Fullscreen HTML5Med Res (??MB)HTML4

Rolling Code Keyless Entry System Versatile IR unit also functions as an alarm Pt.2: By JOHN CLARKE Last month, we described the circuitry and gave the PC board assembly details for our new Rolling Code Keyless Entry System. This month, we cover the installation and setting-up procedures and describe the optional SOIC adaptor board, so that you can program the PIC micro out of circuit. H AVING COMPLETED THE RECEIVER board assembly, as described last month, it can be housed in a UB3-size utility box. As shown in the photo last month, it simply clips into place but first you will need to drill a hole in one end for IRD1, plus a hole in the other end for the external wiring. You will also have to drill matching holes in the lid for the Ack/Power and Arm LEDs (LEDs1 & 2). Now for the initial set-up. First, 62  Silicon Chip install a jumper link in the minus (-) position for LK2. This will set the Strike2 output to toggle mode (note: LK2 must always have a jumper connection, either to the “+” or “-” position). Leave jumpers LK1, LK3 & LK4 out for now. Next, set trimpots VR1 & VR2 to mid-range. These trimpots are later used to set the various time periods. Transmitter set-up At this stage, the transmitter is already partially set up because its identity is selected during construction. If the transmitter’s PIC microcontroller has not been programmed, then program it now via the ICSP connection. This connection can be made by soldering five leads to the transmitter’s ICSP pins and then connecting the other ends of these leads to a 5-way ICSP socket to plug into the PIC programmer. After the IC has been programmed, clip in the 12V battery and check that the green acknowledge LED lights when a switch is pressed. Of course, if you buy a complete kit, the PIC microcontroller (and the PIC in the receiver) will be supplied pre-programmed so you won’t have to worry about that last step. Testing the receiver The receiver can now be tested. First, with IC1 out of its socket, connect a 12V power source that can supply at least 60mA. That done, siliconchip.com.au Silicon Chip Binders REAL VALUE AT $13.95 PLUS P & P Fig.6: the test LEDs are connected to the receiver as shown here. Follow the procedure in the text to synchronise the transmitters and test the receiver. switch on and check that there is 5V between pins 14 & 5 of the IC socket. If this is within 10% of 5V (4.5V to 5.5V), switch off and plug IC1 into its socket, making sure that it is correctly orientated. Next, wire up the test LEDs as shown in Fig.6. These are all wired in series with 2.2kW current limiting resistors. Once the LEDs are wired up, apply power and check that the receiver’s power LED flashes briefly at about once per second. If it does, then so far so good. The transmitter must now be randomised and then synchronised with the receiver. Let’s now take a look at these two procedures. from operating your receiver. If randomisation is not done, there is the real risk that someone else’s transmitter that has also not been randomised will operate your receiver. To randomise a transmitter, simply connect pins 3 & 5 of its ICSP connector together and then press switch S2. The transmit LED will flash at a 1-second rate for the duration. Release the switch when you are ready after anywhere from several seconds to several minutes. The parameters are all altered every 40ms (that’s 25,000 times a second), so they will be different for each transmitter after even short presses. Randomising After randomising, the transmitter must then be synchronised with the receiver. To do this, disconnect pins 3 & 5 of the ICSP header and connect pins 3 & 4 together instead. That done, press and hold down S1 on the receiver and then press one of the switches on the transmitter. The transmit LED will now flash twice momentarily and the receiver’s Randomisation of the transmitter ensures that it uses a unique set of parameters to calculate the rolling code. This procedure is important because the original parameters programmed in are the same for every transmitter. Basically, you need to personalise the parameters to prevent another transmitter that has the same identity Synchronising Rolling Code Protection: Keeping It Secret As previously noted, the Rolling Code Keyless Entry System provides a high level of security because the transmitted code changes each time it is sent. However, to further improve security, we have also included code protection for both the transmitter and receiver. Basically, code protection prevents the program and data within the PIC microcontrollers from being read by a PIC programmer. As a result, the parameters used to calculate successive rolling codes are kept safe within the microcontrollers. In particular, this effectively prevents a transmitter from being “interrogated”, in order to make a duplicate transmitter that will operate the door lock. So while the hex files can be used to program