brmlab

User Tools

Site Tools

You are here: Hackerspace Prague » Projects » brmdoor
project:brmdoor

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
project:brmdoor [2011/08/29 19:55] – [Status Monitor] more photos link paskyproject:brmdoor [2016/11/08 19:11] – [BrmDoor Hardware] jenda
Line 1: Line 1:
 +====== BrmDoor ======
 +{{template>infobox|
 +name=DIY Access Control\\ and Burglar alarm|
 +image=pir.jpg?200|
 +founder=crowdsourcing|
 +depends=|
 +interested=[[user:harvie]]\\ [[user:niekt0]]\\ [[user:pasky]]\\ [[user:blackhead]]\\ [[user:b00lean]]\\ [[user:swez]]\\ [[user:stick]]\\ [[user:sargon]]\\ [[user:ruza]]|
 +status=done}}
  
 +For hackerspace more secure and without the annoyance of physical keys. DIY digital lock control, open/closed space status monitor and burglar alarm.
 +
 +**Status:** Currently, we have digital lock control and open/closed space status monitor, doorbell. Burglar alarm is TODO long-in-the-future.
 +
 +**System Architecture:** Digital lock, card reader and Club Mate panel are hooked up on an Arduino. The Arduino needs just power - it unlocks the door autonomously, the list of allowed cards is stored internally. The Arduino is further (optionally) reporting to brmd daemon which provides web, IRC interface to the status and unlock notifications.
 +
 +===== Unlocking the Door =====
 +
 +Executive summary, how to get in without a key - arrange registering your RFID card with stick first, then you need to sometime come physically to brmlab to meet with him; he will add your ID to the Arduino sketch code. (We do not use external database out of security concerns.)
 +
 +If your card is registered, just put it at the door around the place with the "RFID" sticker. When you unlock the door, you will hear a click - then, you can open it. After a short while, you will hear another click and the door auto-locks itself again. At the other side, unlock visual feedback is provided by the orange Arduino LED.
 +
 +===== BrmDoor Hardware =====
 +
 +  * Simple token-based Identity Check device (we just rely on serial numbers for starters):
 +    * [DONE] MiFare RFID cards (e.g. ISIC, OpenCard, or plain tokens)
 +      * We have [[https://www.adafruit.com/products/789|Adafruit PN532 NFC/RFID Controller Shield for Arduino]]. (lessons learned: do not use [[http://www.seeedstudio.com/depot/1356mhz-rfid-module-iosiec-14443-type-a-p-196.html]]).
 +      * We have it wired up and can detect a card and receive its serial id. Tested on ISIC and OpenCard, works like a charm!
 +      * It is already duct-taped at the inner side of the door. Most rfid cards have no trouble with talking through the wooden door; a sticked by chido marks the spot. The wires are routed off the door through UTP cable.
 +      * TODO: More secure crypto-based auth?
 +    * [TODO] [[user:harvie]] can provide a USB smartcard reader. That means people will be able to use e.g. their bank cards to enter, or some plainer tokens. (Or OpenCard, but just the much less common version.)
 +  * Lock device:
 +    * [DONE] BERA-E electromagnetic clock, sponsored by b00lean!
 +      * From inside, it is possible to open the door anytime by just pushing the handle.
 +      * From outside, it is possible to open the door by turning the lock by the key, OR by pushing the handle if +15V is fed in.
 +      * We have it wired up and can control it fine. The wires are routed off the door through UTP cable.
 +      * AxTheB breadboarded a Darlington IC that switches the 15V based on 5V TTL input. The power source used to be first an old ATX PSU (unreliable, 12V sometimes cannot unstuck the lock), then PoE adapter, now a dedicated DC adapter.
 +  * [DONE] Microcontroller will interface the hardware (RFID reader, EM lock)
 +    * We use just Arduino hooked up on USB serial (sponsored by TomSuch)
 +    * TomSuch created a mini-shield that has all the extra wiring and Darlington.
 +  * "Dolní brmdoor" na RPi: {{:project:project:brmdoor:brmdoor.zip|}}
 +
 +{{ :project:brmdoor-schema.jpg?300 |}}
 +===== BrmDoor Firmware =====
 +
 +Programmed mainly by [[user:tomsuch]] and [[user:stick]] during overnight hacking session. One-line message is sent to serial every 1 second. It can have one of the following 3 forms:
 +
 +  - NOCARD
 +    * no card is detected
 +  - CARD <username> 0123456789ABCD
 +    * card from ACL is detected
