunately, it’s not directly connected to our STM32, to use the module, you will have to use the PIC microcontroller layer (however, Microchip’s supporting TCP / IP stack, which doesn’t affect the product price) this module (however, for me this is not a problem, because I went up on PICs). The module itself is connected to the PIC via SPI, and already with the PIC it can be connected to our STM32 via spi / i2c / uart. The module itself has good functionality: built-in accelerator for AES / RC4, support for WEP, WPA-PSK, WPA-2-PSK. Range - up to 400m. consumption in sleep mode - 250 uA, hibernation - <0.1 uA. The library itself, among other things, has SSL support. By the way, I will note that this library works in the same way as with Microchip Wi-FI modules,and wired ethernet (ENC28J60, etc.). That is, when you work with this library, it makes no difference whether you work with a Wi-Fi or Ethernet module - the software interface is the same. You can read more about the library.here .
Developing software for mobile devices
Starting from this section, I abstract from hardware implementation and will only consider software implementation of satellite car alarm on the server side and mobile devices.
Recently, mobile GSM-devices based on iOS operating systems (iPhone, iPad), Android, Windows Mobile, Blackberry, etc., have proliferated, and recently a wider range of household equipment begins to acquire support for remote control from these devices. Manufacturers of automotive GSM alarms, which quickly launched applications that allow them to control and monitor cars from smartphones, did not stand aside. You can add such support to our alarm system, which already knows how to interact with the WEB server (see the section on using the TCP / IP stack of SIM900). The WEB server will act as an intermediary here - your mobile application connects to the server, and the server already interacts directly with the alarm.The mobile application itself implements the following main functions:
1) View on the map (Google.Maps, Yandex.Maps or OpenStreetMaps) the current position of the car
2) On-board computer - sensor readings, temperature, voltage, how much is left before the replacement of consumables, etc.
3) Arm / Disarm
4) Remote engine start
5) Optionally - view photos from cameras, etc.
The main stumbling block is the need to learn Objective-C and other languages ​​to develop your mobile application for various platforms. Here universal solutions like PhoneGap come to the rescue:
PhoneGap is an OpenSource environment that allows cross-platform development of applications for almost all known platforms (iOS, Android, etc.) on HTML5, using Mobile jQuery and CSS. The application is actually a web page that has access to the hardware peripherals of the smartphone (accelerometer, camera, GPS, etc.). PhoneGap is not without flaws, and in industrial applications it is necessary to abandon the cross-platform approach in favor of the native - Objective-C. But at first it serves as a good service (especially for those who, by the nature of their activities, are already associated with web development), allowing them to provide support for their “small bloodshed”.
You can read more about PhoneGap here
. Web server software
It's time to deal with the implementation of a web-server that will mediate the interaction of alarm systems and devices that have an Internet connection (smartphones, netbooks, tablets, ordinary computers, etc.). In our case, the Web server performs the following functions:
1) Receives data from gsm alarms and gives them the current settings
2) Provides a web interface to alarm owners for monitoring and managing alarms
3) Provides access to data from mobile applications (for devices running iOS, Android and etc.)
4) Provides an XML API interface for uploading data to client servers. You
can see a good example of implementation at http://panel.car-online.ru/ and https: // p-on. ru /
For hosting it is better to choose cloud hosting - in this case you are not strictly limited in resources, there is the possibility of flexible scaling of computing power. In contrast to the VPS hosting, here the payment goes only to actually consumed resources (with a VPS, you have to pay for resources that are idle most of the time + a hard resource limit).
Further on the structure of server applications. At first and at low load, LAMP (Linux-Apache-MySQL-PHP) turns out to be the simplest and most common solution.
But those who are honed to such an approach, very quickly begin to regret it. :-)
Time passes, the load grows, and a moment comes rather quickly when the current architecture stops coping with its tasks. Then come the thought of Highload. There is far from one approach, and as an example I will consider Open-Source a bunch of nginx + varnish + memcached + php-fpm + eaccelerator (+ PHP, + MySQL). A little about what it is.
• Nginx - web-server, which is usually used to give statics. Popular architecture in which nginx acts as a front-end, proxying requests for dynamic pages on Apache (back-end), on which server scripts are already running. But you can (and should) completely abandon the use of Apache by hanging its function on a more lightweight nginx.
• php-fpm - PHP FastCGI Process Manager - is in our case the “connecting bridge” of PHP for working with nginx. Php-fpm allows you to efficiently use PHP in FastCGI mode on highload projects.
• eAccelerator - a tool that allows you not to interpret the PHP code every time. Once interpreted, we keep the code in memory for later use - saving of processor time and access to disk resources is obvious.
• Memcached - in-memory data caching server. MySQL database servers are good, but they spend time querying and reading from slow storage devices — hard drives. Much faster data can be selected from RAM, so the logic of work here is this: Make a request to memcached, if there is no required data (empty), then make a request to the MySQL database server, and send the answer to memcached. Those.MySQL acts as a slow back-end solution, and Memcached as a fast front-end. We apply to the back-end only once - in order to place the data in the front-end and in future to access this data only through the front-end (for now, of course, they will not lose their relevance).
• Varnish is an HTTP accelerator that allows you to cache content. In some ways, this is an analogue of Memcached, then for substantially large amounts of data. Varnish saves pages in virtual memory and, if necessary, drops them onto a hard disk. We can logically split each page into its component blocks (footer, header, news block, etc.) and specify our own caching rules for each of the blocks. In the end, we get a gain in the speed of return of pages, and unload the back-end part of the server from repeated requests.
From additional measures, look in the direction of switching MySQL to tmpfs, build up the indexes of the tables, use the InnoDB data storage engine (suitable in our particular case), the sysctl setting.
Let's look at one of the possible architecture schemes, with SSI inclusions. In the first case, the original, we have an empty cache, the back-end (PHP + MySQL) is involved, but in the second it is not used, we receive data from Varnish and Memcached:
- in the first case, nginx refers to Varnish for a page that does not exist in the cache - because the request goes to the back-end (PHP + MySQL). The SSI inclices cache is stored in Memcached with us - and since it is empty there, then Nginx makes a call to the back-end part, which gives the result to nginx and simultaneously stores it in the cache via Memcached.
In the second case, we no longer pull the back-end part, the data is taken from the Varnish cache and Memcached.
The foregoing is not a universal solution — the Highload architecture of the project is specific to each specific task — it is required to implement the solution on the test server and conduct load testing — try to simulate the work situation as fully as possible, taking into account the maximum predicted load growth volumes. And you can never stop there. “I did everything, everything works, you can breathe with relief and relax” - this does not happen. All the time you need to think a step forward, predicting the possible development of the current situation.
