The video brought me back to my internship in the early 2010s.
My job was testing the new US ovens (which for us Europeans are massive).
The bus was amazing. Integrated into a LabView setup, you could basically collect any readings from the oven as well as remotely control it. Also, it was super easy to confirm "manual" actions (e.g. soleniods pushing buttons/motors turning knobs).
A few other interesting tasks I was involved back then were:
- smashing an oven's door until the hinges would give up
- testing new heating elements in the open (basically, building a gigantic grill)
- appliance transport packaging tests
- cooking and baking on a daily basis to make sure food turns out as expected
Overall, home appliances are a great product as an engineer to work on. It is a product you usually use multiple times a day. And if you love cooking yourself, even better :-)
We already know that hackers from NSA / FSB / PLA are working day and night on nation-state level attacks. They divert toilet tissue deliveries and hack traffic signals to raise my blood pressure to a tipping point where, presumably, I am supposed to demand local regime change?
Now I have to worry about passing drones using blinkenlights to Stuxnet my wool wash and shrink my merino socks? Brilliant. Bloody brilliant.
It’s like the most banal version of Battlestar Galactica ever but instead of an alien intelligence leveraging computer integration to attack mankind from within, it’s a guy in a t-shirt in a sweaty bunker filling my dishwasher to the brim with cold water then laughing at me via my Ring camera as he watches me flood my kitchen.
Pretty cool for BSH and Miele to hop on a call with the researchers just to make sure there were no issues they were unaware of. Sounded like it was productive and positive for everyone involved. Hopefully they don't start doubling down on hardware security though :p
The optical communication for the Miele was pretty interesting too. I'm assuming it's to prevent moisture from corroding a port of some kind. Does anyone know of other devices this is used in or other benefits to this?
> The optical communication for the Miele was pretty interesting too. I'm assuming it's to prevent moisture from corroding a port of some kind.
IRDA was very popular at one point and still lives on in applications like these.
It's an IR serial port hung off a UART. It's stupid simple requiring no cables, pairing, or complex protocol stacks. Some smart phones have IR blasters built in so its a total win for ease of deployment in cases like these.
> I'm assuming it's to prevent moisture from corroding a port of some kind.
The primary value discussed in the talk was electrical isolation since there's mains voltage in the appliance and the potential for shorts or inadequate isolation would require some kind of isolation, so a path that optically isolates the communication makes quite a bit of sense.
I'm also curious if other devices have gone this route.
LG appliances at least used to use acoustic signaling for diagnostics: hold a phone up and the washer makes some modem-esque (I think it’s 4-tone / 4-FSK) noises and the app or technician can diagnose issues. It was originally engineered to even work over voice codecs, so a customer without a smartphone could relay the diagnostic session to a technician.
There are lots of examples on YouTube, this one seems succinct: https://youtube.com/shorts/3Eb315vL9uw . They picked good tones to make it satisfying IMO. I don’t know of anyone who’s reversed the bitstream in public, though, but it doesn’t seem like it should be very hard.
That's a great example, thanks! I was looking for "LG Smart Diagnostics" and "audio" and then "LG Acoustic Diagnostics" and found TVs calibrating their audio playback but not this. Trying "LG Audible Diagnosis" found a bunch like yours.
That's some advanced gatekeeping right there. Where other appliances might have a blink code or several digit error display (Miele) to look up in a manual, the phone method tires you to the manufacturer.
The support hotline will ask you to hold your phone towards the device. It is less error-prone (than a human) and contains more info than a blink code. I find it really clever.
The absolutely "leetest" thing I have ever seen was a device where the firmware update was to be done by:
1. Hold a button while booting (pretty normal)
2. This reconfigures the circuit path of one of the LEDs so it is reverse-biased to VCC via its resistor and switches one of the microcontroller GPIOs to ADC input
3. You go to a website that plays a strobe pattern (encoding the firmware)
4. You hold that website in front of the LED till other LEDs blink, signifying a successful update
They could have done this using a photodiode, but no, they had to abuse an LED. Not many people are aware that LEDs can in a certain configuration be used to measure light.
Electric meters often blink a signal LED for every X kWh, so other devices can read the signal. I'm not sure if this is used for bidirectional communications, though.
