Sending the first LoRa frames

I haven’t had much time to blog lately because I got a new job designing software for subsea embedded devices. So let’s recap what I’ve been doing with my LoRa transceivers.

First of all, those tiny boards that I bought are not really handy to use. There exists an arduino LoRa shield called Dragino which is a bit more expensive but in the end it’s really worth to buy some of those. Plug and play is really the way to get things done if you have little hobby time.

It took a bit of time and reading the schematic to figure out the the pins used by the Dragino shield. To save you a few minutes, here they are:

// Pin mapping
const lmic_pinmap lmic_pins = {
    .nss = 10,
    .rxtx = LMIC_UNUSED_PIN,
    .rst = 9,
    .dio = {2, 6, 7},
};

This can be used with the lmic (LoRaMac-in C) port to Arduino. I tried the “raw” example and got two modules to talk to each other without problems. In the screenshot you can see a waterfall of a LoRa frame being sent (totally oversteering the SDR and generating ghost images).

Another thing I tried was on-off keying (OOK modulation) and frequency shift keying (FSK modulation) using the digital IO pin for the keying. However that was less than successful. If somebody reading this has been experimenting with this, please let me know in the comments.

The next step will be using my own functions to transmit and receive LoRa frames, because I don’t want to keep using an entire library for something that simple. Then I will make a short tour in cryptography. That will be interesting too because it is not easy to implement a good encryption scheme if you’re not a specialist. However I will make a good effort, document everything here (except the actual keys), and if I fail, people will be able to read the temperature in my garage.

PS: kudos to https://tohtml.com for providing an easy way to put source code into an html document. Will use again.

Inspectrum

I have implemented a feature for inspectrum, a tool similar to baudline but it holds much more promise (I don’t think baudline is still being developed, and the source code is not available). It is still in the early stages, but it can already be used to investigate radio signals.

If you want to show a spectrogram, there is a trade-off you can make between time resolution and frequency resolution. This is achieved by changing the window function of the fft. You can see the result in the next images.

The fft window is wide, resulting in good frequency resolution (see the unmodulated part of the signal), but bad time resolution (you cannot see what is happening in the modulated part).

The fft window is narrow, resulting in bad frequency resolution (see the unmodulated part of the signal), but good time resolution (you can see the frequency shift keying modulation).

My version adds the time resolution and beta sliders. The beta parameter is a parameter of the kaiser window I used. Together, they allow you to fine-tune how the spectrogram displays the signal very nicely. The window shape can be seen in the widget below the two sliders. Hopefully the changes will soon be merged into the main inspectrum branch. Until then, it can be found here.

In case you are wondering: the signal is a frame sent by a remote control of a miniature drone. As the transmitter is turned on, you see that the frequency needs to stabilize first. Then the signal starts to shift between two frequencies, sending the data at about 1mbps. The data is captured with a USRP B200 at 32msps in the 2.4GHz band.

Podcasts

In the morning, before life starts, I like to listen to a podcast while drinking a coffee and emptying the dishwasher. For this I use an app called Podcast addict on my cellphone. There are three podcasts I subscribe to:

Embedded.fm

Website: http://embedded.fm/

Hosted by Elecia White and Christopher White, this podcast talks a lot about engineering and in particular software engineering. They often have very interesting guests. This podcast is a very valuable resource if you are active in the embedded business.

The Amp Hour

Website: http://theamphour.com/

The Amp Hour is hosted by Chris Gammell (Contextual electronics) and Dave Jones (EEVblog). Where embedded.fm deals more with the software side, this podcast will focus more on the electronics side. They supplement each other very nicely. Also, they have been guests on each other’s shows and even have done a Christmas special together.

The infinite monkey cage

website: http://www.bbc.co.uk/programmes/b00snr0w

This BBC4 show with Brian Cox and Robin Ince deals with scientific topics in a popular manner. It’s easy to listen to and very entertaining. They have a panel consisting of some experts on the topic at hand, and a comedian to lighten things up.

Getting started!

Today I got one of the Lora-modules hooked up to a breadboard. This took much more effort than it should have. If you want to buy some of these modules, I would recommend getting a version that has a 2.54mm pin spacing (if those exist), not metric 2mm ones. That should make things much easier when prototyping. Also make sure you know the pinout of the module. My seller didn’t include it. After some googling, I found the pinout of a board that looked suspiciously like mine, and visual inspection showed that the VCC and GND pins matched. Probing also showed that NSS matched, after which I just assumed that all the rest matched too.

