This is done for the initial flash of the ESP but not for ongoing use. 1 more device on your network should hopefully not be an issue…
It’s not so much having one more device on the network as I’m hoping to keep as much of my smart home as possible of the network and isolate them to physical connections or Z-wave. I’d like to reduce the number of possible attack vectors as much as possible so I can focus my security efforts on a smaller footprint.
With that said, I suppose I have forgotten that Konnected.io is also a network-connected sensor.
I suppose I will have to keep doing some digging to find a way to connect the sensors physically, preferably via USB.
In my experience an ethernet connectiom is way more reliable than Z-Wave. Also Z-Wave is a wireless technology, which is easier to jam than ethernet connections.
With ethernet, an attacker needs to have physical access to your network inside your house, whereas with WiFi/Z-Wave they could do an attack from outside your house.
Only thing about those I/O expanders is that they are not galvanically isolated. If you run wires to all corners of the house, which could easily be 100 feet long, expect them to become great antennae which will pick up all sorts of interference. A/C switches on beside wire run or door/window monitored, and you will register a state change on that window or a spike will travel down the wire locking the whole mess up. A nearby lightning strike would certainly fry something.
The wire runs need to be isolated and this is typically done via an optocoupler. Your sensors w/wire runs connect to the LED side of the coupler, powered by a completely separate power supply that does not have a shared ground with the rest of the circuit, and your I/O expander reads the output of the other side of the optocoupler.
You’ll find this is how commercial alarm panels work on the basic end, though mostly they have moved to dedicated buffer chips to allow things like zone doubling, EOL resistors, etc.
We built our house last year and I used 9 Konnected v1 boards. Every door and window has a wired sensor, shower fans have DHT22 humidity and temperature sensors, 2 sirens, and a few motion sensors. The only windows I wired in series were ones that were immediately adjacent (we have 5 individually opening windows that make up 1 large window area). All done with Konnected and I have had 0 issues in over a year.
To address the comments about network reliability: Konnected Pro now has ethernet. Your network should be designed with proper steps taken to mitigate those risks. Properly sized UPS for all network equipment, POE switch, wired access points properly spaced and configured (wireless is not plug in and go, don’t use wireless routers combos, avoid mesh access points if you can run wires), dedicated firewall\router separate from internet modem.
To address the comments about attacks: Information security is about assessing risk. Yes, wireless DoS attacks are easy but consider your threat model. Who would have the technical knowledge, knowledge of your system, and want to gain access to your home? Chances are you are using the technology for convenience and security from common threats in your area, which are most likely unsophisticated.
1 Like
I’d use the same methodology as a DCS (Distributed Control System). Break the house down into logic areas and put one remote I/O point at each logic area. This way you can utilise a wardrobe to house an electronics panel and the wiring from your sensors to the I/O board is minimal.
Use something like RS-485 to get the data back to your NUC. Better yet, use a PoE Arduino or similar in lieu of RS-485.
Just to chime in about attack vectors. ZWave is actually really easy to attack and control. The advantage is that the network it creates is very local and would require someone to be in your driveway to do anything.
As for WiFi or IP based connectivity…this is significantly more robust, reliable and has the ability to be protected. Once I can invest in a Ubiquity system I will be having a separate network (VLan) for my iot devices. This allows me to remove any outside attacks by eliminating access to them.
As others have stated your should use esphome to integrate into HA or any future solution. I also would caution trying to get everything into one device. Not because the single device would have issues in supporting the number of switches but rather you have a single point of failure for your entire home automation sequences. You may want to support zones so if there was an outage only part of your home is affected and not everything. Just my $0.02
If I were you I would just install a regular burglar alarm for the things that are traditionally covered by one. There are several you can get that have zone expanders and could do what you need. Then you can integrate into home assistant.
Advantages of this method are many: it would be a stand alone system that works when home assistant is offline, works when power is out since alarm panels have their own battery backup and if you decide to have the alarm monitored you can save on your home owner’s insurance.