Ways of further development
The device already performs many functions - it is an alarm system, an on-board computer, and a telecommunication service (ERA-GLONASS / eCall) in one bottle, with access via the Internet. Designed for both passenger cars and trucks, and for real estate. But there is no limit to perfection. If we want to equip our car with electronics, then we have to purchase disparate devices - a radio tape recorder, a navigator, a DVR, etc. We have to stick around the windshield with them, which narrows the visible area and attracts once again dishonest people to the car. There is currently no decent device on the market - a “media combine” replacing the above devices, creating a single entry point for all functions and well integrated with the standard equipment of cars. Even China has not yet succeeded in this regard.A rather significant step forward in this direction was made by Mirk:
- solution on ARM11 running WinCE with a gsm-modem, gps / Glonass receiver, which allows you to connect audio-video sources and display the image both on individual displays and on standard cars. Integrates with standard Lexus / Toyota / Subaru / Nissan systems and other vehicles. The idea is not bad, it is really a significant breakthrough. The breakthrough, reduced to "no" by realization - the device is still too raw, having problems in operation and shortcomings of realization, a high price.
Thus, this area still remains untapped, worthy, strong and accessible to most solutions are not here. The information provided in this article on the development of satellite signaling can be a good springboard for developing a competitive device. As a basis, the Raspberry Pi single-board computer with ARM11 immediately arises, the functional equipment of which can be expanded. :-)
As a conclusion,
we have literally made out the main points of the development of automotive satellite GSM-alarm systems, from time to time, literally in two words. :-) I made sure on my own example that the devil is not so terrible as he is painted, and everything is really done on his own, only time and patience are needed. In fact, it is important to remember the golden rule: “less is more and more is better.” In an effort to embrace the immense, to endow their device with as much functionality as possible, manufacturers often lose in quality of execution. It is better to outline a circle for yourself, to cut down your Wishlist, to do less, but on the other hand, with high quality and dignity, having worked out all the details in detail.
In the article I considered only satellite systems, leaving aside radio searching. On the one hand, radio search systems win over satellite - less power consumption, work in enclosed areas (the signal makes its way through metal boxes, underground garages, etc.), the transmitter can be placed anywhere in the car (in doors, hidden body cavities, etc.) d.) But on the other hand, there are also disadvantages: insufficient coverage of the territory with radio beacons, a relatively high subscription fee, the impossibility of displaying the position of the protected object on the map, the inability to develop your own radio search device - unless you put only your radio beacons in the city, which is quite expensive) Plus the advantages of radio search systems You cannot demonstrate to the end user visually with the example of the operation of the device.Few of you will decide to pay a tangible amount of money for the unit, which is not used for their own purposes, whose work will not be visible to him. Those.it is important for the consumer to “touch” in what he acquires. Satellite systems in this regard significantly benefit. And there is nothing surprising in the fact that they significantly benefit from sales, and radio search is still in the shadow, despite all its advantages.
As for the car alarm system, I strongly recommend not to be content with the standard equipment, but to install gps-beacons into the hidden cavities. In addition, to glue over the windows with an armored film and insert pins into the doors is not only an additional measure against car theft, but also a real protection against theft of things in the cabin. In addition, it has long been the de facto standard to install an electric hood lock and a Garant type lock on the steering wheel + digital relays (based on current keys) on the main circuits of the machine that are locked if the alarm is disabled - if the alarm supports their installation. We often feel sorry for the money - we wave our hand, we think that the car is not worth it. And we regret only when it is too late to change anything ...
PS I think many of you have noticed that the video at the very beginning of the article is “replayed” to lure customers - the alarm certainly does not send any data to the satellite, such alarms are called satellite only because they receive data from GPS / Glonass satellites. To send information to satellites, you need a good dish. ;)
UPD 09/06/2012: 2G (sim900) modules can no longer be used in ERA-GLONASS systems in accordance with the new GOST R 54620-2011, this requires 3G modules (for example, it works with the SIM5320 3G module).
Bibliography
1) Satellite speedometer on STM32F1 and FreeRTOS
2) Draft national ERA-GLONASS standards. I express my gratitude to Ya. A. Domaratsky, Director of the Subscriber Device Development Service of the Federal Operator "NIS-GLONASS", for the materials provided.
3) Sources of a car gps-tracker based on ATmega128
4) Sources of gsm-alarm for 2 sim cards, iButton, dtmf-decoder
5) Sources of GPS tracker on STM32
6) Sources of GPS-tracker on STM32F10x
6) GOST R 54620-2011 “Automotive system call emergency services. General technical requirements "
7) Order of the Ministry of Transport of Russia dated 31.07.2012 N 285 - interesting description of the transmission protocol of telematic information and the procedure for calling emergency services
I finally decided to write a continuation of the article “Satellite speedometer on STM32F1 and FreeRTOS” .
Let us consider how to make car satellite signaling with a web-interface with your own hands - the main ideas, the element base, technical details of the implementation. I note immediately that the cost comes at the level of one and a half thousand rubles (in the basic version), while industrial analogues (together with the installation) come out in the region of 30-50 thousand rubles. There is no subscription fee - there are only expenses for cellular communication (about 100 rubles per month. With a competent approach to minimizing the transmitted traffic - about 60 rubles will go away per month, or even less). Thanks to the support of Glonass, an additional advantage appears in connection with the expected 100% equipment of the Russian fleet with Glonass systems. And at the same time, the described device carries innovative capabilities that are not yet on the market.
The device described below is universal - it can be installed and working with the same success both on Zhiguli and Lexus - both on mobile objects (cars, trucks) and stationary (houses, cottages, etc.). ). Performs 3 main functions:
')
* Informational - an analog of Volvo On Call technology. Being at a considerable distance, you stay in touch with your car, if you have any device that has Internet access (computer, netbook, iPhone, iPad, Android device, etc.) - find the location of your car, remotely start the engine, get information about its technical condition, etc. The machine is controlled and monitored via SMS / voice calls (dtmf) / site. The site is an Internet portal to which, in automatic mode, objects equipped with this device “dump” information about their current state and take settings from it for their work. It is also an automobile social network (analogous to Toyota Friends) for the interaction of objects (cars, houses) and people.
* Security - includes:
a) label with 2.4GHz dialogue code based on STM32W, for automatic access to the object.
b) protection against jamming of the gsm signal (constant monitoring of the communication channel by the server + detection of the fact of jamming by the alarm itself)
c) the gsm / gps / glonass tracker function - if the car is stolen or placed at a car park, you can find out its current location.
d) hidden video surveillance - by rs485 video cameras consisting of STM32F4 and cmos-cameras on board are connected to the alarm system.
d) digital relays - even physically removing or disabling the alarm, the attacker will not achieve anything - the relays de-energize vital circuits and cannot be activated anymore, even directly supplying power to them. Also, digital relays control the pins in the doors — even if the attacker breaks the windows and / or breaks the lock locks — he cannot open the door, even breaking the lock — the doors will interfere with electronic pins in the doors that can only be unlocked by an alarm.
e) as an accessory, 1 or several gsm / gps / glonass beacons, also self-made, are used. Because for the reasons described below, the use of signaling alone is not enough. It is also recommended to use the hood lock, steering lock (for example, the Guarantor), armored film for glass (breaking glass to steal your belongings from the salon or to get inside will be extremely problematic - it protects even from the airgun bullets)
* Rescue - a car equipped with this device will be able to independently call emergency services, even if the driver and his passengers are no longer able to take any action. To realize this opportunity, the device has the support of eCall / ERA-Glonass technologies. Installation of such devices, according to forecasts, will be able to save 2,500 lives a year in Europe annually, 4,000 lives a year in Russia and a 14% reduction in the consequences of injuries in road traffic accidents.
