Monitoring, Control, and IT Security

Since a while I am writing mainly about data logging and monitoring of heating systems and solar panels, and about the internet of things and its security in general. As self-proclaimed ‘Science Officer’ I am in charge of numerical simulations and software development for data analysis.

My older posts also feature anecdotes and notes from the field form my former life as an IT security consultant concerned with Public Key Infrastructure and as an IT manager.

[Page last edited: 2017-07-14. Feed for postings in this category.]

Blog posts on IT and control in descending order.

[2017-07-14] Heat Transport: What I Wrote So Far. ‘IT’ has become ‘just a tool’ again – I went back to where I started from. This is a list of all my blog posts about simulations and data analysis related to heat transfer and energy storage. I enjoy data crunching as much as ‘pen-and-paper’ analytical solutions.

[2017-06-06] Other People Have a Life – I Have Domains. New domain names and HTTPS everywhere.

[2017-02-05] Earth, Air, Water, and Ice. Data Kraken in action: Analyzing data for the heating season 2014/15, in terms of two different energy balances: 1) The net energy ‘in the tank’ (allowing for calculating the contribution of ground) and 2) the three heat exchangers that are connected in series in the brine circuit.

[2016-12-22] My Data Kraken – a Shapeshifter. Answer to the question: How do you analyze and consolidate your logging data? What is the biggest challenge? It’s the ongoing change of the ‘database schema’: New sensors, shuffled columns in log files, new calculated values…

[2016-11-20] Give the ‘Thing’ a Subnet of Its Own! A brief report ‘from the workbench’: How recent Internet of Thing hacks reminded me of the often overlooked ‘routing feature’ in Windows… which was helpful in quickly giving control units’ data loggers access to the internet.

[2016-09-30] Internet of Things. Yet Another Gloomy Post. Some thoughts about recent DDoS attacks – and why I think the discussion about manufacturers locking down their printers is somewhat related.

[2016-08-24] Hacking My Heat Pump – Part 2: Logging Energy Values: Querying the heat pump’s CAN bus for temperature and energy values, plus: network traces and details of CAN frames sent and received by open source tool can_scan.

[2016-08-03] Hacking My Heat Pump – Part 1: CAN Bus Testing with UVR1611. Extending logging infrastructure – automating reading off our heat pump’s internal energy meter by using Raspberry Pi as monitoring device. Before connecting to the heat pump hardware and software is set up and tested with a CAN bus I am familiar with.

[2016-06-22] First Year of Rooftop Solar Power and Heat Pump: Re-Visiting Economics. Consolidated data from PV inverter’s logger, smart meter(s) and heat pump monitoring and control. 30% of yearly consumption has been directly supplied by PV panels but in winter the demand exceeds available PV energy by far.

[2016-06-10] Have I Seen the End of E-Mail? I have been impressed by a targeted ransomware attack on very small Austrian businesses.

[2016-06-01] Photovoltaic Generator and Heat Pump: Daily Power Generation and Consumption. Comparing detailed time curves – from three different logging sources: PV output, input energy for the heat pump’s compressor, and the home’s total smart meter balance.

[2016-05-19] Everything as a Service. Trying to predict the not-to-distant future of heating for consumers – following the ‘as a service’ philosophy introduced to software products long ago: Heating will be turned into monthly subscriptions bundled with internet access and bank accounts, and home owners will host aesthetically pleasing black-boxes operated by ‘platforms’.

[2016-04-17] Alien Energy. An update to the previous two articles in this category. Our PV generator and power metering infrastructure is now operational for nearly a year, and I am analyzing the most peculiar day. In February, the peak power was close to the generator’s rated power for half an hour.

[2015-12-07] Half a Year of Solar Power and Smart Metering. Combining data harvested by three different loggers: 1) UVR1611: Ambient temperature, heat pump compressor’s energy, 2) Fronius Symo Datamanager: PV output energy, 3) Smart Meter B-Control EM-210: Energy consumed and fed into the grid.

[2015-11-13] The Impact of Ambient Temperature on the Output Power of Solar Panels. Verfied by analyzing our monitoring data – combining logging from our heat pump’s control unit (UVR1611) and the PV inverter’s logging.

