A journey in Home Automation

A while ago, after dabbling into automating some of my chores and looking into the possibilities, I stumbled into the domain of home automation. It grew on me quickly and soon I found myself sourcing parts in different countries and splicing them together in various ways as means to various ends. And it was fun, too! I then decided to put all my ideas into one place, to document the process and make a sort of work log of it, so I could recover from failure quickly. Remember that setting you just ‘’had to’’ get right in order for your system to work just right, that you looked for online for over two hours? Well, you sure won’t in a couple of months. Better write it down somewhere! Or so the reasoning went.

However, between deciding to do something and actually doing it there is sometimes that period of time that goes by when you have to do other things, not necessarily more important but more urgent. And so my ideas went on hold. I read, I experimented and I failed, then I read again and tried again and in the end I decided I could do more than just a worklog, and actually write some articles about the whole shebang. Sure, I’m no expert, but I believe those who are keep the knowledge to themselves because this business is quite lucrative. I do have some experience with microcontrollers though, and with setting up various control systems, as well as a background in telecommunications and software programming, and this is what I’d be doing if I could do whatever I wanted, so why not take a crack at it? So the idea stuck and I decided to write and post the articles on devtome so people could actually see them.

So without further ado, here is an introduction and an outline of Home Automation for the not-necessarily-technically-inclined. Chapter 2 deals with the technical overview and cloud security issues, as well as an overview of current technology and how it fits into the theoretical schema. Chapter 3 compares a couple of simple, off the shelf light control systems while Chapter 4 takes steps further and designs a simple home automation system from parts.

As day jobs are notorious in gobbling up time, though, and the realm of home automation is but a hobby to the author, the following information will arrive in sets which will be linked below as they are written. Bookmarking this page and checking back often is highly recommended!

Table of contents:

Chapter 1 - Overview, state of things and possibilities

Chapter 2 - Basic theory, cloud security and examples

Chapter 3 - A (theoretical) home automation system

Chapter 4 - A simple home automation system

Chapter 5 - A practical example using Tasker

You Are Here:

Chapter 2 - Basic Theory and Security

This is another installment in the Home Automation series of articles for the Devtome. The first part has dealt with the beginning, the history and overview of Home Automation as a principle and some of the technologies involved; this second part deals with the usual automation system - theoretical approaches and security issues that crop up.

One of the biggest problems in the Home Automation area is that it’s a complex field that is difficult to understand wholly. Fortunately, there’s no need to have the complete picture at first in order to be able to build. The modularity and interchangeability of modern equipment means that we can start small and build up, rather than do it the way it used to be in the 90s - plan everything ahead and get locked into a system once it is built.

This has multiple advantages, flexibility being just one of them. As I am not a fan of running wires unless absolutely necessary, no drywall is coming down for any of the builds in this series of articles. Some people might also require hidden enclosures, or custom made fixtures; others might just dislike wires as I do while others still might just not want to commit to one technology and one layout. Whichever the reason, the builds in this series of articles are mostly wireless in nature, which renders them very flexible and suited to testing and making adding and removing sensors and actuators a breeze. Thus, after everything is functional the enthusiast can decide what to do with the automation equipment.

The Theory

This being said, let’s move on to the actual building of a home automation system. For this, three parts are needed.

  • sensors, switches and actuators: these are the things that do the work for you, automatically. They carry out your commands and monitor various parameters: light levels, humidity, temperature. They come in various flavors and are priced accordingly: as low as $10, and going up into the hundreds of dollars.
  • a transceiver: something that talks to the before mentioned peripherals. Most smart switches, or bulbs, and various monitoring equipment use a variant of radio protocol for communication, and you need something that can talk to them. For example, the Philips Hue lights use an open standards protocol called ZigBee Light Link so they require a bridge that converts your commands into the ZigBee protocol to communicate to the lights. Other equipment uses different protocols and some even use WiFi for interoperability with today’s ubiquitous WiFi routers.
  • a coordinator. This is the important part, as no automation system is complete without one. This is the brains that makes decisions and acts on them on your behalf when you’re not there, acting like a supervisor. Usually an always-on, low power computer that reads the information from the sensors and does things using the actuators (too much light in the living room? Draw the blinds. Too little moisture in the garden soil? Turn on the sprinklers for a bit.)

Traditionally, the fourth part of the system was the software. Custom made projects usually required a custom made software solution that involved some logic and high end graphics like a map of the home, buttons and gauges to represent actuators and sensors. Nowadays, most equipment like smart light bulbs, intelligent switches and smart thermostats come with their own software that usually involves a mobile platform app (iOS or Android) and a web-enabled application accessible through the browser. Some of the better ones have APIs that make them highly integrable into custom solutions, and there are apps online that can be used to build said graphics and logical software solutions for free or very low cost. We shall look at some of these solutions more in-depth in the practical applications chapter.