* Logistics - for shipping companies. Monitoring and tracking the movement of vehicles, accounting for fuel consumption in the fleet, etc.
In order to show more clearly what is being discussed, I’ll give a video from the industrial version of this device (which, by the way, has less functionality at a significantly higher price):
And now - how to implement all this independently, ideas in general. In the end, we consider the implementation on STM32 microcontrollers.
1. The overall structure of the system.
- as I wrote earlier, the device is suitable for use not only in mobile objects (cars, trucks, etc. - “Smart car”), but also in stationary (apartments, houses, cottages - “Smart house”). In general, car satellite signaling, as practice shows, turn out to be a good substitute for “Smart Home” systems for automation and security of apartments, cottages and other real estate objects. Of course, they cannot compete with such systems as “Smart Home”, such as LonWorks, Legrand and Bticino, but they can easily solve tasks that are priority for the consumer in automating their homes - security, remote monitoring and control, video surveillance, and so on. The consumer is not always ready to lay out for automation the money that costs systems like LonWorks - he needs a budget solution, which can become a car satellite alarm system. As an illustrative example, the resource http://home-online.ru/solutions.html
In the case of the “Smart Car” application, the device is placed in a metal case capable of withstanding loads of up to 40G, in which the alarm itself and the backup battery are placed. This is a requirement of the ERA-Glonass standard - a device in the event of an accident and subsequent possible fire should be able to contact emergency services and transfer the coordinates of the car, even if the driver and his passengers are no longer able to take any action on their part. In addition, instead of a SIM card, a SIM chip is used (for more details, see the GSM-module SIM900 section below).
In the case of the “Smart Home” application, the device is placed in a conventional compact plastic case with a battery for placement in a hidden place for an attacker, while its power part is placed in the case for mounting an electrical cabinet in a DIN rail:
Consider now the structure of the device itself, in the case of automotive applications:
To remove data on the condition of the vehicle (engine speed, oil and fluid pressure sensors, etc.), use the connection to the vehicle's diagnostic connector using CAN / LIN. In case our device does not support this brand of car, it is used to connect directly to the sensors and actuators of the car - tachometer / generator, nozzles, oil pressure sensors, coolant level, etc.
You can do without the immobilizer crawler, if the immobilizer supports remote start - this is set in its settings. Otherwise, you will most likely have to sacrifice one of the tags and use the crawler.
Setting up my alarm is done via USB - I use the USB CDC class in the STM32, so on the computer side the device is defined as a normal com port, and you can work with it through any terminalka (I use Putty).
Volume sensor - a standard external sensor is used, and an accelerometer can be used as a tilt sensor in the device itself - for example, LIS203DL (plus the fact that this accelerometer is installed on the stm32f4-discovery debug card and there are well documented examples of working with it).
To implement the autostart function in the case of manual transmission, we must be sure that the car is not in gear. To do this, the user must either get out of the car and set it to arm without shutting down the engine (arming with the engine running), or install reed switches at the gearbox (the implementation is described here )
Cameras on STM32F4
The element base of cameras is represented by a microcontroller STM32F407 + CMOS-camera + external memory. They are connected to the main signaling unit through the RS-485 interface (at the physical level, while the application uses ModBus ). The best option is to place the cameras as follows:
Cameras work in the mode of photographing. The STM32F4 microcontroller was not chosen by chance - it has a built-in synchronous parallel interface of the DCMI camera, which allows you to connect cmos-cameras up to 1 megapixel. Among others, it has a Snapshot mode, which is used. Using the direct memory access (DMA) mechanism, the data from the camera is immediately placed by the array in external memory connected via the microcontroller's FSMC interface - the computational resources of the kernel are not used. After the frame has been recorded, we transfer the data into a JPEG format - then they are sent via RS-485 to the central unit and are used to send a photo message to the system’s site and to create an MMS message with a photo (there is no computational load on the STM32 microcontroller - we stupidly receive from cameras and send further (to the server and in the form of mms) jpeg-data without processing them. The MMS modem is already engaged in the construction of an MMS message.
By the way, the use of cmos cameras with conventional microcontrollers is complicated by the fact that the same OV7670 camera is not able to transfer data with a frequency of less than 10 MHz + data from it needs to be placed somewhere. Therefore, to use cameras with conventional microcontrollers (as well as FPGAs), FIFO buffers are very often used, for example, AL422B, whose memory capacity is enough to store 1 frame of camera image:
The device of the main alarm unit
The main components of the main unit are microcontroller stm32f103, gps / glonass module, gsm-module SIM900.
GPS / GLONASS module
At the moment I use the well-known gps EB500, but it is planned to switch to GPS / Glonass module Geos-3M . If you compare it with the ML8088s / GL8088s, nv-08-c, then it differs favorably from the first one by its power consumption (judging by engineering samples), from the second by the price ($ 28 retail, $ 15 opt). By the way, it is planned to use GPS / Glonass module Geos-1M in e-mobiles.
Using instead of the usual GPS dual GPS / Glonass module gives us two main advantages:
1) Using the GPS + Glonass mode allows you to improve the accuracy and success of determining the coordinates (because we have more satellites available - not only GPS, but also Glonass).
2) Now the commercialization of Glonass technology is gaining momentum. Already at the legislative level, the installation of Glonass terminals is required for installation on a number of vehicles. Therefore, the support of Glonass in the automotive device is an additional competitive advantage, ensuring its attractiveness in the market.
Working with the module does not cause problems - the module takes over all the mathematical processing, producing text lines with ready data (NMEA protocol). On how to organize their analysis and work with the module on the STM32 microcontroller - I wrote in the last article, "Satellite speedometer on the STM32F1 and FreeRTOS" . By the way, the Geos-3M module supports data output in binary form.
When using such modules, the main problem is the increased noise level at the parking lot, which is expressed in the drift of coordinates and speed on a fixed object. And during the night, a car, if no additional measures are taken, can wind up more than one circle on the map, while remaining in reality still all the time. The best solution to this problem without the use of additional components, which I know is to control the change in azimuth while calculating coordinates (do not take into account when a small change) - with this approach we do not take into account garbage, and we get savings in memory and traffic.
In any case, any kind of mathematical processing of the GPS / Glonass module is not ideal - even in the best case, it turns out that we do not take into account the low speed and a small change in coordinates. In the case of automotive applications, the use of a 3-axis gyroscope and an automobile speedometer, together with the Glonass / GPS module, is capable of fundamentally solving this problem. As such a gyro you can take, for example, L3G4200D ($ 19). For automotive use, the A3G4250D gyroscope has already been announced, but it is not yet available for sale. Such a gyro works on the I2C / SPI bus:
So, how do we help connecting the gyroscope and speedometer?
a) we get the opportunity to quite easily beat the drift in the parking lot - discard false data about the speed and change of coordinates in the parking lot with GPS / Glonass
b) When GPS / Glonass signals disappear, we get the opportunity to continue to conduct geographical positioning on the speedometer and gyroscope - continue to track.
