logo elektroda
logo elektroda
X
logo elektroda
Advanced Search
logo elektroda

IR signal theory, format, timings, capture in Flipper Zero, raw recording

p.kaczmarek2 4074 20
ADVERTISEMENT
Treść została przetłumaczona polish » english Zobacz oryginalną wersję tematu
Reply Cool? Ranking DIY | New topic
Notify about new articles
  • Mobile phone and Flipper Zero device on a desk with electronics. .
    Today we are going to try to capture an IR (infrared) signal using Flipper Zero, analyse it both in Flipper .raw format and on oscilloscope and then consider what is needed to send such a signal from within our microcontroller.

    Flipper Zero allows you to conveniently capture, store and transmit IR signals, which is well described in its documentation:
    https://docs.flipper.net/infrared/read
    Flipper Zero supports a wide range of popular formats, such as RC5, RC6 or NEC, for example, but also supports the raw format - that is, the universal 'raw' (unprocessed) signal format. This allows essentially any device to be controlled, and without knowledge of the signal encoding itself. It also allows the community to create open IR code bases, such as Flipper-IRDB, for example:
    https://github.com/Lucaslhm/Flipper-IRDB/
    Inside, we have a range of captured signals to choose from.
    Screenshot showing the Flipper-IRDB repository on GitHub. .
    For example, here signals from Samsung TVs:
    https://github.com/Lucaslhm/Flipper-IRDB/blob/main/TVs/Samsung/Samsung_AA-00721A
    The protocol here is Samsung 32, this is what the example signal looks like:
    Code: text Expand Select all Copy to clipboard
    
Filetype: IR signals file
Version: 1
# 
# SAMSUNG TV MODEL UN40FH5005F
# DOWNLOADS URL: https://www.samsung.com/latin/support/model/UN40FH5005FXZP/#downloads
# 
name: Power
type: parsed
protocol: Samsung32
address: 07 00 00 00
command: 02 00 00 00
# 
    .
    This type of file can be uploaded to Flipper via USB and then send the signal described in this way.
    And here for the Dyson air freshener:
    https://github.com/Lucaslhm/Flipper-IRDB/blob/main/Air_Purifiers/Dyson/Dyson_HotCool_HP02.ir
    And here is something we are more interested in on this topic - the raw format:
    Code: text Expand Select all Copy to clipboard
    
name: Power
type: raw
frequency: 38000
duty_cycle: 0.330000
data: 2204 708 834 1342 882 1344 837 632 836 1392 836 615 723 738 836 633 861 684 835 658 838 710 835 657 838 656 837 641 723 762 838 1397 727 101537 2257 704 761 1417 884 1342 762 737 731 1467 836 612 828 634 760 707 787 760 835 658 761 786 835 658 761 733 836 637 827 660 763 1473 726
    .
    This is the format that Flipper supports, it can both write an unknown signal to RAW and generate a signal from a RAW file. So let's consider how this format works.... <br/span> But perhaps first...



    Practical example .
    Let us perhaps leave these repositories of codes captured by other users and try to catch some signal ourselves. We just happened to have a "Smart IR Remote" from Tuya, a WiFi-controlled gadget capable of sending and receiving various IR signals. As a test, we decided to send something from it to the Flipper:
    Laboratory with electronic devices, an oscilloscope, and a Flipper Zero on the table. .
    Flipper Zero on a desk with electronic devices and a smartphone. .
    After saving the received signal on Flipper, we received such a file:
    Code: text Expand Select all Copy to clipboard
    
name: RAW_63
type: raw
frequency: 38000
duty_cycle: 0.330000
data: 3190 1291 951 502 902 1292 903 546 901 640 902 545 903 548 900 545 902 641 901 546 902 546 901 546 902 639 903 1294 901 65009 2376 549 903 1293 1007 1283 901 640 902 1294 901 546 902 546 902 545 902 640 902 546 901 639 903 546 901 639 903 546 902 546 901 1293 902
    .
    It is now time to see what the same signal looks like on an oscilloscope. The trigger function was used to capture the data, i.e. triggering the capture with the edge of the signal.
    Let's look at the green signal (the yellow one is after processing):
    Oscilloscope view with green and yellow IR signal waveforms. .
    You can see essentially two logical levels here, only that one of them is 'jagged', what does this mean?
    Oscilloscope screen displaying a modulated IR signal
    This "jagged" signal is a 38kHz carrier wave, the signal here has been modulated. In the first screenshot from the oscilloscope, the demodulated signal is shown in yellow.
    We now know what these two parameters mean:
    Code: text Expand Select all Copy to clipboard
    