 +  - CARD UNKNOWN    FEDCBA98765432
 +    * card not found in ACL
 +
 +When message 2 is sent (card in ACL found), the door is also unlocked for few seconds.
 +
 +Each message is prefixed by two space-separated boolean numbers; the first denotes the state of the "status" switch, the other the state of the "video" switch.
 +
 +The Arduino sketch is here: [[http://github.com/brmlab/brmdoor|source]]
 +
 +{{ :project:clubmate-panel.jpg?200|}}
 +===== Status Monitor =====
 +
 +How to detect whether the space is currently inhabited?
 +
 +Two big switches with LEDs are now by the door ("Club Mate Panel"); the one with green led is to be switching the open/close status, while the one with yellow led switches on/off [[project:presentationcenter#streaming|live stream from brmlab]].
 +
 +Few more old photos @ https://picasaweb.google.com/petr.baudis/BrmdoorStatusPanel
 +===== brmd =====
 +
 +The software side is [[http://github.com/brmlab/brmdoor|brmd]], awesome brmlab integration hub that collects data from various sources and provides unified reporting on IRC and web. So you can see the current status on [[http://nat.brmlab.cz/brmd/]] and IRC topic contains the current status too.
 +
 +[[http://log.or.cz/?p=156|Pasky’s blogpost about fighting with Perl POE]]
 +
 +brmd runs at brmdoor@brmdoor.brm ([[wp>Raspberry_Pi]] sponsored by [[user:ruza]]).
 +
 +===== Alphasign =====
 +
 +<del>brmd also allows Alphasign control. It is a LED display with scrolling random text in the middle of the wall. Random status information is normally periodically shown by cronjobs running at brmlab@sargon.</del>
 +
 +Alphasign hardware broke a long time ago.
 +
 +===== BrmDoor Access Policy =====
 +
 +The requirement is to always have a backup way to get in, even when the digital control gets stuck at the most inconvenient moment in the most stupid way. Also, the building owner always needs to have a means of access, a plain key if possible; this is also related to fire regulations. Therefore, having digital entry as primary access method, with couple of backup plain keys in case things go wrong, should be the most preferred method.
 +
 +Some means of the digital entry should still work if the network is offline for some reason.
 +
 +The door is always closed from the outside and locked and must be unlocked every time before it is open; it stays unlocked for a short period enough to open the door.
 +
 +===== Adding card under new PN532 system =====
 +
 +When you login as 'brmdoor' user on brmdoor Raspberry Pi (or 'su' to that user), you'll get instructions from .bash_login script how to edit the card uids. There is currently new cardids_proper.h file that should be edited - its syntax doesn't suffer from the old reader's issues.
 +
 +The new version currently running will be soon merged into brmlab/brmdoor git repository.
 +===== GitHub, last commits =====
 +
 +{{rss>https://github.com/brmlab/brmdoor/commits/master.atom 5 author date 1h }}
 +
 +===== Yet another Brmdoor implementation - Pythonic this time =====
 +
 +The [[https://github.com/hiviah/brmdoor_libnfc | brmdoor_libnfc]] is another implementation for Raspberry Pi that aims to be clean and documented. The daemon is written in Python that uses wrappers of libnfc written in C++ and Swig.
 +
 +Requires [[https://code.google.com/p/libnfc/ | libnfc]] and [[https://github.com/WiringPi/WiringPi2-Python | WiringPi2]]
 +
 +Features:
 +
 +  * Clean, documented and extensible code
 +  * Authentication data is stored in SQLite DB - no need to restart daemon to make any change; extensible DB schemas
 +  * NFC smartcard communication support (ISO 14443-4)
 +  * Multiple authentication schemes supported
 +    * simple authentication by UID
 +    * [[http://www.yubico.com/products/services-software/personalization-tools/challenge-response/ |Yubikey Neo's HMAC-SHA1 challenge-response over NFC]]
 +  * Dedicated configuration file and logging facilities
 +
 +Missing features:
 +
 +  * No sound produced (can be fixed via WiringPi)
 +  * No IRC messages yet
 +
 +===== Links =====
 +
 +  * http://en.wikipedia.org/wiki/Cerberus
 +  * http://en.wikipedia.org/wiki/Burglar_alarm
 +  * http://hackerspaces.org/wiki/Open_Access_Control_for_Hacker_Spaces
 +    * http://code.google.com/p/open-access-control/
 +  * yet another doorlock projects made by various hackerspaces http://hackerspaces.org/wiki/Doorlock