In the parking mode, when the car is stationary, the GPS / Glonass module tells us that we are moving at a low speed, the coordinates are drifting. But from the gyroscope we get zeros, which gives us reason to believe that we are standing still and the module readings can be ignored. When the GPS / Glonass signal disappears in motion, we take the speed information from the speedometer, and the information about the bends (angular speeds) from the gyroscope.
By implementation - we don’t really care what speed sensor is used and where it is taken from in the car. Almost everywhere the amplitude of the speed signal is 12 volts, the difference is only in the number of pulses per second. Here you can simply enter the self-calibration - in the movement by GPS / Glonass automatically determine how many pulses per 1 meter of the path, and memorize the resulting constant.
It is also necessary to enter the temperature calibration of the gyroscope using GPS / Glonass, since its side effect is temperature drift.
It should be noted here that calculating the path according to the readings of the gyroscope and speedometer using the Cortex M3 is a very dubious task. The data must be sent to the server, on which the calculation will be made. But if we are ready to abandon Glonass, leaving only GPS, you can look at the LEA-6R GPS modules - it has a DR (dead reconing) function that allows you to connect additional path information channels directly to the module — a gyroscope and a speedometer. Accordingly, both the microcontroller and the server are unloaded in this case in terms of calculating the coordinates - the module itself is already engaged in this, producing ready-made NMEA data. Which significantly reduces the time and complexity of the development of the finished device. It is a pity, but such decisions that support Glonass are not visible on the horizon: - (
And now - it's time to consider working with a GSM modem.
GSM / GPRS SIM900 module
Previously, the use of the sim300 gsm module was common in embedded systems, but soon a sim900 ($ 21) came to replace it, and after a while, its lightweight budget version sim900r began to be released (unlike sim900, this is a dual-band module with reduced program memory and with restrictions on use in countries - only in Russia and bordering countries). The SIM900 is a quad band (850/900/1800/1900) GSM / GPRS module with an integrated TCP / IP stack. Allows you to send MMS-messages, has built-in support for the application layer protocols HTTP, FTP, and in the latest firmware - DTMF decoding, GSM jamming detection (Jamming Detection) and eCall / ERA-GLONASS rescue systems (the latter will be described in detail below) ). You can control the modem using AT commands, connect via UART or I2C.
Diluting a board for this module for debugging on your own is a thankless task, especially since the debug board for this module is quite inexpensive - $ 65, so I recommend taking it:
To support Era-Glonass, DTMF decoding, etc. You need to update the firmware - to do this, contact the distributor in your region (I applied to MT-Systems), then flash it through the debug-port.
Debugging work with the module is more convenient from the computer. Fortunately, I initially put USB support into the device for setting the settings, I did this: I connected the library from ST to implement USB CDC - class, which made it possible to communicate with the device through any terminal that works with a serial port (the device is seen as a virtual computer in the system). port). The device sends commands to the SIM900 module, while echo-repeater is turned on in the module - i.e. all that he sends, he sends back, along with the answer. And the microcontroller sends the entire response from the UART from the SIM900 via USB to me at the terminal. Those. in the process of device interaction with the SIM900, the whole communication process + is clearly visible on the screen from the terminal, it is possible to manage the communication process by setting unique breakpoints. This greatly simplifies the writing of the functionality for working with the SIM900 and its debugging.
Getting started with the SIM900 module is described here and here , so I’ll focus on the most interesting points:
SIM900: GPRS
The device, by default, once per minute sends data (current coordinates, vehicle speed, etc.) to a web server and receives settings from it. Let's take a simple example to see how you can implement sending data via HTTP to your server (the operator in our case is MTS):
< AT+CREG? // , <br>
< AT+CGATT=1 // GPRS<br>
< AT+CSTT=”internet.mts.ru” // .<br>
// – IP START<br>
< AT+CIICR // , IP START. GPRS-. – IP GPRSACT<br>
< AT+CIFSR // IP-<br>
< AT+CIPHEAD // IP- <br>
< AT+CIPSTART=”TCP”,”www.tzit.ru”,”80” // , IP INITIAL IP START<br>
< AT+CIPSEND // CONNECT OK. , , . «> »:<br>
< GET /cgi-bin/sim900.pl?device_id=123&gsm_lac=111&gsm_ci=222&led=0<br>
< Host: www.tzit.ru HTTP/1.0<br>
< // www.tzit.ru HTTP 1.0 /cgi-bin/sim900.pl GET device_id,gsm_lac,gsm_ci ledSIM900: Protection against GSM signal jamming
An attacker can easily break the connection of our device with the server via the GSM channel, and for this it has 3 ways:
1) GSM signal jamming
- With the help of such a simple device worth $ 119, you can silence 3G / GSM / CDMA modems within a radius of 5-20 meters. And the disturbing channel of communication of satellite gsm signaling with the server will be broken.
2) Substitution of the cellular operator's base station
There are devices that fit in the case and allow you to impersonate the base station of the cellular network:
The GSM modem of the device will not be able to distinguish the real base station from the fake mobile one, and in the event of an alarm it will not be able to send data on the alarm channel.
3) SIM card cloning.
- the number used by the gsm-alarm system has a second SIM card, which is in the hands of intruders. And if you muffle the alarm signal with a jammer from claim 1, then a device with this number (with an attacker) will be available and will not give alarms. If the alarm check is based on a periodic dial-up, then dialing will be carried out on a fake SIM card, and the alarm will not trigger.
4) Field detector for detecting radio repeaters (including GSM devices)
- used to localize the installed alarm. You can buy for $ 43 such a miracle device:
- allows to detect radio transmitters emitting in the range of 1 MHz to 2.6 GHz. The screen displays the radiation frequency of the device and the signal level, which allows you to find the location of the alarm installation and neutralize it.
To protect against p.4, they install gps / gsm-beacons in addition to the standard signaling system, which will be discussed in the section “SIM900: Using custom applications. GPS / Glonass - beacons. ".
To protect against Clauses 1 and 3, the SIM900 module supports the Jamming Detection function, designed to detect attempts to jam the signal - this is what the AT + SJDR command is for. If the modem is jammed, the message “+ SJDR: JAMMING DETECTED” will be displayed. Of course, the modem will not have time to contact the server and transmit the alarm data. But the device can turn on the siren, block the car and remember that it was jammed - after the connection is resumed, this information will go to the server.
To protect against all the above points in modern satellite gsm alarms, they use GSM channel monitoring. The bottom line is that the gsm-modem binds to the server with a given frequency - for example, it sends data via HTTP. If during the last N minutes the modem has not contacted the server, this is a reason to raise the alarm and call / send SMS from the server to the owner of the machine. Of course, this is not a panacea for 100% of cases - somewhere just a bad reception of a GSM signal. In other cases, the attacker can affect the human psyche - periodically jamming the signal and forcing the owner of the car to run out to his car. After some time, the owner will get tired of this and he will turn off the control of the communication channel, thereby giving the car a green light to the hijacker. But nevertheless, control of the communication channel turns out to be a tangible help in solving the problem of protection against theft.