the microcontrollers, they cannot be read back once programming has been verified. The parameters used for calculating the rolling code are then randomised in the transmitter using the set-up procedure already described. It is these parameter and rolling code seed values that are hidden by the code protection. siliconchip.com.au These binders will protect your copies of S ILICON CHIP. They feature heavy-board covers & are made from a dis­ tinctive 2-tone green vinyl. They hold 12 issues & will look great on your bookshelf. H 80mm internal width H SILICON CHIP logo printed in gold-coloured lettering on spine & cover H Buy five and get them postage free! Price: $A13.95 plus $A7 p&p per order. Available only in Aust. Silicon Chip Publications PO Box 139 Collaroy Beach 2097 Or call (02) 9939 3295; or fax (02) 9939 2648 & quote your credit card number. Use this handy form Enclosed is my cheque/money order for $________ or please debit my  Bankcard  Visa    Mastercard Card No: _________________________________ Card Expiry Date ____/____ Signature ________________________ Name ____________________________ Address__________________________ __________________ P/code_______ November 2007  63 Table 1: Strike1 Operation (LK1) LK1 Strike1 operates on + - Open Arm Only Disarm Only Arm & Disarm Table 2: Strike2 Operation (LK2) LK2 Strike2 operation + - Open Momentary Toggle Not valid Table 3: LK3, VR1 & VR2 Settings LK3 + - Open Operates when S1 pressed VR1 sets Strike1 period VR2 sets Strike2 period VR1 sets Input1 delay VR2 sets Input2 delay VR1 sets alarm period Notes 5V sets 64s 2.5V sets 32s 1.25V sets 16s 0.625V sets 8s 0.313V sets 4s 0.156Vsets 2s 5V sets 64s 2.5V sets 32s 1.25V sets 16s 0.625V sets 8s 0.313V sets 4s 0.156Vsets 2s 5V sets 128s 2.5V sets 64s 1.25V sets 32s 0.625V sets 18s 0.313V sets 8s 0.156Vsets 4s acknowledge LED will flash on and off at a 1-second rate until switch S1 on the receiver is released. Now remove the link between pins 3 & 4 on the transmitter’s ICSP header. Once that’s done, you should now find that the transmitter operates the receiver. If it doesn’t, try synchronising again and make sure that the IR receiver has a clear “view” of the transmitting LED. The above randomisation and synchronisation procedures must be done for each new transmitter. Note that a transmitter that has not been synchronised will not be able to operate its receiver, even if their rolling codes are the same. Note also that synchronising a new transmitter prevents the use of a previously synchronised transmitter that has the same identity. Next, press the main switch on the transmitter and check that the receiver’s Strike1 LED lights for about five seconds. The external Arm LED should also light, while the receiver’s on-board Arm LED should flash with an even on-off duty cycle. This flashing shows the exit delay. After about 20s, the exit delay should expire and the Arm LED should then flash briefly once per second. Now check the operation of the second (smaller) switch on the transmitter. This switch should toggle the strike2 LED on and off with successive pressings. Testing the alarm To test the alarm, arm the unit and short Input1 on the receiver to ground (0V) using a clip lead. The external alarm (ALRM) LED should light after 20s and should then stay on for 60s. You can check the operation of the delayed exit by arming the unit and momentarily shorting Input1 or Input2 to 0V during the exit period. The alarm LED should not light after the exit period has expired. Receiver options The receiver can be powered from a 12V DC plugpack or a 12V battery. When powered by a plugpack, make sure it can supply the necessary cur- Where To Get The Bits Suitable reed switch assemblies, door strikes and sirens are available from Jaycar and Altronics. The parts available from Jaycar include: (1) the LA-5072 normally closed (NC) reed switch magnet assembly; (2) the LA-5078 door strike; and (3) the LA-5255 and LA-5256 piezo sirens. Altronics has the following: (1) the S-5173 reed switch assemblies; and (2) the S-6120A or S-6127 siren. Altronics also stock two different door strikes – the S-5385 for wooden door-frames and the S-5387 for metal frames. Above right: door strikes are available from both Jaycar and Altronics. 