User Tools

Site Tools


project:brmdoor:start

This is an old revision of the document!


BrmDoor

DIY Access Control
and Burglar alarm
pir.jpg
founder: crowdsourcing
depends on:
interested: harvie
niekt0
pasky
blackhead
b00lean
swez
stick
sargon
ruza
software license:
hardware license:

~~META: status = active &relation firstimage = :project:pir.jpg ~~

For hackerspace more secure and without the annoyance of physical keys. DIY digital lock control, open/closed space status monitor and burglar alarm.

Status: Currently, we have digital lock control and open/closed space status monitor, doorbell. Burglar alarm is TODO long-in-the-future.

System Architecture: Digital lock, card reader and Club Mate panel are hooked up on an Arduino. The Arduino needs just power - it unlocks the door autonomously, the list of allowed cards is stored internally. The Arduino is further (optionally) reporting to brmd daemon which provides web, IRC interface to the status and unlock notifications.

Unlocking the Door

Executive summary, how to get in without a key - arrange registering your RFID card with stick first, then you need to sometime come physically to brmlab to meet with him; he will add your ID to the Arduino sketch code. (We do not use external database out of security concerns.)

If your card is registered, just put it at the door around the place with the “RFID” sticker. When you unlock the door, you will hear a click - then, you can open it. After a short while, you will hear another click and the door auto-locks itself again. At the other side, unlock visual feedback is provided by the orange Arduino LED.

BrmDoor Hardware

  • Simple token-based Identity Check device (we just rely on serial numbers for starters):
    • [DONE] MiFare RFID cards (e.g. ISIC, OpenCard, or plain tokens)
    • [TODO] harvie can provide a USB smartcard reader. That means people will be able to use e.g. their bank cards to enter, or some plainer tokens. (Or OpenCard, but just the much less common version.)
  • Lock device:
    • [DONE] BERA-E electromagnetic clock, sponsored by b00lean!
      • From inside, it is possible to open the door anytime by just pushing the handle.
      • From outside, it is possible to open the door by turning the lock by the key, OR by pushing the handle if +15V is fed in.
      • We have it wired up and can control it fine. The wires are routed off the door through UTP cable.
      • AxTheB breadboarded a Darlington IC that switches the 15V based on 5V TTL input. The power source used to be first an old ATX PSU (unreliable, 12V sometimes cannot unstuck the lock), then PoE adapter, now a dedicated DC adapter.
  • [DONE] Microcontroller will interface the hardware (RFID reader, EM lock)
    • We use just Arduino hooked up on USB serial (sponsored by TomSuch)
    • TomSuch created a mini-shield that has all the extra wiring and Darlington.
  • “Dolní brmdoor” na RPi: brmdoor.zip

BrmDoor Firmware

Programmed mainly by tomsuch and stick during overnight hacking session. One-line message is sent to serial every 1 second. It can have one of the following 3 forms:

  1. NOCARD
    • no card is detected
  2. CARD <username> 0123456789ABCD
    • card from ACL is detected
  3. CARD UNKNOWN FEDCBA98765432
    • card not found in ACL

When message 2 is sent (card in ACL found), the door is also unlocked for few seconds.

Each message is prefixed by two space-separated boolean numbers; the first denotes the state of the “status” switch, the other the state of the “video” switch.

The Arduino sketch is here: source

Status Monitor

How to detect whether the space is currently inhabited?

Two big switches with LEDs are now by the door (“Club Mate Panel”); the one with green led is to be switching the open/close status, while the one with yellow led switches on/off live stream from brmlab.

Few more old photos @ https://picasaweb.google.com/petr.baudis/BrmdoorStatusPanel

brmd

The software side is brmd, awesome brmlab integration hub that collects data from various sources and provides unified reporting on IRC and web. So you can see the current status on http://nat.brmlab.cz/brmd/ and IRC topic contains the current status too.

Pasky’s blogpost about fighting with Perl POE

brmd runs at brmdoor@brmdoor.brm (Raspberry_Pi sponsored by ruza).

Alphasign

brmd also allows Alphasign control. It is a LED display with scrolling random text in the middle of the wall. Random status information is normally periodically shown by cronjobs running at brmlab@sargon.

Alphasign hardware broke a long time ago.

BrmDoor Access Policy

The requirement is to always have a backup way to get in, even when the digital control gets stuck at the most inconvenient moment in the most stupid way. Also, the building owner always needs to have a means of access, a plain key if possible; this is also related to fire regulations. Therefore, having digital entry as primary access method, with couple of backup plain keys in case things go wrong, should be the most preferred method.

Some means of the digital entry should still work if the network is offline for some reason.

The door is always closed from the outside and locked and must be unlocked every time before it is open; it stays unlocked for a short period enough to open the door.

Adding card under new PN532 system

When you login as 'brmdoor' user on brmdoor Raspberry Pi (or 'su' to that user), you'll get instructions from .bash_login script how to edit the card uids. There is currently new cardids_proper.h file that should be edited - its syntax doesn't suffer from the old reader's issues.

The new version currently running will be soon merged into brmlab/brmdoor git repository.

GitHub, last commits

Yet another Brmdoor implementation - Pythonic this time

The brmdoor_libnfc is another implementation for Raspberry Pi that aims to be clean and documented. The daemon is written in Python that uses wrappers of libnfc written in C++ and Swig.

Requires libnfc and WiringPi2

Features:

  • Clean, documented and extensible code
  • Authentication data is stored in SQLite DB - no need to restart daemon to make any change; extensible DB schemas
  • NFC smartcard communication support (ISO 14443-4)
  • Multiple authentication schemes supported
  • Dedicated configuration file and logging facilities

Missing features:

  • No sound produced (can be fixed via WiringPi)
  • No IRC messages yet
project/brmdoor/start.1480299557.txt.gz · Last modified: 2016/11/28 02:19 by ruza