Replies: 20 comments 2 replies
-
Would you be willing to provide signal captures of your meter? It might be too far out of scope since rtlamr is designed to be relatively agnostic to frequency. Users will almost certainly have to limit the sample rate and listen on a specific frequency for their meter. Helping users determine this frequency and appropriate bandwidth costs a lot to support as well. |
Beta Was this translation helpful? Give feedback.
-
Use the I can synthesize and post some example .iq files (w/ error) for testing purposes if you'd like. I'm reluctant to provide captures from my meter specifically, but I don't think they're necessary.
The frequency doesn't have to be determined. These meters always transmit at 916.45MHz, per the FCC filings. While decoding the protocol, I have been using a fixed bandwidth of about 200KHz per sideband which seems to result in a pretty reliable decode. |
Beta Was this translation helpful? Give feedback.
-
@CFSworks do you have a decoder python script you are willing to share? I've just got Hackrf One and was looking into reading my water meter too. @bemasher my water meter is https://fccid.io/GIF2006B and per FCC it can be programmed to use frequency hopping. I assume most installation would use channel hopping vs a single operating frequency, but need to confirm. Having FSK decoder still could be beneficial and |
Beta Was this translation helpful? Give feedback.
-
@Adminiuga It's not a Python script, but I've updated the Gist linked in my first post with the GNURadio flowgraph ( You'll probably want to replace the input to the DC Blocker with the osmocom source block to drive the HackRF directly; otherwise it will read Since/if your meter is frequency-hopping, you'll need to do some further modification to get the flowgraph to cooperate. My |
Beta Was this translation helpful? Give feedback.
-
Thanks! Apparently i'm not there yet, but SDR tutorial seems like a good place to start, and your flow would be a great help. |
Beta Was this translation helpful? Give feedback.
-
Assuming your meter is picking a random frequency on each transmit (and the protocol is otherwise the same as what I have), here are the modifications to make to the flowgraph:
Then try placing the antenna somewhat near to the meter (noise tolerance will be poor), keep lowering the |
Beta Was this translation helpful? Give feedback.
-
Thank you for all your help, I really appreciate it. I still need a bit more time, before I could ask intelligent question.
|
Beta Was this translation helpful? Give feedback.
-
If you aren't seeing anything even after several minutes, there's a good chance your meter uses a protocol different enough that my blocks don't recognize it. I'd recommend either investigating in URH or sharing a signal capture (here is my GPG/PGP public key if you want to keep the capture private). |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
-
I've compared the delta in consumption reporting by "orion" and actual meter reading and it matches 👍 Other than that: I still don't see the signal in live spectrogram which triggers the reading and apparently I have two different much stronger signals on 916.45MHz and now I wonder were those are coming from. One of the signals is FSK modulated, so it cannot be my Electric meter, but it could be the Gas meter. But what is the second signal I have no ideas. |
Beta Was this translation helpful? Give feedback.
-
and actually the reported consumption does match the dials on the meter, but the most significant bytes. My meter has 6 digits, so maybe for my meter the consumption is 24bit and the significant byte is the number of overflows? It is going to be a while till my meter overflows again. It would be lovely to see this decoder in RTLAMR |
Beta Was this translation helpful? Give feedback.
-
My blocks don't assign any numerical meaning to "sender" - it's just a
field that grabs the first 32 bits of the transmission, which appears to be
fixed for a given meter, and can hence uniquely identify which meter sent
the message. I'm not even sure if all 32 are meant as a "serial" as some
might be type/model/version info.
I doubt that the high bits of "consumption" are overflows. Those bits are 0
for my meter, which has likely been installed for longer than yours as it's
an older model. This might instead be a tamper counter or other similar,
miscellaneous "system health" info.
I'm wondering if a good way to get this supported in rtlamr is to use FFT
as a coarse frequency acquisition method, then go back and use
frequency-translating, a low-pass filter, and downsample prior to
demodulation? Should help boost SNR (even in the OOK cases) while keeping
the configuration frequency-agnostic!
…On Tue, Jan 19, 2021, 09:18 Alexei Chetroi ***@***.***> wrote:
and actually the reported consumption does match the dials on the meter,
but the most significant bytes. My meter has 6 digits, so maybe for my
meter the consumption is 24bit and the significant byte is the number of
overflows? It is going to be a while till my meter overflows again.
It would be lovely to see this decoder in RTLAMR
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#163 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAFLCYH5NYUXUQG4GZAADETS2WWFXANCNFSM4VOCT4HQ>
.
|
Beta Was this translation helpful? Give feedback.
-
Last question: should I be able to see the transmission in the "QT Frequency Sink"? I'm now confident your decoder does display data from my meter, but why I'm unable to catch the transmission in FFT sink? Is it too short or am I doing anything wrong? It didn't make a different for hackrf being 1ft or 3ft away from the meter. When I get the reading, the FFT doesn't show anything above the noise floor. And whenever I see the strong signal in FFT, there's no output from the decoder |
Beta Was this translation helpful? Give feedback.
