Blog

DIY FSK RFID Reader

2020-07-29 10:13:45 M&W SmartCard 110

This page describes the construction of an RFID reader using only an Arduino (Nano 3.0 was tested, but others may work), a hand-wound wire coil, and some assorted low cost common components.

Background

RFID readers are devices sold by companies such as Parallax to read RFID tags with embedded identification circuits (we focus here on passive tags, activated by the reader's transmitted RF energy). The design presented here shows how to wind a simple wire loop by hand (or create an equivalent printed circuit spiral version), connect it to an Arduino (or its chip), add a few low cost common components and create your own RFID reader. To make it more interesting (i.e. challenging), we will focus on the FSK class of RFID tags, which are fairly common among the 125kHz devices, but for some reason are not supported by the Parallax kits.

Micah Dowty has shown a design for an FSK/ASK RFID reader built around a Parallax Propeller device. His code, which is in assembly language, implements an ingenious (but complex) algorithm to create a dynamically variable analog bias voltage, which is used to pull the weak RFID signal into range, so it can be discriminated into binary signals by the Propeller's digital input circuitry. He also dynamically tweaks the transmit/receive RF frequency to keep the antenna's tank circuit in peak resonance for optimal signal to noise. There are three problems with his approach: first, the passive detection circuit lacks amplification, which makes it very sensitive to noise and therefore raises reliability issues. Second, the design is based on the Propeller chip, and if you are a fan of the Arduino and/or associated Atmel AVR chips, it leaves you out. And third, the dynamic slewing of frequencies and bias voltage is overly complicated, making it hard to debug. His general concept is attractive, however: use a microcontroller chip and wind your own wire loop to create, with some simple components and appropriate code, a complete DIY RFID reader.

Asher Glick has presented a solution for reading and decoding FSK RFID tags using the Arduino/AVR family (which he calls AVRFID), which is good except it apparently requires obtaining and modifying an existing Parallax RFID reader device (which natively only supports ASK).

Our goal here is to present a simple solution for reading FSK tags which addresses the above shortcomings: make it robust and reliable for real-world noise environments, base it on the Arduino, and build the RFID reader ourselves using a few simple low-cost parts, rather than buying and/or modifying one.

Circuit

Arduino DIY FSK-RFID circuit diagram:

DIY FSK RFID Reader

The circuit diagram above was derived from the "World's Simplest RFID Reader" design posted by Micah Dowty. Based on the Parallax Propeller, Micah's approach was to use passive components only, without amplification, in order to achieve the ultimate in simplicity. The lack of amplification, however, results in a weak signal, potentially less than 2V PTP. This signal is then biased by an analog level produced by the Propeller, to try to maintain the signal's DC level near the discrimination point of the Propeller's binary-digital input circuitry. His code attempts to dynamically calculate that optimal midpoint level, and feed it into the circuit using a filtered PWM DAC output. Since the signal is weak, it can be distorted by interference and noise, which results in reduced reliability. The circuit presented here includes (as Micah suggests in his documentation) one active component: a common low-cost LM234 quad-opamp IC (or equivalent). This addition provides several significant advantages, at a negligible cost. First, the signal is amplified (using one of the four opamps on the IC package) to a more noise-immune level (of 2-3 volts PTP). Second, the DC level of the signal is maintained at exactly Vcc/2 using another opamp on the IC, which eliminates the need for the DC propping code in the Arduino. Third, having the signal amplifier in place allows another low-pass RC filter stage (another capacitor and resistor), which makes the final discriminated digital signal cleaner and more reliable. The end result is a more robust detected signal with improved noise immunity.

As a quick review of the circuit, the loop is made of a toroidally-wound #22-30 magnet wire (we used an empty roll of Scotch 3.25" I.D. packing tape as former), and can be remoted from the circuit if needed, via coaxial cable. The inductor L1 and capacitance C1 should be matched to resonate at around 125 kHz. When driven at its resonant frequency by the Arduino's 0-5 volt square wave signal, the center point of the resonator (which connects to D1's cathode) will have a fairly pure voltage sine wave, of about 30V PTP. When coupled to an RFID tag, the pure sine wave RF will fluctuate visibly as the tag opens and closes its own loop antenna to repeatedly transmit its code. This modulation is then detected from the RF envelope by D1, C2 and R1, which produce a negative bias voltage with the small detected coded signal, e.g. about 11 RF cycles per coded cycle. The coded cycles are of two different wave lengths (or frequencies), which represent streams of logic ones and zeros, and they need to arrive at the Arduino chip as binary levels which can be timed reasonably accurately so as to reliably tell the difference between the two distinct frequencies.