64  Silicon Chip rent for the electric striker and an alarm siren if fitted. Many electric strikes draw around 800mA, so a 1A plugpack will be required. Note that the armed status is stored so that if power goes off, the armed or disarmed mode will be returned when power is reconnected. So if the receiver was armed when power was lost, then the armed mode will be restored when power is returned. When powering from a 12V battery, a charger should also be connected to maintain battery charge – see Fig.7. A 12V 350mA charger for sealed lead-acid batteries would be suitable. These chargers are fully automatic – they charge the battery when required and maintain full charge with a trickle current. Two suitable chargers are the Jaycar Cat. MB-3517 and Altronics Cat. M 8520. Depending on your application, Strike1 can be optioned to operate on arming, on disarming or on both arming and disarming. These options are selected using link LK1. Table 1 shows what each link connection does. You may also wish to place a small buzzer across the door strike connection to give an audible indication of door strike operation. The Strike2 output can be momentarily activated when ever the secondary switch on the transmitter is pressed. Alternatively, it can be toggled on or off with each switch pressing. Link LK2 selects these options. Receiver time periods Trimpots VR1 and VR2 are used to set the time periods for Strike1 & Strike2, the exit and entry delays for Input1 & Input2, and the alarm period. Link LK3 provides the means to set each time period – see Table 3. With LK3 in the “+” position, VR1 and VR2 set the strike period for Strike1 and Strike2 respectively. Table 3 shows the various voltages that VR1 & VR2 can provide to set the strike periods. These voltages can be measured at TP1 for VR1 and at TP2 for VR2. To set the strike periods, simply adjust VR1 & VR2 to the voltage settings required and press the synchronise switch (S1) on the receiver board. The delayed inputs (ie, the entry delays for Input1 & Input2) are set when LK3 is in the “-” position. Once again, it’s simply a matter of setting the siliconchip.com.au Calculating The Rolling Code The rolling code for the infrared transmitter comprises four start bits, a 48-bit code and four stop bits. A calculation comprising a multiplier and an increment value is used to generate the 48-bit code. First, you start with a number (called the seed), then you multiply this seed by the multiplier and then add the increment. The result becomes the next value for random code. Normally, if the calculation is continued, the random code will become larger and larger as we multiply and then add the increment value. However, this is prevented by limiting the actual seed value used in the calculation to a certain width – 32 bits in this case. In practice then, the 24-bit multiplier multiplies the 32-bit seed. The 8-bit increment value is then added and the result is limited to 48-bits by eliminating the more significant bits. This resulting 48-bit code is the code used for the rolling code transmission. In addition, the order of transmission for these bits is jumbled using an 8-bit scramble code with 32 possible combinations. The calculations do not necessarily produce random numbers but they do produce variations from one transmission to the next. However, in some cases, the result could converge to settle at the same value so it is important to check this and make sure the calculations do give diverging values each time. To do this, the result of each calculation is compared to the last value to ensure it is not repeated. If the result is the same as before, the duplicate code is not transmitted and a new calculation is made after incrementing the result. Subsequent calculations will then begin to diverge. Randomisation To avoid conflict, each transmitter must have a unique set of parameters for making the rolling code calculations. As a result, we have included a “randomisation” function, whereby the multiplier value, the increment value, the scramble value and the seed value are all changed in a relatively random way. There are 16.7 million multipliers available and 54 possible increment values. Together with the 32 scramble variations, these provide 29 billion different combinations. In addition, the minimum multiplier value is 8192 to ensure a significant change in value with each calculation. Even if two transmitters do end up with the same parameter values, the fact that the seed value is a part of the calculation means that you need to be within 200 values of the correct value in order to unlock someone else’s lock. The probability of this is 224 divided by 200 or one in 83,000. This is in addition to the one in 29 billion chance of having the same parameter values! There are up to 16 different transmitters that can be used with the one receiver and each transmitter uses a different set of seed, multiplier, increment and scramble values. The transmitter sends out its identification code that is embedded in the rolling code, so the receiver knows which set of values it must use in the calculation for each transmitter. When the transmitter is sending synchronising code to the receiver, it sends the 8-bit identifier, the 24-bit seed, the 24-bit multiplier, the 8-bit increment value and the 8-bit scramble values. The identifier value is also stored so that the receiver knows that this identity has been synchronised. An identity that has not been synchronised will not operate the receiver. Once the receiver has these parameters, the transmitter and receiver will remain in lock because they use the same calculation values. Fig.7: here’s