-
If you have questions about SDR in general, I'm happy to answer them - but
you should probably email me (my username, gmail) to avoid off-topic
chatter on this issue ticket. I think the ticket should pertain only to
figuring out the Orion protocol, and discussing ways to receive it
effectively.
To answer your question: the Orion transmissions are only about 1.6ms long,
and the FFT sink updates at a rate of about 10/sec by default. If you want
to see the transmissions, I suggest a waterfall sink running at 100/sec
with a window size large enough to include 10ms worth of samples.
(PS in addition to an SDR tutorial, check out my "wavebird-reversing" repo
on my GH user page)
…On Tue, Jan 19, 2021, 10:14 Alexei Chetroi ***@***.***> wrote:
Last question: should I be able to see the transmission in the "QT
Frequency Sink"? I'm now confident your decoder does display data from my
meter, but why I'm unable to catch the transmission in FFT sink? Is it too
short or am I doing anything wrong? It didn't make a different for hackrf
being 1ft or 3ft away from the meter. When I get the reading, the FFT
doesn't show anything above the noise floor. And whenever I see the strong
signal in FFT, there's no output from the decoder
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#163 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAFLCYFOQTGYMUZBVFG7RN3S2W4XLANCNFSM4VOCT4HQ>
.
|
Beta Was this translation helpful? Give feedback.
-
Hi, I follow @CFSworks in https://github.com/bemasher/rtlamr/issues/163#issuecomment-761560072 and I get a error when running: Invalid sample rate: 11000000 Hz My graph is: Version: GNU Radio Companion 3.8.2.0 (Python 3.7.3) Can I get help with this error? Thanks |
Beta Was this translation helpful? Give feedback.
-
Hi @mexdfr, I really don't think that this issue ticket is the right venue for help with those flowgraphs, since the primary focus here is whether or not to include support for the ORION protocol in rtlamr. (The secondary focus is in getting the protocol better understood.) Your enthusiasm about decoding your water meter is great (and I hope @bemasher takes note of that, hint hint), but this question is too general. Please either email me or use the comments section on the gist I posted instead. :) That being said, the error But back on topic: It sounds like these multi-frequency (GIF2006B) meters are fairly common, and to be generally useful, we'd need to be able to decode them with only the bandwidth provided by a basic RTL-SDR. The FCC test report says "The test item could be programmed to operate in one of the following modes: transmit at 911.65MHz, transmit at 916.45MHz, transmit at 921.25MHz, or frequency hopping enabled." So maybe instead use the flowgraph I posted (with none of the modifications I suggested) to sniff on each of those frequencies for a few minutes? And even if it's set to frequency-hopping mode, there are only 25 hopping channels (page 51 shows them clearly) so if frequency-hopping is enabled, waiting patiently on one channel for several minutes ought to pick up a transmission or two. |
Beta Was this translation helpful? Give feedback.
-
There are no plans to support frequency modulated messages. |
Beta Was this translation helpful? Give feedback.
-
I'm also interested in this, anything I can do to help with captures or testing. I have this type of water meter as well and would love to be able to monitor it. |
Beta Was this translation helpful? Give feedback.
-
A little off topic but wondering if there might be interest in producing something that would read a badgermeter transponder. We currently utilize the older tr2 gateways and can't seem to get the gateways (most are refurbished ) when they stop working. I'm interested in being able to read the tr2 transponders and replicate how they are sending the transponder data to the application. |
Beta Was this translation helpful? Give feedback.
-
RTL_433 picks up my Badger-Orion water meter and decodes it just fine. along with anything SCM and SCM+ as well |
Beta Was this translation helpful? Give feedback.
-
Hi! I have a Badger Meter smart water meter (FCC ID GIF2002A). I reverse-engineered the radio protocol; it transmits at 916.45MHz±100KHz ("DC-balanced" FSK at 100Ksym/s). I realize this requires pretty different DSP from the OOK of the ERT protocol.
The transmissions occur every 4-5 seconds. The interval seems to be randomized in that range, probably as a means of collision avoidance. The data consists of a 32-bit sender ID (at least, I think it's an ID - it's unchanging for my meter, but it might include type/version information) followed by a 32-bit consumption value (equal to the gallons displayed on the meter's mechanical face). There's a 16-bit CRC and no error correction.
Rather than describe the rest of the protocol, I wrote a Python script that can be used to generate the baseband signal for a given sender/consumption message (and with
-v
, prints the encoding steps). The output is in the HackRF IQ format (each sample is 2 bytes,sint8 i,q;
) rather than RTL-SDR's uint8 format. The sample rate is 1 Msps.Would this be something of interest in rtlamr, or does the different modulation scheme put this too out-of-scope?
Beta Was this translation helpful? Give feedback.
All reactions