Let’s see what we are going to build today! As you can see, we are going to build an Art Deco style FM radio receiver. The design of this radio is based on this spectacular 1935 AWA radio. I discovered this old radio while searching online and also in this book about the most beautiful radios ever made. I loved the design of this radio so much that I wanted to have a similar one. So I devoted a month of my time to build my own.
Anyone can hack a radio, but that doesn’t mean it’s easy: there’s a lot of mechanics that go into formatting a signal before you can decode the ones and zeros.
At his Shmoocon talk, [Paul Clark] introduced a great new tool for RF Reverse Engineering. It’s called WaveConverter, and it is possibly the single most interesting tool we’ve seen in radio in a long time.
If you wanted to hack an RF system — read the data from a tire pressure monitor, a car’s key fob, a garage door opener, or a signal from a home security system’s sensor — you’ll be doing the same thing for each attack. The first is to capture the signal, probably with a software defined radio. Take this data into GNU Radio, and you’ll have to figure out the modulation, the framing, the encoding, extract the data, and finally figure out what the ones and zeros mean. Only that last part, figuring out what the ones and zeros actually do, is the real hack. Everything before that is just a highly advanced form of data entry and manipulation.
[Paul]’s WaveConverter is the tool built for this data manipulation. Take WaveConverter, input an IQ file of the relevant radio sample you’d like to reverse engineer, and you have all the tools to turn a radio signal into ones and zeros at your disposal. Everything from determining the preamble of a signal, figuring out the encoding, to determining CRC checksums is right there.
All of this is great for reverse engineering a single radio protocol, but it gets even better. Once you’re able to decode a signal in WaveConverter, it’s set up to decode every other signal from that device. You can save your settings, too, which means this might be the beginnings of an open source library of protocol analyzers. If someone on the Internet has already decoded the signals from the keyfob of a 1995 Ford Taurus, they could share those settings to allow you to decode the same keyfob. This is the very beginnings of something very, very cool.
The Github repo for WaveConverter includes a few sample IQ files, and you can try it out for yourself right now. [Paul] admits there are a few problems with the app, but most of those are UI changes he has in mind. If you know your way around programming GUIs, [Paul] would appreciate your input.
Far too much stuff is wireless these days. Home security systems have dozens of radios for door and window sensors, thermostats aren’t just a wire to the furnace anymore, and we are annoyed when we can’t start our cars from across a parking lot. This is a golden era for anyone who wants to hack RF. This year at Shmoocon, [Marc Newlin] and [Matt Knight] of Bastille Networks gave an overview of how to get into hacking RF. These are guys who know a few things about hacking RF; [Marc] is responsible for MouseJack and KeySniffer, and [Matt] reverse engineered the LoRa PHY.
In their talk, [Marc] and [Matt] outlined five steps to reverse engineering any RF signal. First, characterize the channel. Determine the modulation. Determine the symbol rate. Synchronize a receiver against the data. Finally, extract the symbols, or get the ones and zeros out of the analog soup.
From [Marc] and [Matt]’s experience, most of this process doesn’t require a radio, software or otherwise. Open source intelligence or information from regulatory databases can be a treasure trove of information regarding the operating frequency of the device, the modulation, and even the bit rate. The pertinent example from the talk was the FCC ID for a Z-wave module. A simple search revealed the frequency of the device. Since the stated symbol rate was twice the stated data rate, the device obviously used Manchester encoding. These sorts of insights become obvious once you know what you’re looking for.
In their demo, [Marc] and [Matt] went through the entire process of firing up GNU Radio, running a Z-wave decoder and receiving Z-wave frames. All of this was done with a minimum of hardware and required zero understanding of what radio actually is, imaginary numbers, or anything else a ham license will hopefully teach you. It’s a great introduction to RF hacking, and shows anyone how to do it.
