04 Nov 2020
When my electricity provider, nPower, upgraded me to a smart meter I was excited about getting access to more
data about my electricity and gas usage. Unfortunately, it turned out that the extra data provided by the
connected meters was only available to the power supplier, and not to me as a consumer. They provided a little
device with a screen (known as an IHD, or in-home device) which displayed the current and daily/weekly/monthly
usage, but little else. No mobile app, no ability to dig into your historical usage, and definitely no API access.
While I was disappointed and frustrated about not having access to what I consider be my data, I left it as I
had more important things to worry about (i.e. kids). With my recent project to look at collecting more data from
my house, I wanted to revisit this, and collect the data.
There are two meter standards in the UK, SMETS1 and SMETS2. SMETS1 is the older standard, which is no longer being
rolled out. SMETS2 is the current standard, which operates quite differently to SMETS1. The main benefit being that
if you switch provider your smart meter will continue to work, something that wasn’t true with the earlier standard.
If you’re unlucky enough to have a SMETS1 meter you can ask for it to be upgraded. Fortunately, I had a SMETS2 meter.
The way these meters work is that both the electricity and gas meters broadcast their readings locally over a ZigBee
network. This is picked up by your IHD, and displayed live. The electricity meter also listens to the gas readings
and every so often uploads them over a mobile phone connection to a central data broker. This is then forwarded on
your supplier. smartme.co.uk has much more detail on this process.
The key point is that your data can not only be forwarded on to your supplier, but you can grant access to other
companies too. Enter Glow who act as what is known as DCC Other User and use
smart meter data to help companies do research and development. They also provide more tools for consumers to use
their data.
After installing the app you need to go through a security verification process. This involves uploading
details of your electricity meter and address (by taking photos of your bill), a photo of some photo id, and a
selfie video of yourself saying “I’m My Name, and I accept the terms and conditions”. After that, your details
are sent away for a manual verification process, which in my case took two days. I also received an email
asking whether I was planning to buy their
display. When I said yes
they said they wouldn’t process my application until it arrived. This was a bit frustrating as it meant I couldn’t
use the app in the meantime. Once the device arrived the application was processed quickly.
Read More...
28 Oct 2020
Today I wanted to share one of the more interesting debugging experiences that I’ve had. This
happened quite a few years ago when I was involved in migrating a set of websites over to use a single
login. The idea was that as soon as you landed on a site and your session wasn’t logged in, you would be
bounced over to an authentication site, which would bounce you back again. The two sites communicated
via a backchannel, and if you were logged in on the authentication site the main site would log you in too.
If not then you’d browse as a logged-out user, and when you logged in you were bounced over to the
authentication site with your credentials passed via a backchannel. If successful then you were logged in
on both sites, otherwise an error was displayed.
The backchannel communication was all encrypted with preshared keys, and when the user was bounced to the
authentication site they were also given an encrypted token to ensure that a bad actor couldn’t attempt to
hijack another user’s session. The exact details of the token aren’t important, but they included the user’s
session-id, details of the site they landed on, and the time they were bounced (to prevent against replay
attacks).
Everything was working great in testing, and we gradually rolled the change out to more and more users.
Eventually, we started getting reports of a small number of users not being able to log in. We
were able to determine that they landed on the main site ok, and were bounced to the authentication site,
but never arrived there.
Read More...
21 Oct 2020
I’ve previously written about my plan to collect much more data about my house. In the current work-from-home
environment the quality of our internet connection is paramount, and I wanted to be able to monitor it and
potentially be alerted to any degradation before it becomes an issue.
Although I’ve replaced my wifi with a UniFi based system, I still use the router
that was supplied by my ISP - which is a ZyXEL VMG1312-B10D. Like most
networking equipment the ZyXel supports SNMP
which is a technology for reading and writing stats and configuration from equipment, and aggregating them together.
On paper it sounds great, but unfortunately SNMP is a nightmare to work with, and you need a mapping file for each
device, which doesn’t exist for this model. After looking into creating this mapping, and integrating my preferred
technology slack of Grafana and Prometheus, I decided to change tack
and extract the data myself.
Fortunately the router UI contains some plain text data which looks easy to scrape. So, filled with confidence that
this would be an easier approach that learning SNMP I spun up a GitHub project and got to work cranking out some code.
Read More...
14 Oct 2020
For a long time now I’ve tracked the weather outside my house with my weather station. I also
have smart electric and gas meters which display my usage on a little screen in my kitchen, but I didn’t try to do anything
useful with that data. Recently I brought an electric car and given that it’s essentially a giant iPad on wheels it inspired me
to look into what data I could collect from it, and from elsewhere in my house.
Towards the end of last year, I upgraded my Synology NAS to a newer model which has an Intel,
rather than MIPS processor, partly because it was old and I was worried about it dying, but mostly so I could run Docker containers
on it. I’ve been running both a Ubiquiti UniFi Controller and PiHole since then,
but I knew as part of this project I’d want to run many more containers so I took the opportunity to tidy up the setup.
Docker Compose is a tool that sits above the normal docker command and it lets you run multiple docker containers while simplifying
the management of images and the options you need to set for the container to work correctly. You can find my docker-compose.yml file
here.
Read More...
10 Oct 2020
Last week the UK government announced more than 12,000 cases
of COVID-19 - more than double the number from the day before. This increase was accompanied by the following
message on the Government’s Data Dashboard.
Due to a technical issue, which has now been resolved, there has been a delay in publishing a number of
COVID-19 cases to the dashboard in England. This means the total reported over the coming days will
include some additional cases from the period between 24 September and 1 October, increasing the number
of cases reported.
This turned out to be an issue with the reporting of positive tests caused by a limit in Excel. An interesting
part of the story is the way it was initially reported in the media. Their focus is on the number of the cases
reported each day, which due to the delay in processing tests is not accurate normal, but with this delay is
a pretty meaningless number. The key measure used to make important decisions is the rolling average of new
case over the last seven days, and with this number you can’t at a glance know how the average is changing.
What is particularly odd, is that it turns out that the government do publish the number of positive cases by
the date the sample was taken. It’s just that for the last few days the media narrative has been “huge number
of cases”, even though that’s largely an artefact of the old incorrect data. Sure they’re high, but they went
up a week before, not last Saturday.
Read More...