Alternatively, I guess you could also use really thin cables to carry the low voltage paths; and that act as fuses, if ever a lot of current at high voltage was flowing across them? But probably not very reliable both in regular operation and as fuses.
We have a Miele washing machine and a Miele dryer. Solid machines all around even after years of use.
Fusible traces aren’t uncommon - but they would effectively destroy the device if current limits are exceeded, and they certainly would be if the power supply is non-isolated, so it wouldn’t actually be a solution to the firmware update problem.
The usual solution here is an optical coupling of some kind - optocouplers (a box with a LED, photodiode, and air gap between them) are very common for this purpose, and are an inexpensive and effective option for digital signaling across an isolation boundary.
In this case they’ve basically built a custom optocoupler out of discrete components, which is a bit unusual, but makes sense when you consider the risk of corrosion due to water ingress at the diagnostic ports, and the need to access it while - for example - a dishwasher cycle is running.
Whenever someone brings up washing machines and software, I am always reminded of Forth[0]:
As an example, imagine a microprocessor-controlled washing
machine programmed in Forth. The ultimate command in your
example is named WASHER. Here is the definition of WASHER,
as written in Forth:
: WASHER WASH SPIN RINSE SPIN ;
Very interesting talk! I think it is quite cool that Miele and BSH reached out when they saw the event announcements to make sure there are not any issues they're not aware of. Seems like a productive experience for all involved!
The WiFi implementation was interesting to me, I am glad that it is reasonably safe. I understand much of the skepticism around these kinds of features, but I also see the value in many settings. As long as they remain optional, I think the benefits outweigh the drawbacks. Kudos for BSH having good developer documentation and a local mode. I feel like a local mode should be mandatory, for safety and support reasons
I'm "fearful" of a future where every random appliance needs to be connected to the internet in order to function at all. I hope some legislation gets passed (in the EU in my case) that forces manufacturers to ensure the machine works offline and connecting it is purely an opt-in feature.
This might also need some kind of certification. Some sort of independent industry-financed lab atmosphere. I think UL (Underwriters Laboratories) worked that way.
Most washing machines use a wax motor to lock the door, it heats up wax to cause it to expand when it melts, which drives a pin. They're fairly failsafe as if you kill power, they will open no matter what.
Latching relays/(technically solenoid) could be driven on/off fast, the downside is in a power cut or an emergency, the relay wouldn't release unless specifically driven so.
So the third option is a momentary solenoid, which would need to be powered the whole time the door is shut, and they require a surprisingly significant amount of power. Typically 10-20w. Negligible when it compares to the KW+ heating elements, but they do add up for the energy ratings..
Fwiw, I currently have a haier, which does have one of the second options, and opens immediately after a wash and it's amazing. Can't go back.
But, wax motors continue to be used because they're just the right tool for the job.
You can still buy machines without the lid lock. They use an alternative design that can stop motion quickly enough to meet safety standards. I can open the lid on my washer in the middle of a heavy spin cycle at max RPM if I want to, but it will brake aggressively and come to a halt within 1-2 seconds. Being able to add laundry mid-cycle without asking permission from the computer is really nice.
Makes me appreciate our landlord's electro-mechanical "music-box" washing machine.
It has been working for 25 years with no servicing, except when it "broke" once about 5 years ago. So I just opened it, stared at it for a while, and after considering the symptoms (no click in the door locking mechanism but power indicator light turning on), I realized the issue will be with something very early on in the fixed washing cycle, before the timing motor gets activated, and there will be no serious electrical damage elsewhere (fuse intact). So I looked at the door locking mechanism (bi-metalic thing) and noticed that the cable connector leading to it was slightly shifted. Re-seated the connector, and the machine started working again.
While it was open, I didn't notice anything horrible (corrosion, leaks, nothing). Probably the next thing that will "break" will be when the motor's carbon brushes will "run out". :)
You can understand and diagnose these things even without knowing too much. That's how obvious, simple, and accessible the electro-mechanical design is.
What is the point in the WiFi? All I am interested in is something that washes my clothes. Not something with endless updates and glitches that ger fixed in post.