Our Hackaday readership represent a huge breadth of engineering experience and knowledge, and we get a lot significant number of our story tips from you. For instance, today we are indebted to [sonofthunderboanerges] for delivering us a tip in the comment stream of one of our posts, detailing an antenna created by coupling RF into a jet of sea water created with a pump (YouTube link). It’s a few years old so we’re presenting it as an object of interest rather than as a news story, but it remains a no less fascinating project for that.
The antenna relies on the conductivity of sea water to view a jet of water as simply another conductor to which RF can be coupled. The jet is simply adjusted by altering the flow rate until it is a quarter wavelength long at the desired frequency, at which point it is a good analogue of a metal whip antenna. The RF is coupled at the base by a ferrite cored transformer that clips around the nozzle ejecting the water, and a bandwidth from 2MHz to 400MHz is claimed. If you work with RF you will probably wince at the sight of salt water coming near the RF connector, as we did.
The advantage of the system is that it allows antennas of multiple frequencies to be created at very short notice and using very little space or weight when not in use. The creator of the antenna at the US Navy’s SPAWAR technology organisation points to its obvious application on Navy warships. Whether or not the sailors are using these antennas now isn’t clear, but one thing’s for certain, the idea hasn’t gone away. Early last year Popular Mechanics reported on a similar project under way courtesy of Mitsubishi, in Japan.
What does a Hackaday writer do when a couple of days after Christmas she’s having a beer or two with a long-term friend from her university days who’s made a career in the technical side of digital broadcasting? Pick his brains about the transmission scheme and write it all down of course, for behind the consumer’s shiny digital radio lies a wealth of interesting technology to try to squeeze the most from the available resources.
In the UK, our digital broadcast radio uses a system called DAB, for Digital Audio Broadcasting. There are a variety of standards used around the world for digital radio, and it’s fair to say that DAB as one of the older ones is not necessarily the best in today’s marketplace. This aside there is still a lot to be learned from its transmission scheme, and from how some of its shortcomings were addressed in later standards.
Channels and Capacities
You will all be used to analogue broadcasting on AM and FM, in which each station has its own transmitter and occupies its own frequency. With a digital system like DAB each transmitter does not restrict itself to only one station, instead it transmits several at once in a multiplex. Each multiplex has a data rate of just under 1.2 Mbits/s, which in practice allows it to carry around ten MP2-compressed stations depending on the data rates of each individual station. It’s difficult to state a hard and fast figure for the channel capacity of a multiplex, because not only can different sample rates be used for each channel, those rates can be changed on the fly.
The British multiplexes are transmitted in the spectrum once occupied by the upper set of the old British 405-line TV channels around 200 MHz. However they are not modulated onto an RF carrier in the same way as a traditional analogue radio or TV station is. To understand why this is the case, imagine for a minute that you had a serial port with a 1.2Mbit/s data stream on it. If you were to feed the stream to a traditional modulator on an analogue transmitter, you’d have a transmitted bandwidth of just over 1.5 MHz. In an idealised free space environment that would make a passably good broadcast system, but to see why it would not work in the real world just think for a moment about watching analogue TV with an inadequate antenna.
Sometimes on your TV in the analogue days you would see a second “ghost” image, a faint clone of the main image overlaid to the right of it. This was the result of the transmitted signal taking multiple paths to your receiving antenna, the main image being via the direct path and the “ghost” image being a path via a reflection from an object such as a tall building or a passing aircraft. The distance on the screen between the real image and its ghost represented the time difference between those two radio paths.
Now imagine that high-speed digital data stream again, only instead of in idealised free space put it in a real-world situation with passing aircraft, and all that ghosting. The time difference between the real stream and its ghost is now very significant compared to the length of an individual data bit, and thus overlaying the ghost on the original stream has the effect of causing huge errors in the received data stream. Clearly some means of combatting this problem is required.
Many Little Channels
The answer comes in the form of increasing the length of the data stream bits such that the ghost time difference is no longer significant in relation to it. Simply lengthening the data bits of the stream would reduce the data rate to the point of uselessness, so they instead split the one single high data rate stream into many individual low data rate streams with much longer bit lengths.