SIM900: Get coordinates in the absence of GPS / Glonass signals
About the current location of the car, we get the coordinates from the GPS / Glonass - satellites. But a situation may arise in which the receipt of these coordinates is impossible (for example, there is no signal). In this case, the calculation option in the coordinates via the link speedometer + gyroscope I already considered above. But there is another solution - the base stations of the cellular operator can come to our aid, one of which we are connected to. We can get information from base stations such as LAC and CELLID (area code and base station identifier, respectively). This information uniquely identifies this base station among other current cellular operator. And the coordinates of the base stations are widely known. Therefore, knowing which modem the base station is connected to, it is possible to determine the geographical coordinates (longitude and width) of this station, and thus the approximate coordinates for finding the modem itself. Geographic coordinates for lac and cellid base stations can be obtained through the Yandex API, Google, opencellid.org, location-api.com. By the way, mobile operators do not publish the coordinates of their base stations in the public domain. Therefore, the same Yandex receives this information from its users who have downloaded Yandex applications and have a gps receiver on the phone.The Yandex application receives the cellid and lac of the base station from the gsm modem of the phone, and from the gps receiver, the current geographic coordinates, and sends it to the Yandex server, and the lists of the geographic coordinates of the Beeline, MTS and Megaphone base stations are updated.
So, we want to determine your coordinates by GSM. To do this, the SIM900 module needs to issue the AT + CREG = 2 command - it will issue a response in the + CREG format: <stat>, <lac>, <ci>. Also, we will automatically receive this answer when the modem of the current base station is changed. Then we transmit these via GPRS to our server. The server on the basis of this data takes geographic coordinates from its cache, and in the absence of the cache, it makes a request for one of the services for determining the coordinates of base stations - for example, Yandex, and we get coordinates in the format. More details on the use of these services can be found at http://www.xakep.ru/post/48378/
As a result, the user on the site is given a map with a shaded area, which shows the approximate location of the vehicle based on gsm coordinates.
The AT + CIPGSMLOC command appeared in SIM900 modems not so long ago, immediately immediately issuing the geographic coordinates of the gsm network. But she doesn’t carry anything fundamentally new in herself - this command performs everything that I wrote above. Receives lac, ci, sends them to Google and gives the result.
At the same time, I note that some modems have the ability to consistently connect to everyone in the BS in sight. This can be used to clarify the gsm coordinates - in this case we can find out the lac, ci of all the nearest BSs, find out the geographical coordinates from them - they will be the vertices of the polygon where our module is located:
SIM900: Using custom applications. GPS / Glonass - beacons.
Car satellite signaling is, of course, good. But it can be found and deactivated. For example, using the field detector discussed above. Gps / gsm beacons, which are miniature devices with a GPS (or GPS / Glonass) receiver, a GSM modem and a battery, come to the rescue. Such beacons are difficult to detect visually, because they are well hidden in the hidden places of the car. Field detector is difficult to identify them - because most of the time, such a beacon just sleeps, only occasionally waking up to register on the network, transmit its coordinates to the server, and fall asleep again.
The question may arise - what about the microcontroller? The answer is - it is not needed. In modern GSM modems there is a special memory area for launching user applications. For example, the Sierra Wireless modems use the OpenAT operating system, in which your programs can run. And SIM900 supports Embedded AT technology - you simply create your program in the SIM900DevIDE environment, load it with firmware into the modem - and enjoy life. There is no need to spend money on a separate controller - the modem itself will take data from the GPS / Glonass receiver and send it to your server. Along with the SIM900DevIDE environment, there are already examples of programs, so you won't have to write your application from scratch.
SIM900: eCall / ERA-GLONASS rescue systems.
ERA-Glonass is a system designed to reduce mortality and injuries on Russian roads, based on the use of Glonass. If a person gets into an accident - a car equipped with a terminal of this system is capable of calling emergency services on its own, without the involvement of a person. There is also a manual opportunity to call them, by pressing the “SOS” button (something similar is in Volvo On Call and Lexus Link, but there are paid services there + the cost of the equipment itself is quite high). In order for cars coming from EU countries to us to receive emergency assistance in Russia, and vice versa, so that our car equipped with the ERA-GLONASS terminal can work with the western infrastructure when going abroad, there is full compatibility with the European system eCall. Those.if we have the support of ERA-GLONASS - then being abroad in the EU countries, we can use the eCall emergency response system. According to preliminary forecasts, the use of terminals of ERA-Glonass / eCall systems will allow 2,500 lives to be saved in Europe every year, 4,000 in Russia — and to reduce the effects of injuries due to road accidents by about 14%. So far there is only testing and deployment of ERA-Glonass and eCall systems. The final launch of eCall is scheduled for 2014, and ERA-Glonass is scheduled for the end of 2013 (we are optimists, however!). Since 2013, all cars produced from the assembly line should already have the support of ERA-GLONASS. But more than a dozen years will pass before most of our population have cars with the ERA-GLONASS / eCall terminal already built in,Therefore, the built-in support in our devices of these systems for a long time will carry a very significant competitive advantage, especially since in terms of hardware implementation, this support does not incur any additional material costs.
The ERA-GLONASS terminal is easy to make yourself - for this, modems that support data transfer technology over a voice channel have already appeared - the in-band modem function. Let's see how it works:
But first we answer the question - why not just use regular GPRS, SMS? The fact is that they introduce a significant delay in data transmission. In in-band modem mode, the data is transmitted instantly; the call will be given the maximum priority by the mobile operator, even in the event of a cellular network overload. If the network is overloaded, then the active calls of other subscribers will be interrupted so that your terminal can contact the service 112.
In the event of an accident (determined by the vehicle’s sensor readings), or if you press the SOS button yourself, then you make an emergency call to service 112 and send it to a PSAP server (in Russia, to the PSAP server of the federal operator NIS-GLONASS, which supports 3GPP version 8.6 .0 / 9.4.0. PSAP stands for Public Service Answering Point) MSD message (MSD-Minimum Set of Data, minimum data set) with a limit of 140 bytes, which contains the following information:
1) Control data: is the call test, can you trust these geo-coordinates, type of vehicle (passenger car abundance (class M1), city / intercity bus (M2-M3), light commercial vehicle (N1), truck (N2, N3) motorcycle - classes L1e-L7e)
2) Vehicle identification data: Your car’s VIN number
3) Vehicle propulsion storage type: what your car drives (gas, diesel, gasoline, hydrogen, electric motor) - you can specify several values ​​at the same time (if, for example, the machine uses both gas and electric energy for movement)
4) Time stamp: We specify the current date, including seconds
5) Current location of vehicle: we specify the geographical longitude and width received from our GPS / Glonass module. If you do not know, you can simply not fill in the field.
6) Direction of vehicle: the direction of movement of the machine along the magnetometer built into the terminal, in degrees, with 0 being the magnetic north. The countdown goes clockwise, in steps of 2 degrees. Those.if we have a deviation of 120 degrees from magnetic north, then in MSD we indicate 60. Or simply 0xFF, if the direction of movement is not known.