That’s definitely good food for thought. It is all about acceptable risk, preceived risk, vs. actual risk.
However, another side of that is that only the dumb criminals get caught (the smart ones get elected! Ha!). We’ve seen that previous “complicated” theft methods are now commonplace. For example, automotive key fob remote replay and amplifications attacks. The equipment needed is widely available, for very little money, and widely used by criminals.
WiFi is trivially easy to disrupt so how long is it before every non-methhead burgler is carrying around a WiFi deauther they purchased for a few dollars on Amazon?
I know if I was turn to a life of crime, I’d mostly target houses with visible consumer IoT stuff like Ring doorbells. Why? Because they most likely use wireless security that is easily disrupted and not a wired security system which is far more difficult to bypass (ie. knowing where the wires are, being able to splice in the appropriate EOL resistor without faulting the zone, etc. etc.).
Yep, agreed. Whenever possible, wired is the way to go. I would have definitely chosen the new Konnected boards with ethernet if they existed at the time.
With that said, many of the risks can be reduced with compensating controls. Eg. Monitor for connectivity and get alerts when things go offline. When a Konnected board stops responding to ping (or in my case I can monitor for disconnects from Unifi as well) I get a push notification (all monitoing communication is wired) and can easily log in and check out cameras (wired). Obviously always going to be what if scenarios but unless you have the resources to build out datacenter style N+x reduncancy you’re probably going to need to make some concessions.
40+ switches and all those home runs are going to have a substantial power requirement. They will need to be isolated. There are 2 ways to go about this. Grouping them into zones and isolating them with something like, per zone.
The latched contacts would be the switch series zone, then the isolated contacts connected to a pi. You can also add an audrino via usb to expand i/o as well as a shield for the pi.
If you want to know the status of each individual switch then use
The inputs would again be the switches. I’d personally run 12 vdc through the switches if not 24 if we’re in the thousands of feet.
edit note rb5 is only rated for up to 12v
24v version
Apologies to OP. Did not mean to hijack your thread. I’ll remove my post and start a separate discussion.
Thank You
hi,
Number of inputs is not an issue, I’m using an arduino mega on wired ethernet, I’m looking at 36 inputs but easily could do more. I use an analog multiplex chip to look at up to 16 inputs per input pin. You need 4 outputs to select the input on the chip but I connect 3 chips in parallel so when I select input pin 5 on the chip it does so on all 3 chips. By having one input pin per chip I know what I’m reading - if that makes sense?
So 4 output pins + 3 input pins = 3 x 16 lines which is close to the number you are asking.
Now voltage drop over long wiring is a different matter! I’m looking at leds in an electric cabinet so my wires are short.
Further info here:
1 Like
Thanks to everyone’s help here. I think I’m just going to swing in the direction of doing all of my sensors over network. I’ll likely go with 5-6 Konnected Pro boards.
A friend of mine is using Arduino Megas for this purpose too.
First of all, which multiplex chips are you using for increasing the pins? Shift Register could be used also for this purpose.
Secondly, long cables to arduino will most definitely create noise on the feedback line in which it will have problems. If your cables are more than 1 meter long, you will have these noise which will trigger fake results on arduino. My friend solved it with using optocouplers near the arduino. Just in case if you have resembling problems.
I’m using HI-506A which is an analog multiplexer - as I’m reading whether a LED light is on/off using a photoresistor that works good enough for me. A pulldown resistor to make sure the input is not floating and then I get a reading through the photoresistor. Cut-off point is 200 so everything above that is on, below is off.
Cabling is max 2m but there is no heavy wiring load as the multiplexer connects to one combination only at the time. It’ running for something like 5-7 years now.
Then I use MQTT to report to HA - if I had known about the message format for self-registration I would have used that, but now I have 1-ON or 1-OFF up to 36-ON/OFF and a HA template sensor makes it work.
I saw some of the posts suggesting DIY which is why I responded but don’t think that was what OP was after.