The relatively large capacitor C3 decouples the negative bias voltage from the signal, and is followed by a low-pass RC filter stage (R2 and C4) which attenuates some of the residual RF spikes from the lower frequency coded RFID signal. Capacitor C5 decouples the resulting signal and presents it to the amplification stage, implemented by the LM324 opamp, IC1. The latter amplifies the weak signal from about .15V to about 3V PTP (depending of the ratio of R4 to R3), and places it on top of a Vcc/2 bias voltage, about 2.5V in the arduino's case. This signal is then fed into one of the digital input ports on the Arduino (which also includes some helpful hysteresis), and is discriminated by the internal comparator into a square wave of ones and zeroes.

Software

The Arduino sketch, derived from the code posted by Asher Glick, uses a single timer channel in the Arduino (using the Timer1 library) for both RF signal generation as well as timing clock to count the width of each input signal wave. There are two distinct cycle lengths in the detected input signal, "long" and "short", corresponding to logical ones and zeroes, respectively. A binary stream of stretches of repeated ones and zeroes is assembled, and then decimated into the original coded bits on the RFID tag, after decoding the Manchester encoding.

Here is the actual code:


  1. /*  Arduino program for DIY FSK RFID Reader
  2.  * 
  3.  *  Tested on Arduino Nano and several FSK RFID tags
  4.  *  Hardware/Software design is based on and derived from:
  5.  *  Arduino/Timer1 library example
  6.  *  June 2008 | jesse dot tane at gmail dot com
  7.  *  
  8.  *  Micah Dowty:
  9.  *  
  10.  *
  11.  *  
  12.  This program is free software: you can redistribute it and/or modify
  13.  it under the terms of the GNU General Public License as published by
  14.  the Free Software Foundation, either version 3 of the License, or
  15.  (at your option) any later version.
  16.  This program is distributed in the hope that it will be useful,
  17.  but WITHOUT ANY WARRANTY; without even the implied warranty of
  18.  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  19.  GNU General Public License for more details.
  20.  You should have received a copy of the GNU General Public License
  21.  along with this program.  If not, see.
  22.  */
  23. #include "TimerOne.h"
  24. int ledPin = 13; // LED connected to digital pin 13
  25. int inPin = 7;   // sensing digital pin 7
  26. int val;
  27. int bitlenctr = 0;
  28. int curState = 0;
  29. #define maxBuf 1000 //reduce to 100 or so for debugging
  30. #define debug  0
  31. char raw[maxBuf];
  32. int index = 0;
  33. int bufnum = 0;
  34. #define   redLED 12
  35. #define   grnLED 11
  36. void setup()
  37. {
  38.   Serial.begin(9600);
  39.   Timer1.initialize(7);  // initialize timer1, and set the frequency; this drives both the LC tank as well as the pulse timing clock
  40.   // note: modify this as needed to achieve resonance and good match with the desired tags
  41.   // the argument value is in microseconds per RF cycle, so 8us will yield RF of 125kHz, 7us --> 143kHz, etc.
  42.   Timer1.pwm(9, 512);           // setup pwm on pin 9, 50% duty cycle
  43.   Timer1.attachInterrupt(callback);  // attaches callback() as a timer overflow interrupt, once per RF cycle
  44.   pinMode(ledPin, OUTPUT);      // sets the digital pin 13 as output for scope monitoring
  45.   pinMode(inPin, INPUT);      // sets the digital pin 7 as input to sense receiver input signal
  46.   pinMode(grnLED, OUTPUT);
  47.   pinMode(redLED, OUTPUT);
  48.   digitalWrite(grnLED, 0);
  49.   digitalWrite(redLED, 1);
  50. }
  51. void callback()
  52. {
  53.   val = digitalRead(inPin);
  54.   digitalWrite(ledPin, val); // for monitoring
  55.   bitlenctr++;
  56.   if(val != curState) {
  57.     // got a transition
  58.     curState = val;
  59.     if(val == 1) {
  60.       // got a start of cycle (low to high transition)
  61.       if(index < maxBuf) {
  62.         raw[index++] = bitlenctr;
  63.       }
  64.       bitlenctr = 1;
  65.     }
  66.   }
  67. }
  68. void loop()
  69. {
  70.   if(index >= maxBuf) {
  71.     Serial.print("got buf num: ");
  72.     Serial.println(bufnum);
  73.     if(debug) {
  74.       for(int i = 0; i < maxBuf;
  75.       i++) {
  76.           Serial.print((int)raw[i]);
  77.         Serial.print("/");
  78.       }
  79.       Serial.println("///raw data");
  80.       delay(2000);
  81.     }
  82.     // analyze this buffer
  83.     // first convert pulse durations into raw bits
  84.     int tot1 = 0;
  85.     int tot0 = 0;
  86.     int tote = 0;
  87.     int totp = 0;
  88.     raw[0] = 0;
  89.     for(int i = 1; i < maxBuf; i++) {
  90.       int v = raw[i];
  91.       if(== 4) {
  92.         raw[i] = 0;
  93.         tot0++;
  94.       }
  95.       else if(== 5) {
  96.         raw[i] = raw[- 1];
  97.         totp++;
  98.       }
  99.       else if(== 6 || v == 7) {
  100.         raw[i] = 1;
  101.         tot1++;
  102.       }
  103.       else {
  104.         raw[i] = 101; // error code