[2015-10-29] Random Things I Have Learned from My Web Development Project. The first half is about technology and HTTP redirects, the second half can be ignored by geeks.

[2015-09-18] My Flat-File Database. My new websites’ database is equivalent to a bunch of text files. I am going to use standard SQL queries to retrieve content and meta-data from the file contents and the file name.

[2015-08-17] Interrupting Regularly Scheduled Programming … I am going to re-do my websites from scratch.

[2015-06-17] Solar Power: Some Data for the First Month. Figures and numbers from our PV generator’s logging: Combining daily energy balances with data from our power meter, and tracking intermittent short and very high power spikes by parsing the inverter logger’s website.

[2015-05-07] Watching TV Is Dangerous. Data logger BL-NET is silenced by an IP-TV in the same LAN; solution: Put the logger in its private subnet.

[2015-04-29] Finally Mobile-Friendly! (How I Made Googlebot Happy)  Not this blog of course – it had been responsive already. But I gave in to Google’s nagging and did not ignore messages in Google Webmaster Tools any longer.

[2015-03-18] Data Logging with UVR1611 – FAQ. These days I am mainly interesting in IT security in relation to gadgets connected to heating systems, control units, and other ‘things’ (as in IoT).

[2015-01-23] All My Theories Have Been Wrong. Fortunately! I apologize to Google. They still like my blog. This blog’s numbers plummeted as per Webmaster Tools, here and here you find everything you never wanted to know about it. I finally figured

[2015-01-09] Looking for Patterns. Some details about the hack of my non-Wordpress website. A self-sabotaging post written by a so-called IT security expert.

[2014-12-20] Waging a Battle against Sinister Algorithms. My website was hacked, but worse: Google seems to consider me a link scammer and my page impressions plummeted by a factor of 100.

[2014-11-15] Google and Heating Systems (2). How things (in the Internet of Things phone home and/or are accessed directly from the internet. I still prefer the portal (rendezvous server) based solutions to port-forwarding.

[2014-08-05] When I Did Social Engineering without Recognizing It. Title says it all.

[2014-07-18] 5 Years Anniversary: When My Phone Got Hacked.This post has some technical information it is more of a personal rant. Now I can laugh about it. I am not a phone phreaker so any input is welcome!

[2014-07-03] What Learning about Feynman’s Path Integrals Was Good for. On the complexity of PKI.

[2014-06-08] Network Sniffing for Everyone – Getting to Know Your Things (As in Internet of Things) Not specifically about certificates – but about what is often required to troubleshoot validation of certificates: Sniffing.

[2014-05-11] Diffusion of iTechnology in Corporations (or: Certificates for iPhones): Experimenting with a new format of technical posts – by dividing them into two distinct parts 1) Hopefully accessible ‘pop-sci’ / ‘business’ / ‘philosophical’ introduction, followed by 2) hardcore technical details the non-geek reader could skip.

[2014-03-12] The Strange World of Public Key Infrastructure and Certificates: Exactly what the title says. Some issues from my text file presented in more pop-sci way to your typical geek.

[2014-02-13] What I Never Wanted to Know about Security but Found Extremely Entertaining to Read: A review of Peter Gutmann’s terrific book Engineering Security, and some of my related encounters.

[2013-05-13] Cyber Security Satire? Not exactly zoomed in on PKI – but the overall message is in line with the next two posts. This post also includes the only hilarious aspect of my master thesis on smart metering and security.

[2013-02-18] My Google Searches Might Heat Your Home. Sorry, but this is not about Search Term Poetry! Rather the contrary: Imagine your search terms could be utilized for something down-to-earth, for something useful.

[2013-01-22] Trading in Heat Pumps for IT Security? Seriously? A personal essay on an important career transition – one I don’t consider so off-base and oh-this-is-now-something-totally-different. Actually, I am still trying to do both as per end of 2014 – supporting some of my long-term PKI clients.

Certificate Validation

Certificate paths – the roots (pun not intended) of all evil.

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s