Menu
What I need to be able to do is reverse engineer serial commands so that I can figure out how either the human readable values or the binary values are being serialized into raw serial commands.
IE:
if
66 = 'A1' or '0110 1'
6e = 'A2' or '0110 2'
e6 = 'B1' or '1110 1'
ee = 'B2' or '1110 2'
then
what is A3 or B3, etc.
Im working on a wrapper for an open source automation project.
There is a way to send raw commands, and in theory string multiple commands together.
I've sniffed a few serial commands, and this is what they look like.
[init] [HouseCode | DeviceCode] [ready] [HouseCode | FunctionCode]
04 66 06 62 // A1 ON
04 6e 06 62 // A2 ON
04 62 06 62 // A3 ON
04 6a 06 62 // A4 ON
04 61 06 62 // A5 ON
04 69 06 62 // A6 ON
04 65 06 62 // A7 ON
04 6d 06 62 // A8 ON
04 67 06 62 // A9 ON
04 6f 06 62 // A10 ON
04 63 06 62 // A11 ON
04 6b 06 62 // A12 ON
04 60 06 62 // A13 ON
04 68 06 62 // A14 ON
04 64 06 62 // A15 ON
04 6c 06 62 // A16 ON
04 e6 06 e2 // B1 ON
04 ee 06 e2 // B2 ON
04 e2 06 e2 // B3 ON
04 ea 06 e2 // B4 ON
....
04 ec 06 e2 // B16 ON
04 66 06 63 // A1 Off
04 e6 06 e3 // B1 Off
04 66 06 61 // All A lights On (using A1 as the starting point)
04 e6 06 e1 // All B lights On (using B1 as the starting point)
04 66 06 66 // All A lights Off (using A1 as the starting point)
04 e6 06 66 // All B lights Off (using A1 as the starting point)
04 66 06 64 2a // A1 Dim 20
04 66 06 64 2c // A1 Dim 21
04 66 06 64 2e // A1 Dim 22
04 66 06 65 2a // A1 Bright 20
04 66 06 65 69 // A1 Bright 50
What I need to be able to do is reverse engineer this so that I can make the serial calls programmatically, or better yet, figure out how either the human readable values or the binary values are being serialized into raw serial commands.
Yes, I could sniff ALL the commands and store each value separately, but I'd like to know how this has been done.
Here's my current observation.
04 is initiated and tells the device what to look for ** tells the system which device is being controlled [HouseCode & DeviceCode]55 is returned to tell you it's ready06 is initiated and tells the device what to expect** tells the system the house code and command [HouseCode & FunctionCode]
** is optionally sent and is a value between 0 & 100 to reference a dim level55 is sent back again to tell you it's readyHouseCode = A, B, C, etc) and the second character is the address (DeviceCode = 1, 2, 3, etc)
6 must directly correspond to A e must directly correspond to B
HouseCode as the second pairFunctionCode
Lastly, in the docs, each of the commands relate to Binary data, so it's probably not a matter of converting A1 to hex, but rather the binary to hex.
HouseCode DeviceCode Binary Value
A 1 0110
B 2 1110
C 3 0010
D 4 1010
E 5 0001
F 6 1001
G 7 0101
H 8 1101
I 9 0111
J 10 1111
K 11 0011
L 12 1011
M 13 0000
N 14 1000
O 15 0100
P 16 1100
FunctionCode Binary Value
All Units Off 0000
All Lights On 0001
On 0010
Off 0011
Dim 0100
Bright 0101
All Lights Off 0110
Extended Code 0111
Hail Request 1000
Hail Acknowledge 1001
Pre-set Dim (1) 1010
Pre-set Dim (2) 1011
Extended Data Transfer 1100
Status On 1101
Status Off 1110
Status Request 1111
Does anyone know how I might go about achieving this?
299
Heyu is a fantastic open source application for working with X10 devices. They have published a very comprehensive X10 protocol specification based on X10's original doc.
This should take the guess work out of your work. What is significant is that the housecode and unitcode are static maps and can not be computed. The protocol spec specifies exactly how the bitstream is formed. E.g.
PC Interface Description
0x04,0x66 Address A1
0x6a Checksum ((0x04 + 0x66)&0xff)
0x00 OK for transmission.
0x55 Interface ready.
0x86,0x64 Function: A Dim 16/22*100%
0xea Checksum ((0x86 + 0x64)&0xff)
0x00 OK for transmission.
0x55 Interface ready.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
