2. Agenda
What is home automation?
What could be automated? / device types
Device languages / automation protocols
Control Systems and Hubs
Cloud services
Security concerns
Demo
Q&A
Technology deep dive
3. My Experience
With Home Automation
Started tinkering with home automation about 10 years ago.
Using over 100 devices (X10, Insteon, ZigBee and Z-Wave) on a daily basis.
Backed several HA projects on Kickstarter and Indiegogo (including UBI, Plant
Link, Ninja Sphere, ShutterEaze, Oomi and SmartThings)
Participated in research (focus groups) for Logitech’s Harmony Home initiative
Contributed to HA topics in Wikipedia
Created a couple of open source projects for automating my home
Received several awards in home automation contests
Certified in Lighting Control, Structured Wiring, Multi-room audio, Camera,
Intercom, Home Theater installation, etc.
4. What Is Home Automation?
–Wikipedia
“Home automation is the residential extension of building
automation. It is automation of the home, housework or
household activity. Home automation may include
centralized control of lighting, HVAC (heating,
ventilation and air conditioning), appliances, security
locks of gates and doors and other systems, to provide
improved convenience, comfort, energy efficiency and
security.”
6. What Could be Automated?
Lights - Philips Hue
Cameras - DropCam
Sensors - contact, motion, temperature,
humidity
Wall Outlets
Wall switches/dimmers/keypads
Water valves - prevent water leaks
Shades/blinds - privacy, power savings
Security systems & access control -
door locks, intercoms
Home theater & entertainment - Sonos,
networked AVRs, projector screens
Thermostats - Nest, Lyric
Smoke & CO2 sensors - Nest protect
Fans - room or whole house
Irrigation - save water
Pet feeders, invisible leash
Cars - geofence, parking location,
speed
Technology bridges - IPIR,
X10Insteon, IPLutron RF
The ‘things’ in IoT
7. The INSTEON family
water
leak sensor
outlet
wall dimmer
remote
control
keypad
web camera
LED lights
low-power IO
module
open/close
sensor
plug-in
module
the Hub
energy monitor
embedded
module
fan
controller
Insteon to IR
bridge
motion
sensor
9. X10 - est. 1975, power-line + 310 MHz, cheap, slow, error prone
Wi-Fi - est. 1997, based on IEEE 802.11 standards 2.4 GHz or 5 GHz
MQTT - est. 1999, lightweight pub/sub messaging transport
ZigBee - IEEE standard since 2003, 900 MHz or 2.4 GHz using 802.15.4 radio
Z-Wave - est. 2005, 900 MHz, proprietary radio by Sigma Design, 300+
manufacturers worldwide.
Insteon - est. 2005, 900 MHz, dual-band mesh (power-line + RF)
Bluetooth Low Energy (BLE) a.k.a. Bluetooth Smart or Version 4.0 - adopted in
2010, 2.4 GHz, energy efficient, short range protocol built specifically for IoT,
128-bit AES data encryption
Thread - est. 2014, 6LoWPAN using IEEE 802.15.4 radio
Device Languages
10. Control Systems and Hubs
Hardware components
Crestron - upper high end ($100K+), IP-based,
proprietary.
Control4 - lower high end ($5K+), IP-based,
proprietary, TV-based UI
Samsung SmartThings Hub ($99) - ZigBee, Z-
Wave, IP, IFTTT
Insteon Hub ($99) - Insteon, IP, Nest
Lowes IRIS - Z-Wave
XFINITY Home - ZigBee
AT&T Digital Life - Z-Wave
The UBI - Android-based, Sensors: temp,
humidity, light/sound level, TTS, API, IFTTT
Amazon Echo - works with Hue, Insteon Hub,
SmartThings Hub, ISY-994 Hub
Centralize control and management of devices, scenes and programs
Software
Apple HomeKit - hardware cert program +
SDK. Supports iOS only. iCloud sync.
Device discovery, configuration,
management, and communication. 3072-bit
keys, Curve25519
Project Brillo - Android-based OS + Core
services + SDK. Supports ARM, Intel x86,
and MIPS-based hardware. Weave.
