Two wire remote control relays

[4pyros]

Dont forget mr pyro's to add some safety, maybe a password before a control word to set things off, you wouldnt want a taxi or police car radio to go letting stuff off uncontrolled, if your going to be using zip wire this is all the more important.

Yes for sure if I tried wireless WiFi.

 

[dr pepper]

Yes the problem with anything radio is there can be some wise guy who wants to show off and end up causing an incident, as well as innocent interference.

 

[4pyros]

We use some wireless firing systems that use a copy of the Xbee transceivers. They say its secure But I dont know how.
With WiFi I know you can set the security settings, but if the units do not have web pages how would a hacker know what to do with the modules unless they had the software used to control them anyway?

 

[canadaelk]

The Microsemi MT8870 DTMF receiver is US$1.20 in single lots and widely available. Not to bad! E

 

[dr pepper]

I maintain a couple of overhead cranes which are radio controlled, they are secure in respect that noone else without a coded transmitter can make them move, you could jam the signal easy enough, but not take over control.
I dont think hackers taking over the show is going to happen.

 

[4pyros]

The Microsemi MT8870 DTMF receiver is US$1.20 in single lots and widely available. Not to bad! E

Ok how about something for the transmitter end?

 

[4pyros]

I dont think hackers taking over the show is going to happen.

No but some states may want you to prove the security.

 

[canadaelk]

DTMF encoder: Holtek HT9200B, US$0.60, single lot at Futurlec! E

 

[heydonms]

We use some wireless firing systems that use a copy of the Xbee transceivers. They say its secure But I dont know how.
With WiFi I know you can set the security settings, but if the units do not have web pages how would a hacker know what to do with the modules unless they had the software used to control them anyway?

Don't think only about deliberate interference, but also accidental. A ham radio operator near (or not so near) your display site might start transmitting right as you push a button and flip just 1 or 2 bits in your command, now what is the command that was received? Would you even notice that it has happened? What if "disarm all" was received as "fire cue #7" and #7 happens to have a hang fire. You're now walking up to a mortar that you think is safe but could go off at any second.

If you are firing anything larger than a fountain I would suggest the minimum comms requirements would be checksums, read back (i.e. the controller sends a signal, the receiver sends back the same instruction to confirm, and then the controller sends a confirmation if the returned instruction matches what it sent originally) and a disarm command that can't be reversed over the air (i.e. to rearm you physically have to touch the receiver). Adding status indicators (so that the receivers can report continuity, armed/disarmed, etc. back to the controller) and full encryption would be even better.

You also shouldn't assume that because your system doesn't have a web interface that people can't mess with it deliberately. Look up "fuzzing", it is a common first step in hacking proprietary protocols, you just send lots of random data and see what happens. They could also sniff your traffic and reverse engineer the protocol. Neither of these things are particularly difficult to do to a non-encrypted radio signal and while there probably aren't that many people who are interested in doing this, it only takes one.

I would also advise against ethernet and particularly TCP. Complex addressing and switching setups, automatic retransmission, wifi clients that automatically roam to the strongest signal, it's just asking for trouble when you are controlling safety critical equipment.

 

[4pyros]

Fuzzing, that's a new one for me. Reading up now. Thanks

 

[dr pepper]

Fuzzing, is that like war dialling or war driving, sounds like something someone very needy would get up to.

I have been working on a protocol that includes error checking recently, and it communicates over 2 wires, but the application is completely different from yours mr pyro, its a slot car control system, in such a system noise is a problem, actually more like a joke, the pickup braids are sparking along the conductor rails constantly, transmitting data fast enough to race a car through the electrical roar is tricky.

 

[heydonms]

Here is a CAN bus fuzzing demo from a security conf I attended last year:

(the forum won't let me set the time, jump to 1:26)

If you are using a proprietary protocol the attacker won't have the benefit of readily available fuzzing software, but that is hardly enough to stop them. Give a half competent attacker a laptop and a SDR during one 4th of July display and then 12 months to work on reverse engineering the protocol and I'm sure they could write a pretty decent front end to take over the show next year.

Anyone know any 15 year olds who are good with computers and like fire crackers? Think they would like to see an entire 4th of July show fired in under 3 seconds?

Personally I would be much more worried about interference than deliberate attacks, but it would be silly to think an attack is out of the question.

 

[dr pepper]

Interesting, my wifes ex races bmw minis and has had someone do a similar thing so he can use a competition ecu to control the engine without loosing all the other cars electrics.
I can see the point in this, fiddling around with software for 12 months just in case the same firework people come back, you'd be unlucky, but I spose it could happen.
But not if your using zip wire, if you were really paranoid you could sense impedance changes in case there was some tampering, then theres security protocols that use rolling codes, microchip do a couple, but now were getting ott.

 

[4pyros]

Interesting, my wifes ex races bmw minis and has had someone do a similar thing so he can use a competition ecu to control the engine without loosing all the other cars electrics.
I can see the point in this, fiddling around with software for 12 months just in case the same firework people come back, you'd be unlucky, but I spose it could happen.
But not if your using zip wire, if you were really paranoid you could sense impedance changes in case there was some tampering, then theres security protocols that use rolling codes, microchip do a couple, but now were getting ott.

We do many shows year after year.
No one but the crew can get close to the fireworks for safety reasons so there is no way any one can physically tap into the wires.
But I have to wonder just how secure our wireless systems are.

 

[ChrisP58]

A few questions, 4pyros,

Do you need bidirectional communication, readback of status/circuit continuity, or just fire commands?
Do you need to power the system through the same cable, or just data with each box having it's own battery?
What would your preferred number of boxes, and channels per box, be?
How fast do you need to send fire commands? ie. shots per second?