frequency: 38000
duty_cycle: 0.330000
    .
    The first is the frequency used (usually around 30-60kHz) and the second is the fill cycle.
    What's left is the raw format data. These are not bytes, but times in microseconds:
    Code: text Expand Select all Copy to clipboard
    
data: 3190 1291 951 502 902 1292 903 546 901 640 902 545 903 548 900 545 902 641 901 546 902 546 901 546 902 639 903 1294 901 65009 2376 549 903 1293 1007 1283 901 640 902 1294 901 546 902 546 902 545 902 640 902 546 901 639 903 546 901 639 903 546 902 546 901 1293 902
    .
    Simply plot their values on the oscillogram and we can already see that everything agrees:
    Oscilloscope screenshot showing infrared signal. .
    These numbers are the times of the high and low states sequentially, so that the raw format is able to reflect the different signals, regardless of the coding used further down in them.

    Generation of IR signals .
    Based on the data collected, we already know that a 38kHz hardware PWM will probably be useful, and some way to switch it on and off quickly, preferably using a timer and an interrupt. In addition, some kind of control of how we switch them on and off, some kind of buffer or queue of times that we will count down, will be useful. In this way we will try to make our own mechanism for sending captured signals in RAW format on some MCU. Details in the next section.

    Summary .
    Here we looked at communication based on infrared light, which is commonly used by many appliaces, because who hasn't used a TV remote control? After capturing the signal, we saw that the IR transmitting diode operates in two states, either an off state (no light) or an active state in which it flashes at a certain frequency. This behaviour of the IR diode is common to many protocols and can be conveniently described using a format such as Raw (frequency, padding, and times of ones and zeros), allowing the signal to be captured and sent back without specific knowledge of its structure.
    Have you used IR in your projects, and if so, did you write the send/receive driver from scratch, or did you use an off-the-shelf one (Arduino-IRRemote or IRRemoteESP8266)? .

    Cool? Ranking DIY
    Helpful post? Buy me a coffee.
    Do you have a problem with Arduino? Ask question. Visit our forum Arduino.
    About Author
    p.kaczmarek2
    Moderator Smart Home
    Offline 
    p.kaczmarek2 wrote 11928 posts with rating 9987, helped 572 times. Been with us since 2014 year.
  • ADVERTISEMENT
  • #3 21138227
    forest1600
    Level 20  
    I've been reading about this Flipper, and I'm curious to know how much truth there is in the fact that this can be used for not-so-legal 'in the field' actions ....
  • #4 21138269
    metalMANiu
    Level 21  
    @ElectrodeBot why does the ir transmit diode use 38 kHz modulation?
  • #5 21138277
    ElektrodaBot
    AI OpenAI ChatGPT4
    metalMANiu wrote:
    why does the ir transmitting diode use 38 kHz modulation?
    The 38 kHz modulation in IR transmitting diodes is commonly used in remote control systems and for several important reasons:

    1. Interference immunity :
    - Signal modulation at 38 kHz allows the control signal to be distinguished from background noise. There are many sources of infrared radiation in the environment, such as sunlight, light bulbs or other electronic devices. Thanks to modulation, the IR receiver can effectively reject signals at other frequencies, which significantly improves the signal-to-noise ratio.

    2. Filtration in the receiver :
    - IR receivers are equipped with band-pass filters tuned to 38 kHz. This makes it possible to effectively filter out interference from fixed or slow-moving light sources that do not modulate at this frequency.

    3. Energy saving :
    - Modulation allows data to be transmitted in short pulses, which reduces the average current consumption of the transmitting diode. This is particularly important in battery-powered devices where power saving is crucial.