Weave - communication platform for device
discovery, provisioning, auth, interaction
openHAB - open source, Java-based,
hardware/protocol agnostic
Home Assistant - open source, Python-
based, hardware/protocol agnostic
11. Cloud Services
If this then that (a.k.a IFTTT) - the super glue of IoT world
Logitech Harmony Home - controlling your media
Oracle Cloud - analyze your big data
Amazon Alexa - voice of the IoT
AWS IoT - are you an Amazon fan? AWS Lambda functions, Amazon S3,
Amazon Kinesis, Amazon DynamoDB, Amazon Machine Learning, Amazon
QuickSight.
Xively - IoT platform as a service
many more are available from Microsoft, IBM, and others
13. Security Concerns
Overall security focus in recent years was lacking, but is improving as media
brings attention to issues.
No industry-wide standards/blueprints for securing IoT devices.
Too many devices to efficiently patch manually. Firmware upgrades must be
automated.
Many devices are not field upgradeable.
Web cams - ship without protecting remote access - Shodan.io can see you
now!
Insecure door locks (or lock’s mobile app)- could allow unauthorized entry
Even with best security practices in place there are indirect ways to collect
sensitive info :(
14. Symantec Research, March 2015
Around 19 percent of all tested mobile apps that are used to control IoT devices did not use
Secure Socket Layer (SSL) connections to the cloud
None of the analyzed devices provided mutual authentication between the client and the server
Some devices offered no enforcement and often no possibility of strong passwords
Some IoT cloud interfaces did not support two-factor authentication (2FA)
Many IoT services did not have lock-out or delaying measures to protect users’ accounts against
brute-force attacks
Some devices did not implement protections against account harvesting
Many of the IoT cloud platforms included common web application vulnerabilities
We found ten security issues in fifteen web portals used to control IoT devices without performing
any deep tests. Six of them were serious issues, allowing unauthorized access to the backend
systems.
Most of the IoT services did not provide signed or encrypted firmware updates, if updates were
provided at all
Source: “Insecurity in the Internet of Things” symantec.com
Key findings
21. Systems Compared
Insteon Wink SmartThings Lowes Iris WeMo
Climate Control yes yes yes yes -
Drapery Control yes yes - - -
Energy Monitoring yes yes yes yes yes
On/Off Wall Switch yes yes yes - yes
Dimming Wall Switch yes yes yes - yes
LED Bulbs yes yes yes yes yes
Low Voltage & Custom Devices yes - yes - -
On/Off Plug-In Module yes yes yes yes yes
Dimming Plug-In Module yes yes yes yes yes
Motion Sensor yes yes yes yes yes
Water Leak Sensor yes yes yes yes yes
Smoke And CO Detection yes yes yes yes yes
WiFi Cameras yes yes yes yes yes
Adjustable Ramp Rates For Dimmers yes - - - -
Customizable On Levels For Dimmers yes - - - -
Multi-Device Scenes yes yes - - -
IOS App yes yes yes yes yes
Android App yes yes yes yes yes
Windows Phone App yes - yes - -
Windows 8 App yes - - - -
Communication Radio Frequency + Powerline Radio Frequency Radio Frequency Radio Frequency Radio Frequency
Technology Insteon
WiFi, ZigBee, Z-Wave, Bluetooth LE,
Lutron ClearConnect
WiFi, ZigBee, Z-Wave Z-Wave WiFi
API yes yes yes - -
Source: Insteon.com
22. Use Case:
Samsung SmartThings Platform
Samsung backed
Cloud-first - moves resource
intensive ops to the cloud
Scales on demand
Best security among peers
Developer-friendly
open architecture
web-based IDE
GitHub integration
active community
hundred of 3rd party device
drivers
support in-app
23. Use Case:
AWS IoT Platform
Cert auth between “thing” and
“cloud”
TLS 1.2 enforced
Communicates with devices via
MQTT and HTTP 1.1 - Pub/Sub
SDKs for most common
languages
Prototype kits available
Tight integration with other
Amazon services
Scales on demand (Amazon
Lambda functions)
Device shadows - persistent
device state during intermittent
connections
25. Resources
CABA - Continental Automated Buildings Association
http://caba.org/
SAMI - Samsung IoT cloud
https://developer.samsungsami.io/sami/introduction/
AWS IoT - Amazon IoT cloud
https://aws.amazon.com/documentation/iot/
Xively - IoT platform as a service
https://xively.com/
Smarthome.com - largest HA store
http://www.smarthome.com/
Insteon - official site
http://insteon.com/
ZigBee - official site
http://www.zigbee.org/
Z-Wave - official site
http://www.z-wave.com/
SmartThings - HA system
https://www.smartthings.com/
openHAB - open-source software
http://www.openhab.org/
Home Assistant - open-source software
https://home-assistant.io/
“Insecurity in the Internet of Things”, Symantec research
http://j.mp/1QUiu0F
SmartThings integration demo video
https://youtu.be/u4drJtFyxU4?t=112
MQTT official site
http://mqtt.org/
PetCube - interactive pet camera + toy
https://petcube.com/
PlantLink - plant monitoring
https://myplantlink.com/
Editor's Notes
[SLIDE 1]
Hello everybody!