That single carrier with an over 1.5 MHz bandwidth then becomes over 1500 individual carriers each with a 1 KHz bandwidth, and each of those carriers has a low enough data rate for the ghosting to no longer be a problem. The overall data rate is the same, as is the overall spectrum bandwidth. but the resistance to ghosting has been improved enormously. It also has the handy effect of improving the resistance to typical narrow-band RF interference, because a certain number of the individual carriers can be lost without exceeding the ability of the error correction to compensate for it.
Splitting the stream into multiple carriers in this way is referred to as COFDM, or Coded Orthogonal Frequency Domain Multiplexing, and since each carrier is phase modulated by the four 90-degree-apart quadrature vectors the modulation scheme is referred to as DQPSK, for Differential Quadrature Phase Shift Keying. Yes, the linguistic influence of [Samuel Morse]’s key finds its way into digital broadcasting.
Sounds Like Mud
Of course, the nature of the RF side of DAB and other similar transmissions is only half the story There is the compression algorithm and the error correction algorithm, which define the real-world characteristics of the standard. DAB in particular is notorious for poor performance under low signal conditions, in which the signal can dissolve into a sound that is colloquially described as “like boiling mud”. Other countries have either abandoned their DAB rollout or gone straight for a more recent standard such as DAB+. That’s the price Brits pay for their country being an early adopter.
So why does DAB have this poor performance compared to its successor? According to my friend as we cracked open another couple of San Miguels cooled by the frosty night outside the window, the secret isn’t in its use of MP2 rather than AAC, but in the error coding scheme. The designers of DAB tried to shape the standard so that the components they considered most important to the intelligibility of the received audio were protected. They thus put a weighting in the error coding scheme towards certain frequencies, and it seems this is responsible for the flaw because it left it more vulnerable at the other frequencies. The resulting degradation in quality becomes much steeper as the percentage of the stream that is lost rises, to the extent that the system is quickly rendered unusable.
We all pick up in-depth knowledge of the systems and technologies we work on during our careers. I knew my friend worked in this line, and this was a fascinating opportunity to gain some understanding of a system about which I had a basic grasp but didn’t really know what made it tick. It’s this kind of information-sharing that’s so valuable, while little may come of my new-found understanding of DAB there is a lot to be said for accruing technical knowledge for its own sake. If you find yourself hanging out with a friend from way back, make sure you ask them about their specialities, you might learn something interesting.
It is said that “success has many fathers, but failure is an orphan.” Given the world-changing success of radio in the late 19th and early 20th centuries, it’s no wonder that so many scientists, physicists, and engineers have been credited with its invention. The fact that electromagnetic radiation is a natural phenomenon that no one can reasonably claim to have invented sometimes seems lost in the shuffle to claim the prize.
But it was exactly through the study of natural phenomena that one of the earliest pioneers in radio research came to have a reasonable claim to at least be the inventor of the radio receiver, well before anyone had learned how to reliably produce electromagnetic waves. This is the story of how a Russian physicist harnessed the power of lightning and became one of the many fathers of radio.
Alexander Stepanovich Popov was born in 1859 in the Ural mountain mining town of Krasnoturyinsk. Expected to follow in his father’s footsteps and become a priest, he instead chose to study the natural sciences and enrolled in the St. Petersburg University in the physics department.
After graduating and winning an appointment as an instructor at the Imperial Russian Navy’s Torpedo School in 1883, he turned his attention to electrical phenomena. The late 19th century was an exciting time in electrical research, when James Clerk Maxwell’s elegant equations predicting electromagnetic waves were just starting to be explored. It was a time when great minds like Heinrich Hertz, Oliver Lodge, and J.C. Bose were all working with the latest tools and instruments to probe the mysteries of Maxwell’s work.