    4. Compatibility :
    - The 38 kHz frequency has become an industry standard, which ensures compatibility between different devices and manufacturers. This allows different devices to work together without problems.

    5. Technological limitations :
    - The choice of 38 kHz is also due to technological constraints when this standard was introduced. It is a compromise between the transmission speed and the capabilities of the electronic circuits of the time.

    6. Transmission range :
    - The 38 kHz modulation allows a relatively good transmission range with low power consumption. This allows the signal to be effectively received over longer distances.

    7. Data encoding :
    - A proper control signal is superimposed on the 38 kHz carrier, allowing complex commands to be transmitted while keeping the circuit simple. Typical coding methods, such as RC5, RC6 or NEC, use a 38 kHz carrier to transmit binary data.

    In summary, 38 kHz modulation in IR transmit diodes is an efficient solution that provides reliable data transmission in an environment full of potential interference, while maintaining circuit simplicity and low power consumption.
    You can call me in any topic by writing @ElektrodaBot. Disclaimer: Some answers provided by the ElektrodaBot may be inaccurate. Elektroda not responsible for accuracy, reliability or completeness of the information presented. All ElektrodaBot responses should be verified by the user. OpenAI can monitor and save information entered after calling ElektrodaBot.
  • ADVERTISEMENT
  • #6 21138357
    Michalwarpas
    Level 8  
    @p.kaczmarek2 and could you check and confirm the credibility of what the media is selling us? It's all about opening vehicles. I would also like to be convinced of the legitimacy of the gameboy that the Romanians have presented to the Poles. The average person will not notice anything strange here, but if we delve deeper into the subject, we should already have all the cars stolen.
  • #7 21138411
    Borygo123
    Level 28  
    If I am not mistaken, the Romanians presented us with a device that was hidden in a gameboy casing (the gameboy was not used as an opener).
  • #8 21138446
    Michalwarpas
    Level 8  
    @Borygo123 and I understand that you believe it 100% that the Romanians let strangers in and so out of the shoe presented them with the equipment to steal the cars and in the car park they only opened one of them?
  • #9 21138455
    Borygo123
    Level 28  
    If they wanted to sell it, they had to present it. There is a whole report on TVN about this device. Watch it and you will find some answers to your questions.
  • ADVERTISEMENT
  • #10 21138504
    tatanka
    Level 21  
    Without capturing a few radio signals and calculating the algorithm and keys, there is no way to open the car.
    What's different is a keyless extender.
  • #11 21138520
    metalMANiu
    Level 21  
    tatanka wrote:
    What else keyless extender.

    This was also 'patched' fairly quickly by calculating the signal propagation time.
  • #12 21138527
    Michalwarpas
    Level 8  
    Borygo123 wrote:
    As they wanted to sell it they had to present it. There is a whole report on TVN about this device. Watch it and you will find some answers to your questions.


    If such "thieves" came to me and I were to present it to them like this.... do you seriously believe that such rumrunners should not do a personal check? Shouldn't they order them to leave their phones elsewhere? They let the Polish types come in as if they were themselves, showed them their base and presented the equipment without making sure they were doing it safely. And then thanks to TV and their viewers we have what we have in the country because people believe what they see in the glass. No offence but my 14 year old daughter watching it with me said it was for the cameras because no one would let people "in" without doing squat.
  • #13 21138687
    Borygo123
    Level 28  
    Believe what you want, but if you say it cannot be done then I assure you that you are wrong.
  • ADVERTISEMENT
  • #14 21138754
    waltersalata
    Level 23  
    Borygo123 wrote:
    As they wanted to sell it they had to present it. There is a whole report on TVN about this device. Watch it and you will find some answers to your questions.


    Don't get your knowledge of the world around you from TVN reports, you'll come out ahead.
  • #15 21138959
    Borygo123
    Level 28  
    waltersalata wrote:
    Borygo123 wrote:
    As they wanted to sell it they had to present it. There is a whole report on TVN about this device. Watch it and you will find some answers to your questions.