A few other interesting tasks I was involved back then were:
- smashing an oven's door until the hinges would give up - testing new heating elements in the open (basically, building a gigantic grill) - appliance transport packaging tests - cooking and baking on a daily basis to make sure food turns out as expected
Overall, home appliances are a great product as an engineer to work on. It is a product you usually use multiple times a day. And if you love cooking yourself, even better :-)
Now I have to worry about passing drones using blinkenlights to Stuxnet my wool wash and shrink my merino socks? Brilliant. Bloody brilliant.
It’s like the most banal version of Battlestar Galactica ever but instead of an alien intelligence leveraging computer integration to attack mankind from within, it’s a guy in a t-shirt in a sweaty bunker filling my dishwasher to the brim with cold water then laughing at me via my Ring camera as he watches me flood my kitchen.
[Very cool talk, thanks for sharing :) ]
The optical communication for the Miele was pretty interesting too. I'm assuming it's to prevent moisture from corroding a port of some kind. Does anyone know of other devices this is used in or other benefits to this?
IRDA was very popular at one point and still lives on in applications like these. It's an IR serial port hung off a UART. It's stupid simple requiring no cables, pairing, or complex protocol stacks. Some smart phones have IR blasters built in so its a total win for ease of deployment in cases like these.
The primary value discussed in the talk was electrical isolation since there's mains voltage in the appliance and the potential for shorts or inadequate isolation would require some kind of isolation, so a path that optically isolates the communication makes quite a bit of sense.
I'm also curious if other devices have gone this route.
[1] https://github.com/kabelincho/LG-Smart-Diagnostics-modem
1. Hold a button while booting (pretty normal)
2. This reconfigures the circuit path of one of the LEDs so it is reverse-biased to VCC via its resistor and switches one of the microcontroller GPIOs to ADC input
3. You go to a website that plays a strobe pattern (encoding the firmware)
4. You hold that website in front of the LED till other LEDs blink, signifying a successful update
They could have done this using a photodiode, but no, they had to abuse an LED. Not many people are aware that LEDs can in a certain configuration be used to measure light.
Do you mean by mimicking the noises themselves?
https://en.wikipedia.org/wiki/IEC_62056
We have a Miele washing machine and a Miele dryer. Solid machines all around even after years of use.
The usual solution here is an optical coupling of some kind - optocouplers (a box with a LED, photodiode, and air gap between them) are very common for this purpose, and are an inexpensive and effective option for digital signaling across an isolation boundary.
In this case they’ve basically built a custom optocoupler out of discrete components, which is a bit unusual, but makes sense when you consider the risk of corrosion due to water ingress at the diagnostic ports, and the need to access it while - for example - a dishwasher cycle is running.
The WiFi implementation was interesting to me, I am glad that it is reasonably safe. I understand much of the skepticism around these kinds of features, but I also see the value in many settings. As long as they remain optional, I think the benefits outweigh the drawbacks. Kudos for BSH having good developer documentation and a local mode. I feel like a local mode should be mandatory, for safety and support reasons
Latching relays/(technically solenoid) could be driven on/off fast, the downside is in a power cut or an emergency, the relay wouldn't release unless specifically driven so.
So the third option is a momentary solenoid, which would need to be powered the whole time the door is shut, and they require a surprisingly significant amount of power. Typically 10-20w. Negligible when it compares to the KW+ heating elements, but they do add up for the energy ratings..
Fwiw, I currently have a haier, which does have one of the second options, and opens immediately after a wash and it's amazing. Can't go back.
But, wax motors continue to be used because they're just the right tool for the job.
"I'm sorry Dave but I'm afraid I can't do that"
It has been working for 25 years with no servicing, except when it "broke" once about 5 years ago. So I just opened it, stared at it for a while, and after considering the symptoms (no click in the door locking mechanism but power indicator light turning on), I realized the issue will be with something very early on in the fixed washing cycle, before the timing motor gets activated, and there will be no serious electrical damage elsewhere (fuse intact). So I looked at the door locking mechanism (bi-metalic thing) and noticed that the cable connector leading to it was slightly shifted. Re-seated the connector, and the machine started working again.
While it was open, I didn't notice anything horrible (corrosion, leaks, nothing). Probably the next thing that will "break" will be when the motor's carbon brushes will "run out". :)
You can understand and diagnose these things even without knowing too much. That's how obvious, simple, and accessible the electro-mechanical design is.