7) Location delta with respect to recentVehicleLocationN1: The difference in geographical coordinates between the current coordinates and those coordinates that were recorded at the time of the incident. These fields are also optional.
8) Number of passengers: minimum known number of passengers. If we don’t know, we specify 0xFF. Automatically calculated as follows: there are sensors in the safety belts of the car that fix if the seat belt is clicked on (for us this means that the passenger has taken the appropriate place) - the number of activated sensors and write to this field.
9) Optional additional data: any additional information (binary / bcd / xml / asn.1 / ascii), the format is not strictly regulated.
10) CRC32 - CRC32 checksum of our MSD message.
Total MSD length cannot exceed 140 bytes. The default connection is initiated by the client (i.e., us), but it can also be initiated by the PSAP server of service 112.
One of the first modems that implemented in-band modem to work with eCall / ERA-GLONASS was the SL6087 modem from Sierra Wireless. But a couple of months ago, such support appeared in the firmware for the SIM900 modems I used by SimCom. Moreover, it is possible not only to send a ready-made MSD message already formed: but also to shift this function to the modem itself, specifying the values ​​of the MSD message fields through AT commands:
AT+CMSD=”015C0681508204420014264000420D101404E80DA4C89A3B2F09905B6440E829F6829EC020301027D04303046460”
AT+CECALL="112",0AT+CMSDFORMATID=1
AT+CMSDMESSAGEID=1
AT+CMSDCONTROL=1,0,1,1
AT+CMSDVIN="WM9VDSVDYA123456"
AT+CMSDSTORAGE=1,0,0,0,1,0
AT+CMSDTIMESTAMP=2011,7,12,17,28,14
AT+CMSDLOCATION="48.300333","11.617367"
AT+CMSDDIRECTION=14
AT+CMSDRECENT1="10","-10"
AT+CMSDRECENT2="10","-20"
AT+CMSDPASGNUM=2
AT+CMSDBUILD
AT+CECALL=”112”,0The operator of the ERA-GLONASS service will display this information as follows:
For testing it is not necessary to contact NIS-Glonass at all - you can organize a test PSAP server on your side with a modem on OpenAT, you can read more here
The device that implements this functionality is placed in a metal case that can withstand a load of 40G (after all, the device must function in the event of an accident), and has a built-in battery for autonomous operation.
Also, additional requirements apply to the SIM card - using a regular SIM card is hardly acceptable here, because In the event of an accident, the mechanical contact of the SIM card with the device may most likely be broken. Here comes their counterparts for use in embedded devices - SIM chips that have two main advantages compared to SIM cards:
1) Best contact due to the lack of mechanical connections - the SIM chip is soldered to the board, and not inserted mechanically into the holder,
2 ) Extended temperature range (-40 ... +105 degrees Celsius), as well as increased resistance to the effects of dust, damping, humidity, shock, corrosion, chemically aggressive environment.
Also, for SIM chips, cellular operators (MTS, Beeline, Megafon) provide advanced service (though not cheap) for M2M telemetry, for monitoring and monitoring devices equipped with this chip. You can, for example, introduce restriction bars to prevent situations when an object is roaming and, therefore, large amounts of funds begin to flow from the account.
In conclusion of this section, I would add that the idea itself has many advantages, moreover, it is really useful and necessary, but with all this it is not without flaws. The infrastructure of Russia is not fully prepared for the implementation of this technology - only 97% of the territory covers cellular communication, therefore emergency assistance will not be available everywhere. Moreover, even in densely populated areas there are areas where cellular communication does not work or works very badly. For example, in South Butovo, I know a place where using cellular communication is quite problematic - sometimes it does not exist at all. Negligence cannot be overlooked - it happens that by calling the police, the ambulance, you can never wait for the result, get a refusal to leave, although the situation is really urgent. Or do not call. At all,Many Russian state projects in the field of information technologies are implemented on the “troika with minus” - take as an example at least the “Gosuslugi” portal, which with enviable consistency pleases us with “Communication error with the department” and “Internal server error”, moreover, at the very last stage of the application, when it has already spent a lot of time to fill in all the data ... But even if it is not possible to achieve 100% of the efficiency of this project, the implementation will still not be meaningless, because in any case it will reduce the death rate The level of injuries on the roads of our country will also allow working with emergency services of other countries when traveling internationally.which with enviable consistency pleases us with “Communication Error with the Office” and “Internal server error”, moreover, at the very last stage of the application, when it has already spent a lot of time to fill in all the data ... But even if it is not possible to achieve 100% of the effectiveness of this project - all the same, the implementation will not be meaningless, because in any case it will reduce mortality and injuries on the roads of our country, and allow working with emergency services of other countries during international travel.which with enviable consistency pleases us with “Communication Error with the Office” and “Internal server error”, moreover, at the very last stage of the application, when it has already spent a lot of time to fill in all the data ... But even if it is not possible to achieve 100% of this project’s performance - all the same, the implementation will not be meaningless, because in any case it will reduce mortality and injuries on the roads of our country, and allow working with emergency services of other countries during international travel.because in any case, it will reduce mortality and injuries on the roads of our country, and allow you to work with the emergency services of other countries during international travel.because in any case, it will reduce mortality and injuries on the roads of our country, and allow you to work with the emergency services of other countries during international travel.
Remote alarm access devices: tags, key chains, gsm devices
In the current implementation, my device acts as a slave alarm. For remote door opening is a full-time alarm with its own remote controls. But let's consider the options for customization of homemade alarm for remote access to the alarm system for remote monitoring, removal / arming, unlocking / locking the doors, their advantages and disadvantages in terms of security (i.e., ACS car devices):
1) the usual key chains with one-way / two-way data transmission channel - surely each of you has. Press the button - the car is disarmed and the doors are unlocked. Push again - the doors are locked, the car is armed. When unlocked / armed, the key fob sends a fixed unique code to the alarm (usually at 433 MHz). The alarm checks the code in its database - if it matches, the code is accepted. The disadvantage is obvious - when applying code grabber, we listen to the broadcast, and at the moment when the owner of the car presses the key fob button, we just stupidly write down the code that the key fob broadcasts on the air. In the future, an attacker can reproduce this code and unlock the machine.
2) The further development of alarms in this direction was KeeLoq “jumping code” technology - here the code changes every time, and if we intercept the code passed by the grabber, this will not help us. Nevertheless, the attackers and KeeLoq found an approach. All the mathematical power of this technology negates the physical implementation - no one tries to pick up the code. Instead, the parcel is spoiled, remembered, and transmitted the next time. The fact is that each bit of the KeeLoq package is encoded with three bits. The first bit is 0, then the significant bit, and the last is 1. If the grabber turns on the transmitter in place of the third bit (jam the alarm receiver), then the signal for the alarm will be corrupted and will be rejected. We will remember the signaling code in this way, and in the future we will be able to use it (if, of course,before that, the alarm system will not successfully receive the next parcel from the remote control). You can also take into account the fact that 3 identical packages are sent by the keyfob. It is possible to drown out the first half of the first parcel and the second half of the second, the third one completely - the signaling will reject the transmission, and we will have a working code. In the end, KeeLoq’s mathematics was really strong, but it was reduced to no physical implementation.
