Pi-based multi-prop trigger for animatronics, Part 1

Posted on by
Reply

Next Halloween, my setup will include three coordinated skeletons performing together (probably doing “King Tut“). I want to use a single PIR motion detector to trigger three different props at different offsets from the original trigger. And some of the props can only speak or move for short amounts of time, so for a longer performance, they need to be repeatedly triggered. To do this, I have a PIR providing input to a Raspberry Pi Zero W. A python program running on the Pi then sends brief output trigger voltages individually to each of the props, according to the preset schedule for the routine. This same approach could easily be modified to trigger 2, 4, 5, or more coordinated props from a single start trigger. The hardware setup is very simple, and is shown in the figure.

Wiring diagram for the multi-prop trigger. The left is a Raspberry Pi Zero W with the pins enlarged, and the right is a breadboard. The breadboard has a barrel jack for power (that also is wired to the Pi). There are four 3 pin female headers on the breadboard. One is for the PIR sensor, and has all three connections wired. The other three are to send signals to three props. These have the ground and signal wires connected.
Wiring diagram

Power is provided via the barrel jack on the prototype board. This is also what powers the Pi. Their are four 3-pin female headers on the board. The one on the left is for the PIR sensor input. It has the power and ground connections, and the signal wire is an input that goes to GPIO pin 15 on the Pi. The other three headers are to go out to the three props. The grounds are connected so that the prop controls and this trigger share a common ground. The signal connections are outputs from GPIO pins 23, 24, and 25. There is no need for power for these connections. 

In order to test the hardware, I rigged up one LED to each of the three signal outputs, put a resistor in to avoid burning out any of the LEDs, and linked the grounds. The test setup is shown below below:

Picture showing a Raspberry Pi Zero W on the right, with soldered connections to a soldered breadboard with a 3 pin header that a PIR sensor is plugged into, and three other 3 pin headers that connect to a solderless breadboard with three LEDs connected.

Test setup to make sure the hardware works and that I got the soldering correct.

I used the GPIO Zero library to write a simple test script for this test setup:

from gpiozero import LED
from gpiozero import MotionSensor

myLED1 = LED(23)
myLED2 = LED(24)
myLED3 = LED(25)
pir = MotionSensor(15)

while True:
    if pir.wait_for_motion():
        print("motion detected")
        myLED3.off()
        myLED1.blink(1)
        myLED2.blink(2)
        pir.wait_for_no_motion()
        print("no motion")
        myLED1.off()
        myLED2.off()
        myLED3.blink(3)

This has the pi wait until the PIR detects motion. Then it begins blinking the first 2 LEDs at different rates. When motion stops, those two LEDs are turned off and the third LED begins to blink. This cycle then repeats until the user hits CTRL-C to stop the test script.

Black project box without the top. It has a large round opening where the barrel jack for power resids, and a large rectangular opening where the micro SC card can be accessed. Inside are the Pi Zero W and the solderable breadboard.

Completed electronics in project box

Completed project box with electronics inside. The cover is on to top. You can see the solderable breadboard with headers through the top cutout.

Completed project box with electronics inside and lid on the top

The circuit is mounted in a custom 3d printed project box with slots for the power, sensor, and output wires, as well as a slot for accessing the Pi’s micro SD card. I designed the box using TinkerCad. I also 3d printed the standoffs, and just used hot glue to glue the Pi and the breadboard in place. I put in large holes so that it would be easy to plug and unplug the connectors and also get my fingers in to insert or remove the micro SD card. The top has a large cutout to make it easy to access the 3-pin headers. The finished hardware is shown in the figures on the right.

Quick Post #4: 3d Printed Monitor Stand

Posted on by
Reply

Two combined images showing the original plastic stand, including the broken piece. The top image shows the assembled stand, while the bottom one shows the individual pieces.

Original stand, including broken piece

I have a 7″ touch screen monitor for Raspberry Pi’s. I wasn’t happy with the stand that it originally came with, which was rather flimsy, and the stand broke twice. But I got a 3d printer from my wife for Christmas, and I decided I could build a better stand for it. To design the stand, I used TinkerCad, which while less sophisticated than many other tools, has one of the easiest learning curves.

I started with just a large block in TinkerCad, sized to the dimensions I needed, than cut out sections one by one to form the sloping back, the slot that the monitor slides into to hold it, and a section cut out of the stand so that it would use less plastic.