The primary tool for detecting radio waves at the time was the coherer. Invented by Lodge based on the observation by Edouard Branley that powdered metal could conduct electricity after being exposed to electromagnetic waves, the coherer was a simple tube filled with iron filings between two electrodes. Initially, the resistance across the electrodes was relatively high thanks to the loosely packed powder and oxide coatings on each grain. A passing radio wave would cause the grains to almost weld together — sometimes sparks were reported coming from the coherer tube — which lowered the resistance enough to conduct electricity. Lodge had used his coherer to detect “Hertzian waves” in 1894, shortly after the death of their namesake.
In his Naval School lab, Popov read of Lodge’s discovery and decided to explore it further. Being of a naval bent, he was concerned with the weather and atmospheric phenomena, and wondered whether a coherer could detect the electromagnetic signature of lightning. He set about building his own coherer, improving the design by building in an automatic decoherer.
A coherer is a one-shot device: once it detects a signal, it needs to be mechanically restored to the high resistance state by tapping to release the adhered metal granules. Popov’s decoherer was cleverly coupled to the bell used to signal a detected wave; once the clapper had struck the bell it would spring back to rest after tapping the coherer tube to jostle its contents.
Another Popov innovation was the addition of a pair of chokes on either side of the coherer to prevent strong AC signals from coupling with the DC circuits of the detector. Popov is also credited with the first legitimate radio antenna — he connected a long wire antenna to the coherer and, critically, attached the other end of the coherer to an earth ground.
On May 7th, 1895, Popov demonstrated his “storm indicator” to the Russian Physical and Chemical Society. How exactly he got Mother Nature to cooperate and produce a detectable lightning bolt during the demonstration isn’t clear; we can only assume a spark gap was used to simulate lightning for the gathered scholars. Popov did perform more experiments later that summer and managed to detect lightning some 20 miles distant, though, and managed to improve the world’s first radio receiver.
The potential value of his invention was not lost on him. He ended a paper written in early 1896 with a prediction that his receiver would form half of a complete wireless communication system “if only a source of such vibrations [radio waves] can be found possessing sufficient energy.” A few months later in March he had succeeded in doing just that with a transmitter powerful enough to reach his receiver 800 feet away. Unfortunately for Popov, Guglielmo Marconi had been working along similar lines and in June 1896 filed a patent for his radiotelegraph system. Lacking any documentation of his March demonstration, Popov could only protest Marconi’s claims and carry on.
Popov’s naval employers took interest in his system and allowed him to start experimenting with ship-to-shore communications. By 1900 he had established a wireless station on an island in the Gulf of Finland that would process hundreds of official ship-to-shore messages and play key roles in the rescue of a stranded battleship and later fifty fishermen adrift on an ice floe.
It would seem that although Marconi was first to patent and will always be remembered as “The Father of Radio,” Popov played a critical role in the engineering of radio. He demonstrated the first receiver, developed the decoherer, invented the first practical antenna, probably conducted the world’s first wireless communication, and certainly used radio for the first time in a sea rescue. That’s a fair number of firsts in a time when they were being racked up at a furious pace, and not a bad legacy to leave. Nor are the fact that May 7th is celebrated as Radio Day in Russia, and that the International Telecommunications Union (ITU) has a huge conference room in their Geneva headquarters named after him.
Radio amateurs are inventive people, and though not all of them choose to follow it there is a healthy culture of buildng radio equipment among them. In particular the field of antennas is where you’ll find a lot of their work, because the barrier to entry can be as low as the cost of a reel of wire.
Over the years a number of innovative antenna designs have come from radio amateurs’ experimentation, and it’s one of the more recent we’d like to share with you today following a [Southgate ARC] story about a book describing its theory (Here’s an Amazon link to the book itself). The Poynting Vector antenna has been one of those novel designs on the fringes for a while now, it has been variously described as the “Super-T”, or the “flute”. Its party piece is tiny dimensions, a fraction of the size of a conventional dipole, and it achieves that by the interaction between a magnetic field across the plates of a capacitor in a tuned circuit and the electric field between a very short pair of dipole radiators. The trade-off is that it has an extremely high Q and thus a narrow bandwidth, and since its feeder can become part of its resonant circuit it is notoriously difficult to match to a transmitter. [Alan MacDonald, VE3TET] and [Paul Birke, VE3PVB] have a detailed page on the development of their Poynting antenna which takes the reader through the details of its theory and the development of their practical version.