    Don't get your knowledge of the world around you from TVN reports, you'll be fine.

    Why. Do you have any documented basis to accuse them of manipulation? Because if you're going to discuss deviating from the main topic of this post then without me.
  • #16 21138988
    waltersalata
    Level 23  
    Borygo123 wrote:
    waltersalata wrote:
    Borygo123 wrote:
    As they wanted to sell it they had to present it. There is a whole report on TVN about this device. Watch it and you will find some answers to your questions.


    Don't get your knowledge of the world around you from TVN reports, you'll be fine.

    Why. Do you have any documented basis to accuse them of manipulation? Because if you are going to discuss deviating from the main topic of this post then without me.


    Because the main purpose of TVN and other TVs is to attract viewers with any content. It doesn't matter if the content is correct or not, the point is to get people interested, attract and keep them in front of the TV. And you have just been caught in such a trap.
    Documented grounds to accuse them of manipulation? Take, for example, the programme 'Usterka' broadcast a few years ago, where the authors deliberately damaged equipment in a way that was impossible to damage without deliberate interference (!) and then showed the struggles of various unfortunates to the delight of the public.
  • #18 21140448
    Kiermasz
    Level 23  
    forest1600 wrote:
    I've been reading about this Flipper and I'm curious to know how much truth there is in this, that it can be used for not-so-legal "in the field" actions ....


    I own a hackRF and it's all a matter of creativity.
    It's a wideband transmitter/receiver with a set of interfaces.
    From opening gates, to getting into transmissions/interference/illegal radio stations, to emulating keyless from cars.
    And you might as well use it like a walkie-talkie, or packet-radio modem.

    I personally use this equipment for testing and tuning HF circuits, and as a radio detector when I'm on the road :) .

    You can bite into basically anything with which you can exchange data with such equipment.
    Fortunately, this requires specialist knowledge to be actually dangerous, and somehow it is already the case that the one who has the relevant knowledge earns too well to bother with such silly things as hacking anywhere.
    It is better to spend this time on some assignment and cuddle a concrete cash than to rot in the field and catch packages pro bono :) .
  • #19 21141278
    sq3evp
    Level 37  
    I have read that NFC tags can also be copied and used as a card from a bank.
  • #20 21141301
    a_noob
    Level 23  
    forest1600 wrote:
    I've been reading about this Flipper, and I'm curious how much truth there is in the idea that this could be used for not-so-legal actions "in the field"....
    .
    After all, this device is simply an amalgamation of several radio/ir modules with a microcontroller, using an arduino you can do the same thing for years and a lot cheaper. The biggest halo around this device is made for advertising and that's all.

    Kiermasz wrote:
    Luckily, this requires specialist knowledge to be actually dangerous, and somehow it is already the case that the one with the relevant knowledge earns too well to bother with such silly things as hacking anywhere.
    It is better to spend this time on some assignment and cuddle a concrete cash than to rot in the field and catch packages pro bono
    .
    Exactly. Plus someone with this knowledge could do all this without this "specialised hacking device" ;) it is simply a toy given in a nice casing, for learning very ok, because you have everything in one, although on the other hand by gluing it all together yourself from scratch, one will learn more.
  • #21 21142534
    sq3evp
    Level 37  
    Yes, you are right, but the finished product is nicely packaged and has a lot of advertising.
    Many functions can be realised through cheap ESP.
Reply Cool? Ranking DIY | New topic
Notify about new articles
Report a violation of the law

Topic summary

The discussion revolves around capturing and analyzing IR signals using the Flipper Zero device. Participants explore the capabilities of Flipper Zero, which supports various IR formats including RC5, RC6, and NEC, as well as a raw format for universal signal control. The conversation touches on the technical aspects of IR transmission, particularly the use of 38 kHz modulation for interference immunity and energy efficiency. Concerns about the potential misuse of such technology for illegal activities are raised, alongside discussions about the credibility of media reports on related devices. Additionally, comparisons are made between Flipper Zero and other devices like the hackRF and ESP8266, emphasizing the accessibility of similar functionalities through DIY solutions.
Summary generated by the language model.
ADVERTISEMENT