Reverse engineering a wireless burglar alarm

Posted on Monday, July 1st, 2013 in digital radio data, hacks, reversed, RF, wireless by the machinegeek

Cybergibbon has been working on reversing the digital protocol used by a wireless alarm system he recently acquired. He began by observing the alarm sensor’s signal using first an RF Explorer, then using RTL-SDR and SDR# to record the signal, which he analyzed with Audacity. Next, he cracked open the sensor itself to investigate the circuit, finding a TI CC1150 transmitter. From there he analyzed the SPI signal between the sensor board’s MCU and the CC1150, with the ultimate goal of developing a circuit and code to emulate the alarm sensor’s RF output.

You can find the eight steps (and counting) in this odyssey at Cybergibbons’ blog.

Via the contact form.

This entry was posted on Monday, July 1st, 2013 at 4:54 am and is filed under digital radio data, hacks, reversed, RF, wireless. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Recent Comments

  • William Brodie-Tyrrell: It's getting to the point where it's cheaper and definitely easier to use a Pi Zero or similar and a $20 3G USB dongle. Power...
  • KH: IIRC most of the actual operating system of modern HDDs is in one of the platter(s); the stuff on the 25VF010 is a bootup firmware......
  • Trev: I don't know of any inexpensive 3G modules (prices start around $US 50), but it does explain why 2G modules are relatively inexpensive by comparison....
  • Zonie: This site Rocks!
  • Chia: Please and Thank You