In the roof space above the room in which this is being written there hangs a traditional dipole for the 20m amateur band. Though it is a very effective antenna given that it is made from a couple of pieces of wire and a ferrite core it takes most of the length of the space, and as we’re sure Hackaday readers with callsigns will agree a relatively tiny alternative is always very welcome.
IoT-ifying old stuff is cool. Or even new, offline stuff. It seems to be a trend. And it’s sexy. Yes, it is. Why are people doing this, you may ask: we say why not? Why shouldn’t a toaster be on the IoT? Or a drill press? Or a radio? Yes, a radio.
[Dr. Wummi] just added another device to the IoT, the Internet of Thongs as he calls it. It’s a Phillips MCM205 Micro Sound System radio. He wanted to automate his radio but his original idea of building a setup with an infrared LED to remotely control it failed. He blamed it to “some funky IR voodoo”. So he decided to go for an ESP8266 based solution with a NodeMCU. ESP8266 IR remotes have been known to work before but maybe those were just not voodoo grade.
After opening the radio up, he quickly found that the actual AM/FM Radio was a separate module. The manufacturer was kind enough to leave the pins nicely labelled on the mainboard. Pins labelled SCL/SDA hinted that AM/FM module spoke I²C. He tapped in the protocol via Bus Pirate and it was clear that the radio had an EEPROM somewhere on the main PCB. A search revealed a 24C02 IC in the board, which is a 2K I²C EEPROM. So far so good but there were other functionalities left to control, like volume or CD playing. For that, he planned to tap into the front push button knob. The push button had different resistors and were wired in series so they generated different voltages at the main board radio ADC Pins. He tried to PWM with the NodeMCU to simulate this but it just didn’t work.
In a somewhat ironic turn of events, he realised that he could just tap into the IR receiver wire and simulate an IR code being sent, directly to the wire. No light interference, and no “funky IR voodoo” this time.
Some Lua lines later and the radio was upgraded with a GET API that allowed to:
Phased array antenna systems are at the cusp of ubiquity. We now see Multiple-Input Multiple-Output (MIMO) antenna systems on WiFi routers. Soon phased array weather radar systems will help to predict the weather and keep air travel safe, and phased array base stations will be the backbone of 5G which is the next generation of wireless data communication. But what is a phased array antenna system? How do they work? With the help of 1024 LEDs we’ll show you.
It’s good to first review what phased array antenna technology has been used for in the past, where it is today, and where it is going, then we will show you how it all works.
The Military Industrial Complex: Pioneers in Phased Array Technology
Phased array technology was pioneered for military applications. The ever increasing speed of aircraft and ordnance after the second world war pushed the requirement for antenna sweep time from seconds to milliseconds.
The first full-scale phased array radar systems was the FPS-85, which is used for detecting and tracking space objects which by their very nature are fast moving.
Additional iconic examples of phased array radar technology include the SPY-1 phased array radar, PAV PAWS, and others.
The First Widespread Use of Phased Array Radar Technology for a Civilian Application:
To manage increases in air traffic and to consolidate numerous existing aging radar infrastructure, including most types of primary air traffic control radar and weather radar, the multi-function phased array radar (MPAR) system is under development and prototypes to be fielded soon. This will become one of the first (likely the very first) wide scale civilian deployment of phased array radar technology.
More Wireless Bandwidth for Your Mobile Devices
Key to the 5th generation of wireless systems (5G) is the use of phased array antenna technology, where individual wireless devices will be tracked by beams transmitted/received from the base station thereby enabling greater data bandwidths which are discretized into individual microwave beams.