I also added a 8 pin voltage level shifter module (bought on Ebay) to interface the 3.3V SX1278 to the 5V Arduino Uno. Unless I overlooked something in the datasheet, the I/O pins of the SX1278 are not 5V tolerant.

SX1278 hooked up to Arduino

Continue reading

LoRa PHY layer

I serendipitously stumbled upon a great talk from last year’s CCC congress by Matt Knight. It delves into the PHY layer of LoRa and he explains how the protocol was reverse engineered. Impressive work, and very educational! It also means that I will probably be able to use an SDR for testing.

 

Update

It’s been a while since I last used my blog. This is wrong, because it is a great way to document my experiments. Making it public can (possibly) help others on the same journey, but more importantly I can fall back to it at a later time.

Therefore, my new years resolution for 2017 is to use my blog more. More specifically, I intend to use it to document my ventures into LoRa-land, an exciting new radio protocol for low power communications. So there, now I only need to follow up on my promise!

I bought two LoRa modules from Ebay. once I got them, I realized that the pin header has a 2mm pitch instead of the standard 2.54mm. My first quest will therefore be to interface it somehow to a breadboard…

 

FOSDEM 2016

FOSDEM is an event I don’t want to miss. This year, I planned well in advance what talks I wanted to see, and it really payed off. With more than 600 talks in just 2 days, and up to 20 concurrent events, it is very naive to just arrive and figure out what you are going to do on the spot. I’ll just give a short impression of the talks I attended.

Continue reading

100 000 Questions answered

Today, the HAREC trainer on my site has reached a hundred thousand questions answered. Taking into account that this is just a small application I made to test my knowledge before taking the exam, and the limited audience (Dutch-speaking Belgians interested in becoming a HAM operator), and the fact that I don’t advertise its existence, I’m very impressed.

I have no idea who’s using it, and I don’t really feel a need to (although I sometimes am just a tiny bit curious how people find the site). I specifically designed it so you can use it without the need to create an account, enter your e-mail address and all that. If it helps you getting a licence, that’s the most important. But if you want to say hi, just leave a comment.

If you want to join a radio club, I can recommend the Radio Club Leuven, where I can be found most Friday evenings. Feel free to buy me a drink ;-).

Update: Since it is becoming so popular, I have begun to analyze the statistics, to locate the errors in the database (those errors come from the BIPT database itself). The progress can be seen on the wiki page here.

A dirt cheap “spectrum analyzer” with an RTL-SDR dongle.

Update: There used to be an error in the schematic, R2 was missing. It is needed to work correctly.

Frequency response of the 137MHz filter

Frequency response of the 137MHz filter (don’t mind the spurs)

If you want to see the frequency response of a filter, a spectrum analyzer with a tracking generator will be the tool of the trade. There’s only one problem: I don’t have one. An alternative is to hook up an RF signal generator, measure the output power of the filter with a power meter at multiple frequencies, and plot the result manually. But here too I have a problem: I don’t have a signal generator. Or a power meter. Besides, it’s a lot of work. So when I wanted to test a 137MHz bandpass filter, at first I didn’t think it would be possible. Fortunately I found a way that works reasonably well, and cost me nothing.

Using an RTL-SDR dongle, you can sample a piece of the spectrum up to 2 or 3MHz wide at a time. That’s not really enough for use as a spectrum analyzer. However, what you can do is to make the dongle hop from one frequency to the next, and make a composite spectrum. There is software that does just that: rtlsdr-scanner. This is fine if you want to scan the bands to spot interesting frequencies, but I still can’t measure filters with it.

If only I had a transmitter that transmits at every frequency: I could pass it through the filter and see what remains at the other side! Something like a wideband noise generator. After asking Google, it turns out that generating such noise is quite easy: a diode, when operating at the reverse breakdown voltage, generates a fair amount of noise, hundreds of megahertz wide! Then it’s just a matter of blocking the DC voltage with a capacitor, and there you have it, you are now the proud owner of a noise source! You then send this noise through an amplifier stage, but I used the amplifier of the dongle instead (I can set the gain between -1 and +42dB). Not ideal, because there are lots of other signals picked up too, but changing a slider in software is much less work than making a wideband amplifier. I also added an extenal 6dB attenuator immediately after the noise source to get better impedance matching to 50Ω.