If you want an alarm system install one and integrate it with HA. The “Elk” panel integrates with HA, you can choose which devices are visible in HA as sensors, for example. The Elk has proper arm/disarm in-wall panels, drives sirens, bells, and supports wired and wireless devices, glass break sensors, smokes, rate-of-rise temperature sensors, etc. All the alarm logic is built into the alarm panel by people who know alarms, its UL listed, and can be configured to call the authorities on certain alarm conditions.
I’ve got the Elk system and can remotely control and monitor it via HA through a VPN and I can see the state in HA of all the devices I want to monitor and have automations built against alarm system detected motion or lack thereof.
Lastly, if you ever sell the house, you have a stand-alone alarm system that will still work for the new owner if you rip out HA. I’m glad I didn’t try to build an alarm system in HA itself.
I’ve wrestled with a similar question. At least for now I don’t trust anything wireless from both a security and reliability point of view so I’ve hardwired as much as I can to a structured control center. Generally I use 1-wire to read sensors and DMX to control things. An EDS LAN<>1-wire bridge connects the sensors to HA. I use a DMXKing Artnet<>DMX bridge to control lighting and also low voltage relays that control other stuff like zone valves.
When I have a lot of non-1-wire sensors close together, such as current or pressure sensors I aggregate them as a single 1-wire device using a Teensy MCU to emulate a DS2450 16-bit 4-channel A/D. If I had a bunch of reed switches as in your case I’d probably use the DS2408 to read up to eight relays at a time. A single 1-wire bus can connect to all the COTS and emulated sensors. The HA 1-wire integration supports both devices as well as others. With three wires you can get plenty of power to the sensors and cover your whole house.
I do use Zigbee to control things like individual track light or recessed light brightness or color but I also wanted a fail-safe/failover mode that doesn’t rely on HA for anything in case something goes seriously wrong. If HA fails I give up “luxuries” like light dimming and other automatons but 3/4-way light on-off control and HVAC works.
Of course I’ve left a lot of details out but this is the overall approach.
EDIT: To clarify, the DS2450 access from HA is via owserver (a component of OWFS). OWFS supports the DS2450 and HA supports owserver . If you wanted to use e.g. a Raspberry PI as the physical 1-wire master then I don’t think the DS2450 would be supported. Since I use the EDS 1-wire<>LAN bridge and talk to it via owserver I can communicate with a DS2450.
As stated in the HA docs for 1-wire, many use a DS2438 Smart Battery Monitor instead of a DS2450 because the DS2450 was obsoleted by Maxim a long time ago. Emulating one is pretty much the only way to do it now.
I have wired sensors on all my windows and doors connected to a couple of raspberry pi that has this running https://github.com/flyte/pi-mqtt-gpio so I can get all the sensor readings through MQTT in Home Assistant, currently I’m running 2 raspberry pi for all my sensors, each raspberry can handle 26 inputs/outputs on it’s own but if you really want to take it to the limit I have tried adding PCF8574 and PCF8574A to the raspberry, you can add 8 of each and each comes with 8 inputs/outputs so in total you can end up reading 128 sensors from the PCFs + 24 from the raspberry (you loose 2 for communication with the PCF). I ended up just using the raspberry because all those PCF mean designing some boards and soldering and I didn’t want to bother, also in case the raspberry dies, it’ll only take half the house down instead of all of it if you’re using the PCF. You can also look at the PCF8575 that I see they now added support for.
As for the security aspect, I have my 2 raspberry pi connected using ethernet and have internet access blocked, my idea when I get a managed switch is to have a VLAN so those can only talk to HomeAssistant and no other device connected to my network can access those directly.
I hope this gives you some ideas, at the time it was the cheapest all wired solution I found and it’s been rock solid on my home for 2 years now. By the way if you end up going this route I highly recommend you get screw terminal hats for your raspberry, it makes connecting the GPIO so much easier and is way more reliable than using dupont connectors, those can disconnect pretty easy when you move things around.