Many WiFi routers now use Multiple Input Multiple Output (MIMO) antenna arrays for the purpose of reducing multi-path signal loss, which is quickly becoming more and more of a problem as data rates increase.
How Do Phased Array Antenna Systems Work?
How do you create a ‘beam of microwave energy’ and direct your receiver onto just the right point in space?
An excellent tutorial is presented here, but the key take away is that if we feed an array of antenna elements with the same microwave signal then we can use these elements to direct (or steer as it is commonly referred to) a microwave beam anywhere in space. This beam steering is achieved by the use of a phase shifter (or its equivalent) in series with each and every antenna element.
To make the above explanation more interesting and understandable, friends of mine at MIT Lincoln Laboratory created this direct visualization of how antenna arrays work (shown recently at the 2016 IEEE International Symposium on Phased Array Systems and Technology). It is almost as if you were to put on a pair ‘microwave goggles’ and looked into the antenna array!
A plexiglass duplicate of an actual phased array antenna system built by MIT/LL is stuffed with NEO Pixel LEDs. Each antenna element is illuminated by two NEO Pixels, where this is a dual-polarized phased array using one LED for vertical and another for horizontal polarization.
The color of each NEO Pixel is mapped to phase of what its respective antenna element should be to project a beam of microwave energy in any given direction and this beam pattern is plotted by the flat-screen monitor next to the array.
The brightness of each LED is proportional to transmit power out of its respective antenna element. The array supports amplitude tapering to synthesize low sidelobe beam patterns and numerous advanced array modes.
With this visualization system, you can manually move the antenna beam around with a joystick and view the lighted pattern and beam plots changing in real-time, providing an instant and intuitive understanding of phased array beam steering and beam patterns. Absolutely amazing!
Phased array antenna systems will play a central role in our modern lives facilitating greater wireless bandwidths, making airline travel safer, and weather prediction more accurate. Compelling visualizations like the array shown here will facilitate widespread understanding of electromagnetics and modern antenna techniques.
There was a time when electronic hackers (or hobbyist, enthusiasts, geeks, or whatever you want to be called) were better than average at geography. Probably because most of us listened to shortwave radio or even transmitted with ham radio gear. These days, if you try listening to shortwave, you have to be pretty patient. Unless you want to hear religious broadcasters or programming aimed at the third world, there’s not much broadcast traffic to listen to anymore
The reason, of course, is the Internet. But we’ve often thought that it isn’t quite the same. When you tuned in London on your homebrew regenerative receiver, you wanted to know where that voice was coming from, and you couldn’t help but learn more about the area and the people who live there. Tune into a BBC live stream on the Internet, and it might as well be any other stream or podcast from anywhere in the world.
The New Shortwave
Maybe we need to turn kids on to Radio Garden. Superficially, it isn’t a big deal. Another catalog of streaming radio stations. You can find plenty of those around. But Radio Garden has an amazing interface (and a few other unique features). That interface is a globe. You can see dots everywhere there’s a broadcast station and with a click, you are listening to that station. The static and tuning noises are a nice touch.
As for the other features, the site itself explains it best:
In the section on History you can tune into clips from throughout radio history that show how radio has tried to cross borders. How have people tried to translate their nations into the airwaves? What did they say to the world? How do they engage in conversation across linguistic and geographical barriers?
Click over to Jingles for a world-wide crash course in station identification. How do stations signal within a fraction of a second what kind of programmes you are likely to hear? How do they project being joyful, trustworthy, or up to the minute?
Then stop and listen to radio Stories where listeners past and present tell how they listen beyond their walls. How do they imagine the voices and sounds from around they globe? How do they make themselves at home in the world?
If you are an old shortwave fan, you might find this interesting. If you know a kid who might be turned to the dark arts of radio, show them the site. If you do get a kid hooked on radio, the next step is a cheap software defined radio. Of course, there’s not much to listen to on shortwave, so maybe you can try listening to public service radio, too.