Looks fun! I did some reverse engineering for the RF sensors of my weather station a few weeks back, I used gnuradio, audacity etc but it was all 'manual', ie feeding the .WAV capture file to my own program and trying to find the decoding [0].
Turns out it was a known protocol of course, but it was still fun! Next time I know where to look for the proper tools, this looks awesome!
Nice, thanks for sharing! I'll have to check this out. Not sure how I missed hearing about this one when I was working on understanding the mesh network protocol for the water and electric meters on the side of my house. Aside from GNU Radio, which has already been mentioned, Inspectrum also proved to be invaluable to me.
Sure. The electric and water meters used by the city I live in are by a company called Elster. They use the name EnergyAxis or EA_LAN to describe the mesh network. Either of those should return hours of reading material on a Google search. The short version is that each electric meter communicates on the ISM 915MHz band using the Texas Instruments CC11xx chip, and relays messages from meter to meter until it reaches the "gatekeeper", which is tied to a WAN and to the city's infrastructure.
Sure. If you have an Elster brand meter, you can check out my (incomplete) project ea_receiver [1] or a GNU Radio based project, gr_elster [2]. For other brands, I would check out the rtlamr [3] project. I'm using it to read my gas meter. Finally, if you're into this sort of thing, check out rtl_433 [4]. You'd be amazed how many things are silently communicating all around you.
Note: my work on ea_receiver has stagnated, as my city recently completed an upgrade to their system which unfortunately included enabling message encryption.
It's a nightmare of twisty dependencies. You can either run the obsolete version in your distro or be prepared for a world of pain.
And it's made even worse because Qt decided they couldn't be bothered with binary compatibility so a whole bunch of things dependent upon Qt all broke and lots of things now all need to get fixed.
No kidding! It's a complete nightmare to set up, urh is significantly simpler to set up and to use.. though of course the other side of that is it's not as powerful as gnuradio
Very different, URH assumes you have the 1's and 0's and wish to decode the protocol. gnuradio is more about implementing and decoding known protocols and interfacing to rx/tx hardware.
Gnuradio is much more complex and powerful but looks like it's from engineers for engineers: I could hack together a superhet receiver in a day, but have never been able to do anything with Gnuradio that even pretended to work.
This is probably my fault for expecting a radio software to have knobs...
A question to RF people here - if I want to snoop on the 433MHz and 868MHz signals in the air, what's the cheapest setup I can get that would let me do some useful work? I've been reading up on the RTL-SDR thing, but there seems to be so many variables to consider that I can't even estimate what's the minimum set of hardware required, and whether the cheap modules are of any use.
If < 8MHz, try this
http://www.sdrplay.com
(Not an RTL stick, performance FAR better. I own this, it's great.)
I notice they have a new model out.
Above that, sky's the limit. Filters are possibly useful on the TV stick but by no means essential.
Antennas - all depends on proximity. If you're in the same room as your RF source, a bit of wire will do, for all but the weakest signals. Beyond that, it depends what you're doing.
My recommendation:
Buy the £7 stick, see if it gets the job done for you. If not, try the SDRPlay unit. I own both, they're both good and will likely get the job done.
Thanks! I'll start with the stick then. I am afraid to spend triple digit sums on more hardware that I don't yet know if I'll end up using much, but I wasn't sure if cheaper options are usable at all.
Some of the cheap tv tuner dongles certainly cover that frequency range. They generally have fairly narrow bandwidth though. So if the signal you want to look at is very wide you might need something better than the entry level dongle.
The rtl-sdr about page has a comparison chart showing various receivers a quarter of the way down the page...
[0]: My RF/MQTT bridge for switches and sensors: https://github.com/buserror/rf_bridge