Are you excited to learn about Smart Homes?
Let's start with a little video.
[SLIDE 3]
Here's our agenda for today.
[SLIDE 4]
A little about my experience with HA.
I've been involved with HA for about 10 years. I'm using a whole bunch of different things that I can control remotely, from wall switches, to thermostats, to pet toys, you name it.
I participate in DIY HA community by supporting new products, blogging, tweeting, contributing to Wikipedia, participating in HA contests (and occasionally winning some).
I was crazy enough to get certified in several HA related fields.
[SLIDE 5]
So, what is home automation?
Here’s how Wikipedia defines it. I highlighted the two areas, that are most important, in my opinion. Those areas are “centralized control” and “automation of routine activities”.
There's one other aspect that should be mentioned - awareness - informing or notifying users about what's happening in their home and aggregating that data, so that we could analyze it and use it to improve the efficiency of our life by automating certain tasks.
[SLIDE 6]
For example... Imagine that you wake up every morning at 6am, go downstairs to turn on your coffee machine, then go back upstairs to take a shower. Turn on the TV or the radio to get update on the news. Then you leave for work. Now, wouldn't it be great if you could just wake up, push "Good morning" button and have the lights come up, TV turn on, coffee machine start brewing. And when you leave the house, have all those things just turn off automatically, so you wouldn't have to worry if you left something ON.
[SLIDE 7]
Here's a list of a few things that are commonly found in automated homes. Some of those things could be simply plugged in to the outlets, others might require professional installation and setup.
A separate category is the technology bridges that allow devices talking in different languages to communicate with each other.
[SLIDE 8]
Here's how some of those smart products might look like. All these products are made by SmartLabs, company headquartered in Irvine, CA.
[SLIDE 9]
Here's what a typical automated home blueprint looks like. You'd have some plugged in or wired in devices like lights or thermostats.
Some sensors, which are usually battery powered.
You would also have some control interfaces, like wall touch panels, or tablets. Or it could be a voice control interface like Amazon Echo.
All those things would talk to an Internet-connected Hub, which would allow you to control your home from the outside and receive notifications to your mobile phone.
Some systems would also have a cloud component that would be charged with processing events happening in your house and executing some actions or programs based on those events.
A new trend in home automation are third party cloud services like IFTTT, that allow to bridge systems talking in different languages.
[SLIDE 10]
Historically, every manufacturer was trying to differentiate its offering by designing their own communication protocol for their devices. And that was one of the reasons why it took so long for home automation to ramp up.
Each protocol has its cons and pros. But fundamentally they all were designed as lightweight communication protocols for low-latency transmission of small data packets. In other words the protocol should be suitable for battery-operated devices.
That's why WiFi in most cases is not the best choice when it comes to home automation - it's very power hungry.
The granddaddy of home automation protocols - X10 - was developed in 1975 by Scottish company Pico Electronics. It's primarily a power-line protocol, meaning that the signal from one device travels to another through electrical wiring. Wireless X10 devices, such as key fobs and motion sensors use 310 MHz radio band. The problem with X10 is that it's very sensitive to interference in the power line. Some devices with motors and transformers, like vacuum cleaners, can absorb X10 signals.