3) KeeLoq has been replaced by a dialogue code technology (using asymmetric encryption algorithms and 2.4 GHz frequencies), which is now used in modern signaling. No one has yet succeeded in breaking it, and the alarm manufacturers are so sure of the breaking resistance of this technology that the same StarLine offers 1 million rubles to anyone who can crack such an alarm. This million rubles has not been paid to anyone yet. Let's see how communication between the key fob and the alarm goes: When a new key fob is prescribed, the public key of the key fob is transferred to the alarm memory, and the Diffie-Hellman algorithm is used to transfer the keys on the open communication lines.
) --------- > <br>
) < ------ ------ <br>
) … …<br>
) ---- --- > <br>
) … ,
- .Implementing yourself is quite realistic, although it is quite expensive. In this regard, you can look at the STM32W microcontrollers with AES hardware encryption accelerator, working with 128-bit keys, and a 2.4 GHz transceiver. STM32W allows you to work in networks of Wi-Fi, ZigBee, Bluetooth and sleep mode has a consumption of about 1 microA, allowing you to use it in key chains. There are ready-made debug kits that allow you to quickly master its wireless capabilities (~ $ 50).
4) RFID tags - used for contactless access (“hands free”), communication range - up to 10 meters. You do not need to get out of your pocket and press the button - if the label is within the range of the alarm receiver, the car will be removed from the guard mode. Passive tags do not have their own power source; they receive energy through the air from an alarm by pointing currents on the built-in antenna. Active - have a built-in battery, which allows to reduce the power of the alarm reader and increase the range of communication. In general, tags operate at 2.4 GHz frequency (as the communication range increases with increasing frequency), and the communication range with the alarm reader is up to 10m.
5) Relatively recently, GSM-devices began to be used in automobile access control systems - removal / arming from cell phones and smartphones. And more and more often, looking at the future of car alarms, they speak of a complete rejection of key fobs in favor of GSM devices - smartphones, cellular. But in its pure form, this undertaking stumbles upon a rake: there is no 100% coverage of the territory by cellular communication, there is a high probability of remaining in a remote area with a blocked car and a dead smartphone, the need to pay for communication. Plus, users themselves are not yet ready to abandon the use of key fobs. However, everything is moving towards the fact that in a short time we will come to the tag + smartphone tag, and the use of key fobs will be a thing of the past.
In the case of smartphones, the main disadvantages - paid gsm-connection and insufficient network coverage - can be nullified by providing Wi-Fi signaling with the module, which will be discussed further.
Providing Wi-Fi access to signaling
In modern mobile devices - telephones and smartphones, and also netbooks and tablets - there is built-in support for Wi-Fi, which can be used for remote direct access to our device, bypassing the server. Consider the most popular solution - the WiFi module MRF24WB0MA worth $ 22 from Microchip:
- unfortunately, it’s not directly connected to our STM32, to use the module, you will have to use the PIC microcontroller layer (however, Microchip’s supporting TCP / IP stack, which doesn’t affect the product price) this module (however, for me this is not a problem, because I went up on PICs). The module itself is connected to the PIC via SPI, and already with the PIC it can be connected to our STM32 via spi / i2c / uart. The module itself has good functionality: built-in accelerator for AES / RC4, support for WEP, WPA-PSK, WPA-2-PSK. Range - up to 400m. consumption in sleep mode - 250 uA, hibernation - <0.1 uA. The library itself, among other things, has SSL support. By the way, I will note that this library works in the same way as with Microchip Wi-FI modules,and wired ethernet (ENC28J60, etc.). That is, when you work with this library, it makes no difference whether you work with a Wi-Fi or Ethernet module - the software interface is the same. You can read more about the library.here .
Developing software for mobile devices
Starting from this section, I abstract from hardware implementation and will only consider software implementation of satellite car alarm on the server side and mobile devices.
Recently, mobile GSM-devices based on iOS operating systems (iPhone, iPad), Android, Windows Mobile, Blackberry, etc., have proliferated, and recently a wider range of household equipment begins to acquire support for remote control from these devices. Manufacturers of automotive GSM alarms, which quickly launched applications that allow them to control and monitor cars from smartphones, did not stand aside. You can add such support to our alarm system, which already knows how to interact with the WEB server (see the section on using the TCP / IP stack of SIM900). The WEB server will act as an intermediary here - your mobile application connects to the server, and the server already interacts directly with the alarm.The mobile application itself implements the following main functions:
1) View on the map (Google.Maps, Yandex.Maps or OpenStreetMaps) the current position of the car
2) On-board computer - sensor readings, temperature, voltage, how much is left before the replacement of consumables, etc.
3) Arm / Disarm
4) Remote engine start
5) Optionally - view photos from cameras, etc.
The main stumbling block is the need to learn Objective-C and other languages ​​to develop your mobile application for various platforms. Here universal solutions like PhoneGap come to the rescue:
PhoneGap is an OpenSource environment that allows cross-platform development of applications for almost all known platforms (iOS, Android, etc.) on HTML5, using Mobile jQuery and CSS. The application is actually a web page that has access to the hardware peripherals of the smartphone (accelerometer, camera, GPS, etc.). PhoneGap is not without flaws, and in industrial applications it is necessary to abandon the cross-platform approach in favor of the native - Objective-C. But at first it serves as a good service (especially for those who, by the nature of their activities, are already associated with web development), allowing them to provide support for their “small bloodshed”.
You can read more about PhoneGap here
. Web server software
It's time to deal with the implementation of a web-server that will mediate the interaction of alarm systems and devices that have an Internet connection (smartphones, netbooks, tablets, ordinary computers, etc.). In our case, the Web server performs the following functions:
1) Receives data from gsm alarms and gives them the current settings
2) Provides a web interface to alarm owners for monitoring and managing alarms
3) Provides access to data from mobile applications (for devices running iOS, Android and etc.)
4) Provides an XML API interface for uploading data to client servers. You
can see a good example of implementation at http://panel.car-online.ru/ and https: // p-on. ru /
For hosting it is better to choose cloud hosting - in this case you are not strictly limited in resources, there is the possibility of flexible scaling of computing power. In contrast to the VPS hosting, here the payment goes only to actually consumed resources (with a VPS, you have to pay for resources that are idle most of the time + a hard resource limit).
Further on the structure of server applications. At first and at low load, LAMP (Linux-Apache-MySQL-PHP) turns out to be the simplest and most common solution.
But those who are honed to such an approach, very quickly begin to regret it. :-)
Time passes, the load grows, and a moment comes rather quickly when the current architecture stops coping with its tasks. Then come the thought of Highload. There is far from one approach, and as an example I will consider Open-Source a bunch of nginx + varnish + memcached + php-fpm + eaccelerator (+ PHP, + MySQL). A little about what it is.
• Nginx - web-server, which is usually used to give statics. Popular architecture in which nginx acts as a front-end, proxying requests for dynamic pages on Apache (back-end), on which server scripts are already running. But you can (and should) completely abandon the use of Apache by hanging its function on a more lightweight nginx.