These pieces go together to build a hub-and-spokes type of network, as Figure 1 shows, where the PC is used as an interface and the control system gathers information from sensors, makes decisions and commands the actuators. What usually happens is there are two kinds of decision making: synchronous, which are events that happen on a schedule, (example: every workday at sunrise open the blinds) and asynchronous, which are events that happen on the outside of the system, that the controller picks up via its sensors and acts upon the information (oh it started raining? Better turn the sprinklers off. Though a really intelligent system will know in advance when rain is forecast, so it doesn’t turn the sprinklers on at all that day.)


Figure 1 - a diagram of a home automation system

Cloud based solutions and security

Another trend that has been gaining traction lately is cloud-enabled home automation software, but this comes with some caveats. As figure number two shows, this works by giving a company access, via the internet, to your home automation coordinator. This can be as innocuous as letting your smart TV access the internet and logging on to your account on various services or signing up for the live control service provided for your home automation system of choice.

figure2-home_automation_cloud.jpg Figure 2 - Cloud based solutions

This has various benefits, from being able to download show information to skyping on the big screen to controlling your home environment when you’re away, but there are security implications in all of the above scenarios. Forget, for a minute, that any port open to the internet is a danger in itself; just remember that high and low profile corporations are in the news more and more often, having security breaches and losing customer information to unknown parties. (For a list of news articles pertaining just to the last few months, check the links section.) One might argue that their status and future as a corporation depends on keeping your information and connection secure, but the truth is that behind the impenetrable corporation face are still humans that make mistakes, and sooner or later it might happen to anybody.

Also, and more disturbingly, some corporations have taken onto themselves to spy on their customers using exactly the services they provide. See the LG case, when they were caught snooping on their users preferences, watched shows and even network shared files through their smart TVs. 1) 2)

However, even if one does not consider this (monumental) lapse in judgment on their part, there still seems to be a real problem plaguing the advent of the Internet of Things. Malicious intent apart, the current trend of including smarts into every appliance has some problems right now:

  • one, there will always be bugs in the software. The firmware is often developed in house by the hardware manufacturer and their experience with securing consumer software might not be the best. This is usually mitigated by the various software companies by issuing frequent updates as new bugs are discovered. Which brings me to the next point:
  • the support is very much lacking right now. This means software updates, and they are few and far between, although new vulnerabilities are discovered all the time. A smartphone’s software might be supported with frequent updates for a few years, as would an operating system or a computer, even for a decade, but for an appliance like a smart TV the support interval is - at the moment - a lot shorter than its lifespan, meaning that newly discovered software bugs will likely go unfixed.
  • third, these appliances are being deployed by trades folks. Plumbers, electricians, repairmen, who do not have training in the intricacies of IP networking and security. The customers themselves might turn a smart TV on and never know their show watching patterns are being transmitted to Big Brother, in a disturbingly 1984-like scenario.

This has not gone unnoticed by malicious developers everywhere as there is a growing - and worrying - trend of malware spreading from PCs to routers 3) 4) 5), and now to digital video recorders 6).

Thus, the attack is ongoing and shifting to the new technology and new equipment. This means that the benefits of having a remotely accessible home automation system need to be carefully weighed against the potential risks. There are mitigating measures available for most of the problems outlined above, like installing a router between the appliances and the internet and making sure all unnecessary ports are shut, but in the end the decision must still be made how many of those new online services are needed. Sure, shutting lights or turning the AC on from work when starting the home commute can bring a quantum of comfort upon arrival, but is it still worth it if that might enable an outsider to gain access to the garage door?


So what can be done regarding remote control, taking security into account?

Taking figure 2 as an example, the options are:

  • buy a “live” service subscription. This has the advantage that it will work from anywhere, but you have to trust the company that provides the system to keep the security tight.
  • get the regular system, use a router and secure the setup yourself. This has all the advantages of running your own security setup - but for the average person that’s not saying much. Sure, you are in complete control but it’s up to you to keep that system secured and up to date with every patch released, make accounts for family members and set permissions for them. If having to spend hours learning how to install and configure strange software, if SSH and public-key encryption make your eyes glaze over, rest assured it’s difficult sometimes for professionals as well. Which is why the first solution might be best for you, because botched-up security is a lot worse than trusting another company with your data - at least the people caring about your system are professionals, and it’s not like you haven’t done it before.
  • get the regular system and use one way - or no way communication from the inside. As the old adage goes, the most secured computer (or information system) is the one that’s turned off and locked in the safe. The next best thing is no contact to the outside. You can enjoy the benefits of having a home automation system when you are home without the perk of turning the lights on or off from work, and the sprinklers can come on even if you’re not there. You can still read the temperature, humidity and any other sensor value from outside, as the system can be setup so that it posts that information online periodically. Not being able to control it from afar makes it more difficult to hijack for nefarious purposes; however, having the sensor values available online might not be a good idea if malicious parties can draw conclusions this way as to when people are home and when they aren’t.

This choice needs to be made when first considering a home automation system, since the live service is not available for every brand, and a home server will need to be included in the budget. This series of articles will be focused on the third solution, as it seems to be the most flexible - locked down with some accessibility from the outside world, because the cool factor of checking on your home while you’re away is, well, really cool.

(to be continued)

Home | Automation | Technology

QR Code
QR Code home_automation_chapter_2 (generated for current page)