Message Queue Telemetry Transport (or MQTT) is a publish/subscribe messaging transport, using lightweight JSON payload. Since it doesn't have any built-in security, it's usually being used with TLS.
ZigBee and Z-Wave are currently two most widely adopted protocols. Z-Wave uses proprietary radio whereas ZigBee is an international standard using 802.15.4 radio.
Insteon is a dual-band mesh network, meaning that most devices send power-line and radio signals at the same time and each device functions as repeater. It's compatible with X10, but addresses most X10 issues, like speed of communication, acknowledgement of commands, number of devices supported on the network, etc.
Bluetooth Smart could be found in most mobile phones, and devices like Apple's iBeacon.
Thread is the most recent addition, currently used by Nest.
[SLIDE 11]
How can we control all these devices? It could be either some specialized equipment (usually called hub) or a software application running on a regular computer or even on Raspberry Pi.
Here's a list of some popular solutions.
We are not got going to go into details of hardware components.
As far as software goes, there are too many options available. Here are a few worth mentioning.
HomeKit doesn't really fit into neither category. It's a hardware certification program. Apple requires strong encryption and a special chip for authentication. So, theoretically, existing products could not be updated for HomeKit. In practice, though, Apple allows that only hub to be HomeKit certified, not the devices. That was the case with Philips Hue and Insteon Pro.
Google's answer to HomeKit is Project Brillo, which is a more comprehensive solution, that includes Android-based OS, core services and SDK for devices. It uses Weave as communication platform. Weave in turn could use Thread as device protocol.
The other two apps are popular open-source projects.
[SLIDE 12]
Cloud services allow to bridge different systems around your home. They could help with creating complex scenarios and communicate with remote services. You can use them to analyze the data created by sensors and use machine learning to give recommendations.
For example, you know that Google Navigation analyzes traffic patterns and proposes alternative routes based on that data. Same principals apply to home automation. The service can analyze electricity usage in your home and suggest that you do your laundry, let's say, on Tuesdays between 2 and 5 pm.
[SLIDE 13]
Here's a sample of IFTTT channels and the integrations they provide.
For example, your NEST thermostat could make sure all lights are off when you leave the house.
Or your BMW can open your garage door when you return home.
[SLIDE 14]
As we all know in the past security was an afterthought in IoT, and home automation is no different.
Most devices were not designed to be field upgradable. There are lots of devices on the market that were made 10-15 years ago with security issues that will never be fixed.
Unfortunately, latest research shows that even secured communications could reveal sensitive data. For example by analyzing communication patterns, like frequency of communication, length of packets, etc, it's possible to determine if the user is currently at home or not.
[SLIDE 15]
These are the key findings of a Symantec research where they tested 50 smart home devices from different systems. They found issues in all layers, from devices themselves, to mobile apps, to cloud services.
[SLIDE 16]
Anybody want to see a demo?
[SLIDE 17]
This is the kind of messages I get from my plants when they get thirsty. I'm using PlantLink system that has little sensors that you stick into the soil. They measure the moisture and based on the plant's type they tell me when each plant needs to be watered.
[SLIDE 18]
Here we have a few Insteon devices, a lamp module, contact sensor and a remote control. They are linked between each other - without a central controller.
If I press a button on the remote, it will send a radio command to the lamp module that will turn on this night light. TaDa!
And this is a magnetic door sensor you might've seen in security systems. When the door is closed the two parts are close to each other. When you open the door they get separated and a radio command gets sent.
So, I have a motion sensor outside of my front door, and whenever someone walks up the outside lights come on, the photo is taken by the camera and sent to my email. And when the door opens the lights in the foyer light up automatically.
[SLIDE 19]
[SLIDE 20]
Let's talk a bit more about the protocols used in home automation.
[SLIDE 21]
Here's an overview of the protocols we've discussed. You can see similarities in radio frequencies they are using - either 900 MHz or 2.4 GHz. These frequencies do not require licensing (but require FCC/CE certification). Most use some sort of routed mesh networking. Most require a Hub or a central controller.
[SLIDE 22]
Here you can see a few popular systems, the kind of devices, protocols and mobile platforms they support. Most systems also provide APIs that allow to extend its functionality.