how to connect the receiver in a typical installation. Note that you can use both NO (normally open) and NC (normally closed) sensors on the alarm inputs (Input1 & Input2). The battery charger keeps the battery topped up. voltages at TP1 & TP2 and pressing S1 to set the values. Finally, when LK3 is out, VR1 sets the alarm period (VR2’s setting is ignored). Just set the required voltage at TP1 and press S1 to program the period in. siliconchip.com.au Note that because pressing switch S1 programs in the timing adjustments, synchronisation will also alter the timing. This means that if you synchronise a transmitter to the receiver at a later date, you will have to make sure that VR1 & VR2 are in the correct positions for the LK3 option selected before pressing S1. In practice, this just means leaving VR1, VR2 and LK3 in their final positions after you finish the timing adjustments. That way, if you synchronise a transmitter later on, the last set November 2007  65 Fig.8: the IR receiver (IRD1) can be connected via twincore shielded cable as shown here. Above: you can buy both NO & NC reed switch assemblies. is included as a short cut to locking out all identities. If one transmitter is locked out and a second one also needs to be locked out, the power will have to be switched off and links LK1LK4 repositioned for that transmitter identity. The power must then be reapplied with S1 pressed. Once the lockout procedure has been completed, you must relocate links LK1-LK4 to their correct positions for the receiver functions that you wish to select. It is then best to test that everything is correct by pressing the switches on another (non-lockedout) transmitter and verifying that the receiver operates as expected. Undoing lockout Fig.9: here’s how to wire the two different sensor types (NO & NC) to the alarm inputs on the receiver board. timing values are simply reset to the same values. Arm output option Link LK4 sets the arm output option – see Table 4. When LK4 is in the “+” position, the Arm output is low on Table 4: Arm Output (LK2) LK4 + - Arm output low on Arm output open on arm, open on disarm arm, low on disarm Table 5: Receiver Lockout Selections Lockout Identity 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 LK1 LK2 LK3 LK4 + + + + + + + + - + + + + + + + + - + + + + + + + + - + + + + + + 66  Silicon Chip + + - arm and open on disarm. Conversely, when LK4 is in the “+” position, the Arm output is open on arm and low on disarm. It all depends on how you intend to use this output as to which option you choose. Receiver lockout Any transmitter that has been synchronised can later be locked out from operating the receiver. This is done by setting links LK1, LK2, LK3 & LK4 in the receiver and pressing switch S1 during power up. Table 5 shows the link options for each transmitter identity. Note that these link settings correspond exactly to the links used in the transmitter to set the transmitter identity When lockout is performed, the power LED flashes the identity number to indicate that the procedure has been successfully completed. So, for example, if you lock-out an identity 3 transmitter, the power LED will flash three times at a nominal 1s rate before a 4s break until S1 is released. When S1 is released, the receiver then operates normally but with the selected transmitter now locked out. If S1 is held closed, the cycle of LED flashing continues. At the end of the third cycle, all identities will be locked out and the power LED will stay lit until S1 is released. This feature It’s easy to get a locked out transmitter to operate the receiver again (ie, to unlock it). Just synchronise the transmitter with the receiver and all will be back to normal. Installation The Rolling Code Keyless Entry System is suitable for use in homes, factories and cars. Fig.7 shows how to wire the unit for a typical installation. Note that IRD1 must be shielded from direct sunlight, otherwise the reception range will be severely affected. In some cases, it may be necessary to connect the infrared receiver (IRD1) via extended leads using twin-core shielded cable (eg, if the receiver is mounted on one side of a wall but infrared reception is needed on the other side). Fig.8 shows how this is done. The two alarm inputs (Input1 & Input2) can be used in conjunction with reed switch magnet assemblies that change state when a door or window is opened or closed. You can use either normally closed (NC) or normally open (NO) types. As shown in Fig.9, NC types are connected in series, while NO types are connected in parallel. However, for best security use only one sensor per input. Alternatively, you can use a PIR detector or a glass breakage detector on one or both of the inputs. Errata: the PIC16F828A-20/SO specified for IC1 in the transmitter parts list last month should be a PIC16F628A-20/ SO. Also, IC1 on the receiver parts overlay (Fig.6) should be a PIC16F88SC I/P (not PIC18F88-I/P). siliconchip.com.au