• php-fpm - PHP FastCGI Process Manager - is in our case the “connecting bridge” of PHP for working with nginx. Php-fpm allows you to efficiently use PHP in FastCGI mode on highload projects.
• eAccelerator - a tool that allows you not to interpret the PHP code every time. Once interpreted, we keep the code in memory for later use - saving of processor time and access to disk resources is obvious.
• Memcached - in-memory data caching server. MySQL database servers are good, but they spend time querying and reading from slow storage devices — hard drives. Much faster data can be selected from RAM, so the logic of work here is this: Make a request to memcached, if there is no required data (empty), then make a request to the MySQL database server, and send the answer to memcached. Those.MySQL acts as a slow back-end solution, and Memcached as a fast front-end. We apply to the back-end only once - in order to place the data in the front-end and in future to access this data only through the front-end (for now, of course, they will not lose their relevance).
• Varnish is an HTTP accelerator that allows you to cache content. In some ways, this is an analogue of Memcached, then for substantially large amounts of data. Varnish saves pages in virtual memory and, if necessary, drops them onto a hard disk. We can logically split each page into its component blocks (footer, header, news block, etc.) and specify our own caching rules for each of the blocks. In the end, we get a gain in the speed of return of pages, and unload the back-end part of the server from repeated requests.
From additional measures, look in the direction of switching MySQL to tmpfs, build up the indexes of the tables, use the InnoDB data storage engine (suitable in our particular case), the sysctl setting.
Let's look at one of the possible architecture schemes, with SSI inclusions. In the first case, the original, we have an empty cache, the back-end (PHP + MySQL) is involved, but in the second it is not used, we receive data from Varnish and Memcached:
- in the first case, nginx refers to Varnish for a page that does not exist in the cache - because the request goes to the back-end (PHP + MySQL). The SSI inclices cache is stored in Memcached with us - and since it is empty there, then Nginx makes a call to the back-end part, which gives the result to nginx and simultaneously stores it in the cache via Memcached.
In the second case, we no longer pull the back-end part, the data is taken from the Varnish cache and Memcached.
The foregoing is not a universal solution — the Highload architecture of the project is specific to each specific task — it is required to implement the solution on the test server and conduct load testing — try to simulate the work situation as fully as possible, taking into account the maximum predicted load growth volumes. And you can never stop there. “I did everything, everything works, you can breathe with relief and relax” - this does not happen. All the time you need to think a step forward, predicting the possible development of the current situation.
Ways of further development
The device already performs many functions - it is an alarm system, an on-board computer, and a telecommunication service (ERA-GLONASS / eCall) in one bottle, with access via the Internet. Designed for both passenger cars and trucks, and for real estate. But there is no limit to perfection. If we want to equip our car with electronics, then we have to purchase disparate devices - a radio tape recorder, a navigator, a DVR, etc. We have to stick around the windshield with them, which narrows the visible area and attracts once again dishonest people to the car. There is currently no decent device on the market - a “media combine” replacing the above devices, creating a single entry point for all functions and well integrated with the standard equipment of cars. Even China has not yet succeeded in this regard.A rather significant step forward in this direction was made by Mirk:
- solution on ARM11 running WinCE with a gsm-modem, gps / Glonass receiver, which allows you to connect audio-video sources and display the image both on individual displays and on standard cars. Integrates with standard Lexus / Toyota / Subaru / Nissan systems and other vehicles. The idea is not bad, it is really a significant breakthrough. The breakthrough, reduced to "no" by realization - the device is still too raw, having problems in operation and shortcomings of realization, a high price.
Thus, this area still remains untapped, worthy, strong and accessible to most solutions are not here. The information provided in this article on the development of satellite signaling can be a good springboard for developing a competitive device. As a basis, the Raspberry Pi single-board computer with ARM11 immediately arises, the functional equipment of which can be expanded. :-)
As a conclusion,
we have literally made out the main points of the development of automotive satellite GSM-alarm systems, from time to time, literally in two words. :-) I made sure on my own example that the devil is not so terrible as he is painted, and everything is really done on his own, only time and patience are needed. In fact, it is important to remember the golden rule: “less is more and more is better.” In an effort to embrace the immense, to endow their device with as much functionality as possible, manufacturers often lose in quality of execution. It is better to outline a circle for yourself, to cut down your Wishlist, to do less, but on the other hand, with high quality and dignity, having worked out all the details in detail.
In the article I considered only satellite systems, leaving aside radio searching. On the one hand, radio search systems win over satellite - less power consumption, work in enclosed areas (the signal makes its way through metal boxes, underground garages, etc.), the transmitter can be placed anywhere in the car (in doors, hidden body cavities, etc.) d.) But on the other hand, there are also disadvantages: insufficient coverage of the territory with radio beacons, a relatively high subscription fee, the impossibility of displaying the position of the protected object on the map, the inability to develop your own radio search device - unless you put only your radio beacons in the city, which is quite expensive) Plus the advantages of radio search systems You cannot demonstrate to the end user visually with the example of the operation of the device.Few of you will decide to pay a tangible amount of money for the unit, which is not used for their own purposes, whose work will not be visible to him. Those.it is important for the consumer to “touch” in what he acquires. Satellite systems in this regard significantly benefit. And there is nothing surprising in the fact that they significantly benefit from sales, and radio search is still in the shadow, despite all its advantages.
As for the car alarm system, I strongly recommend not to be content with the standard equipment, but to install gps-beacons into the hidden cavities. In addition, to glue over the windows with an armored film and insert pins into the doors is not only an additional measure against car theft, but also a real protection against theft of things in the cabin. In addition, it has long been the de facto standard to install an electric hood lock and a Garant type lock on the steering wheel + digital relays (based on current keys) on the main circuits of the machine that are locked if the alarm is disabled - if the alarm supports their installation. We often feel sorry for the money - we wave our hand, we think that the car is not worth it. And we regret only when it is too late to change anything ...
PS I think many of you have noticed that the video at the very beginning of the article is “replayed” to lure customers - the alarm certainly does not send any data to the satellite, such alarms are called satellite only because they receive data from GPS / Glonass satellites. To send information to satellites, you need a good dish. ;)
UPD 09/06/2012: 2G (sim900) modules can no longer be used in ERA-GLONASS systems in accordance with the new GOST R 54620-2011, this requires 3G modules (for example, it works with the SIM5320 3G module).
Bibliography
1) Satellite speedometer on STM32F1 and FreeRTOS
2) Draft national ERA-GLONASS standards. I express my gratitude to Ya. A. Domaratsky, Director of the Subscriber Device Development Service of the Federal Operator "NIS-GLONASS", for the materials provided.
3) Sources of a car gps-tracker based on ATmega128
4) Sources of gsm-alarm for 2 sim cards, iButton, dtmf-decoder
5) Sources of GPS tracker on STM32
6) Sources of GPS-tracker on STM32F10x
6) GOST R 54620-2011 “Automotive system call emergency services. General technical requirements "
7) Order of the Ministry of Transport of Russia dated 31.07.2012 N 285 - interesting description of the transmission protocol of telematic information and the procedure for calling emergency services
Source: https://habr.com/ru/post/139760/
All Articles