A current source (D1, D2, R1 and Q1) feeding a zener diode. Any diode will do really, just make sure the breakdown voltage is reached. R1 determines the current (there's a 0.6V drop over the resistor so i=V/R). R2 value is not critical, 10k-100k is fine.

A current source (D1, D2, R1 and Q1) feeding a zener diode. Any diode will do really, just make sure the breakdown voltage is reached. R1 determines the current (there’s a 0.6V drop over the resistor so i=V/R).
R2 value is not critical, 10k-100k is fine.

The setup is now ready for prime time. When I turn on the noise generator, the noise floor of the dongle increases by 30dB around 130MHz. So far so good. I set the start- and stopfrequencies to 125MHz and 150MHz, and do a sweep. I repeat the measurement with the filter in between, and save both sweeps. Then in Tools->Compare, I can subtract the two signals. This sets the noise level as the 0dB reference. The result is seen in the image at the top (the “difference” scale is at the right, the left scale is not used as the two individual plots are hidden).

Apart from the spurs, the technique works quite well! It sure has limitations, but so does a professional spectrum analyzer. The difference is that with this dongle, you bump into them a lot sooner. Well, ok, almost immediately. The biggest problem is the dynamic range. If your dongle measures 30dB of noise from the noise source, it means that after 30dB of attenuation, you have nothing left to measure. So while you can get accurate readings of the filter loss at the passband (2.5dB in this case), you’ll hit the noise floor of the receiver before you reach the stopband attenuation of the filter. Also, the ADC of the dongle is 8 bit, so the difference between the largest and the lowest possible sampled voltage (the dynamic range of the ADC) is 20*log(256) or 48dB. Even if you can increase the noise level, you are limited by this 48dB. You could start playing with changing the amplification of the LNA, a bit like High Dynamic Range Imaging. Maybe this could improve the range, maybe it will block the receiver. In any case, the first improvement should be to make the noise source better. Both the amplitude and the frequency range. at 100MHz I get roughly 30dB noise increase, but at 640MHz I only have 10dB left. that means that I have almost no dynamic range at that frequency.

Another problem is that the noise floor of the dongle isn’t flat. It’s more like the Alps. So the dynamic range varies, and you may see some bumps in the frequency response that aren’t really there, it’s just the noise of the receiver itself. If you have a dongle you can see the bumps yourself by setting full LNA gain and doing a large sweep with no antenna connected. You’ll see the power spectrum go up and down, and all kinds of spurs will show up. If you take a look at the FM broadcast band around 100MHz, you’ll see the signals leak through. This device is designed to do the job it’s meant to do at the lowest price point possible, not to have the best shielding and superb RF performance.

Nonetheless, there’s a lot to experiment with. What I’ve shown here is just the results of a few days of hacking. There’s definitely improvements that can be made, both in software and in hardware. So just make yourself a noise source and start playing!

Oh, and if you’re wondering what the filter is used for: it’s for improving NOAA weather satellite reception with a dongle. With these receivers it really helps a lot when the strong signals at other frequencies are removed first.

References:

Spam fail

This blog has always attracted some spam. In the beginning it was small enough to delete by hand, but it has grown to the point that I installed a plugin called Akismet. It works fine, but since nobody has ever commented on any single article I wrote, it could be having a lot of false positives, or at the worst case it could simply mark every comment as spam. I just don’t know.

So I took a look at the spam messages, and I came across this small jewel:
{
{I have|I’ve} been {surfing|browsing} online more
than {three|3|2|4} hours today, yet I never found any interesting article like yours.
{It’s|It is} prety wortth enough for me. {In my opinion|Personally|In my view}, if all {webmasters|site owners|website owners|web owners} and bloggers made good
content as you did, the {internet|net|web} will be {much more|a lot more} useful than ever before.|
I {couldn’t|could not} {resist|refrain from} commenting.
{Very well|Perfectly|Well|Exceptionally well} written!|

Etc, etc… It goes on for another 25kB.

It seems like this spammer is even too stupid to correctly install his software. I don’t think a simple facepalm is going to cover this one. We’ll need a double facepalm!