 

 

Side view of the printed monitor stand, clearly showing the slot to hold the monitor. The stand is white.

Side view of the printed stand, showing the slot the monitor slides into.

After I started printing, I realized I could make it even more efficient by making the main section of the stand hollow. To do that, I made a copy of the stand in TinkerCad, cut off the front, then shrank the copy. Then I changed the copy from a solid object to a hole, positioned it inside the original, and joined the hole to the stand.

I’m really happy about how it came out, and as you can see in the pictures, the monitor fits perfectly!

I’ve published the model files on Thingiverse.

Picture of the stand with the monitor in place.

The finished stand, with the monitor in place.

Quick Post #3: Some Thoughts on Cybersecurity from the Netflix Zero Day Miniseries

Posted on by
Reply
Picture of Robert De Niro from Netflix' Zero Day, with a listing of De Niro and additional cast (Jesse Plemons, Lizzy Caplan, Connie Britton, Joan Allen, Matthew Modine, and Angela Bassett).

I started watching the Netflix miniseries Zero Day the other night. It’s a political thriller staring Robert De Niro and is built around the investigation of a devastating cyberattack on the United States. I’ve actually only watched the first two episodes so far, and I’m a layperson when it comes to cybersecurity, but as I know computers, a friend asked what I thought about the premise and how accurate (or not) it was. Since I put together a rather lengthy reply, with a number of links to sources, I though I’d share my response.

The jargon so far (e.g., references to PLCs and SCADA systems), as well as the expressed difficulty of simultaneously attacking so many diverse systems strikes me as accurate. And it clearly draws from a lot on events that have taken place. I suspect (and hope) that such a large simultaneous successful attack on such a diverse array of cyber-physical systems (causing them to affect things in the physical world, not just crash or introduce ransomware, or delete data) is quite improbable. That said, there have been large scale successful attacks of a non-physical nature affecting millions of systems at a time, and entities do store up zero day vulnerabilities. So it’s conceivable that a bad actor could accumulate multiple ones, each for a different type of system, to launch simultaneously.

Zero day vulnerabilities take advantage of generally unknown security flaws software, hardware, or firmware. There’s a huge market for zero day vulnerabilities. Good hackers discover them and report them, often for substantial bounties. But there is far MORE money to be made by selling them to private bad actors or to governments. And when the US government discovers a zero day, they sometimes tell the software’s authors, such as Microsoft, but they also sometimes keep it secret to later use themselves.

The part about the zero days originating with the NSA? That’s straight from reality. Back in 2016, Shadow Brokers released a bunch of NSA hacking tools, which were then picked up, modified, and used by the North Koreans, Russia, and the Chinese.

Because we have lots of diverse systems running the same core software, a single attack, or even mistake) can cause widespread and diverse outages. Last year’s widespread outages affecting airlines, airports (but not air traffic control or airplanes), banks, hospitals, stores, and far more was caused by an error accidentally introduced into CrowdStrike’s Falcon cyber security software for windows (rather ironic). It crashed 8.5 MILLION systems and they were temporarily unable to restart. Similarly, NotPetya spread far wider than it’s developers intended, infecting machines across the world with ransomware.

Back in 1994, the US government passed the Communications Assistance for Law Enforcement Act (CALEA), requiring that telephone companies design their systems to be easier to wiretap, and this was later expanded to include internet service providers. At the time, they were told that this was a VERY bad idea. It made work easier for law enforcement, but as was pointed out, these mandatory backdoors could and eventually would be exploited by bad actors. And because the US is such a huge market, the same vulnerable systems were sold worldwide. 20 years ago, Vodaphone Greece was hacked this way. Now, it turns out, that the Chinese are using these vulnerabilities to steal data across the US (but not cause physical damage).

There’s a passing reference in the show to SCADA systems and PLCs being attacked. SCADA stands for supervisory control and data acquisition. These are used to supervise and control sensors and control systems, including pipelines, the electric grid, water networks, etc. As a lower level are PLCs (programmable logic controllers). These control the lower level operations of manufacturing and other equipment (again, such as the electric grid). Stuxnet, which took down Iranian uranium processing equipment, infected the PLCs controlling the centrifuges. This would be the type of target most likely to directly damage or destroy physical systems. And our systems are vulnerable, with Chinese hacking attempts on American pipelines and other systems.

There are FAR too many unprotected or poorly protected systems are connected to the internet. There’s even a search engine, SHODAN, dedicated to searching for Internet of Things and control systems.