  105.         tote++;
  106.       }
  107.     }
  108.     // next, search for a "start tag" of 15 high bits in a row
  109.     int samecnt = 0;
  110.     int start = -1;
  111.     int lastv = 0;
  112.     for(int i = 0; i < maxBuf; i++) {
  113.       if(raw[i] == lastv) {
  114.         // inside one same bit pattern, keep scanning
  115.         samecnt++;
  116.       }
  117.       else {
  118.         // got new bit pattern
  119.         if(samecnt >= 15 && lastv == 1) {
  120.           // got a start tag prefix, record index and exit
  121.           start = i;
  122.           break;
  123.         }
  124.         // either group of 0s, or fewer than 15 1s, so not a valid tag, keep scanning
  125.         samecnt = 1;
  126.         lastv = raw[i];
  127.       }
  128.     }
  129.     // if a valid prefix tag was found, process the buffer
  130.     if(start > 0 && start < (maxBuf - 5*90)) { //adjust to allow room for full dataset past start point
  131.       process_buf(start);
  132.     }
  133.     else {
  134.       Serial.println("no valid data found in buffer");
  135.     }
  136.     if(debug) {
  137.       for(int i = 0; i < maxBuf;
  138.         i++) {
  139.           Serial.print((int)raw[i]);
  140.         Serial.print("/");
  141.       }
  142.       Serial.print("/// buffer stats: zeroes:");
  143.       Serial.print(tot0);
  144.       Serial.print("/ones:");
  145.       Serial.print(tot1);
  146.       Serial.print("/prevs:");
  147.       Serial.print(totp);
  148.       Serial.print("/errs:");
  149.       Serial.println(tote);
  150.       delay(1000);
  151.     }
  152.     // start new buffer, reset all parameters
  153.     bufnum++;
  154.     curState = 0;
  155.     index = 0;
  156.   }
  157.   else {
  158.     delay(5);
  159.   }
  160. }
  161. // process an input buffer with a valid start tag
  162. // start argument is index to first 0 bit past prefix tag of 15+ ones
  163. void process_buf(int start) {
  164.   // first convert multi bit codes (11111100000...) into manchester bit codes
  165.   int lastv = 0;
  166.   int samecnt = 0;
  167.   char manch[91];
  168.   char final[45];
  169.   int manchindex = 0;
  170.   Serial.println("got a valid prefix, processing data buffer...");
  171.   for(int i = start + 1; i < maxBuf && manchindex < 90; i++) {
  172.     if(raw[i] == lastv) {
  173.       samecnt++;
  174.     }
  175.     else {
  176.       // got a new bit value, process the last group
  177.       if(samecnt >= 3 && samecnt <= 8) {
  178.         manch[manchindex++] = lastv;
  179.       }
  180.       else if(samecnt >= 9 && samecnt <= 14) {
  181.         // assume a double bit, so record as two separate bits
  182.         manch[manchindex++] = lastv;
  183.         manch[manchindex++] = lastv;
  184.       }
  185.       else if(samecnt >= 15 && lastv == 0) {
  186.         Serial.println("got end tag");
  187.         // got an end tag, exit
  188.         break;
  189.       }
  190.       else {
  191.         // last bit group was either too long or too short
  192.         Serial.print("****got bad bit pattern in buffer, count: ");
  193.         Serial.print(samecnt);
  194.         Serial.print(", value: ");
  195.         Serial.println(lastv);
  196.         err_flash(3);
  197.         return;
  198.       }
  199.       samecnt = 1;
  200.       lastv = raw[i];
  201.     } //new bit pattern
  202.   }
  203.   Serial.println("converting manchester code to binary...");
  204.   // got manchester version, convert to final bits
  205.   for(int i = 0, findex = 0; i < 90; i += 2, findex++) {
  206.     if(manch[i] == 1 && manch[i+1] == 0) {
  207.       final[findex] = 1;
  208.     }
  209.     else if(manch[i] == 0 && manch[i+1] == 1) {
  210.       final[findex] = 0;
  211.     }
  212.     else {
  213.       // invalid manchester code, exit
  214.       Serial.println("****got invalid manchester code");
  215.       err_flash(3);
  216.       return;
  217.     }
  218.   }
  219.   // convert bits 28 thru 28+16 into a 16 bit integer
  220.   int code = 0;
  221.   int par = 0;
  222.   for(int i = 28, k = 15; i < 28+16; i++, k--) {
  223.     code |= (int)final[i] << k;
  224.   }
  225.   int paritybit = final[28+16];
  226.   for(int i = 0; i < 45; i++) {
  227.     par ^= final[i];
  228.   }
  229.   if(par) {
  230.     Serial.print("got valid code: ");
  231.     Serial.println((unsigned int)code);
  232.     // do something here with the detected code...
  233.     //
  234.     //
  235.     digitalWrite(redLED, 0);
  236.     digitalWrite(grnLED, 1);
  237.     delay(2000);
  238.     digitalWrite(grnLED, 0);
  239.     digitalWrite(redLED, 1);
  240.   }
  241.   else {
  242.     Serial.println("****parity error for retrieved code");
  243.     err_flash(3);
  244.   }
  245. }
  246. // flash red for duration seconds
  247. void err_flash(int duration) {
  248.   return;
  249.   for(int i = 0; i < duration*10; i++) {
  250.     digitalWrite(redLED, 0);
  251.     delay(50);
  252.     digitalWrite(redLED, 1);
  253.     delay(50);
  254.   }
  255. }


Status

The device and transceiver antenna have been built and tested on multiple FSK RFID tags of various kinds, in breadboard and soldered perfboard versions, connected to remote and local probes. When the probe is properly tuned, the device can reliably detect FSK RFID tags within a range of 0 to at least 2 inches from the coil, although it may be possible that this can be extended with larger coil sizes and/or other optimizations. The circuit has also been simulated on Spice, as described below.

Spice simulation

LTspiceIV simulated waveforms of FSK RFID reader plus transponder tag:

DIY FSK RFID Reader

As seen in the LTspiceIV screenshot above, the circuit (with a passive virtual ground reference - see note below) was simulated on a computer, and the results confirmed the essential design, closely replicating the waveforms actually seen on the oscilloscope. The RFID transponder tag was simulated as a coupled transformer winding with a resonantly tuned capacitor, shunted to ground by a square-wave signal. The RFID tag's ground is connected to the main circuit's ground for simulation purposes. The inductive coupling between the two "transformer windings" is a variable which can be changed in LTspice, and was varied for testing between 1 and 0.01 (0.015 is shown in the waveforms above), equivalent to having the RFID tag positioned at different distances from the reader coil.

Notes

  • The Vcc/2 virtual ground voltage for IC1's non-inverting input can also be taken directly from the midpoint of the 100K voltage divider resistors, bypassing the second opamp. In such a case, the divider's midpoint should be connected to pin3 of IC1 via a 1M resistor.

Home
Product
News
Contact us