Asset Control System
Group Members
Daniel Williams
Kenneth Sullivan
Carley Baltromitis
Casey Quinn
Senior Design Project
Spring Summer 2016
TABLE OF CONTENTS
1.0 Executive Summary 1
2.0 Project Description
2
2.1 Project Motivation and Goals 2
2.2 Ojectives
4
2.3 Requirement Specifications
3.0 Related Research
6
8
3.1 Existing Similar Projects and Products 8
3.1.1 KEES (Keyless Electronic Entry System)
3.1.2 Euchner EKS 9
3.2 Access Technologies
8
11
3.2.1 RFID 11
3.2.2 NFC 12
3.2.3 Face Recoginition and Other Biometrics
3.2.4 Magnetic Stripe
18
3.2.5 Barcode Scanning
20
3.3 Embedded CPUs/ Microcontrollers
15
22
3.3.1 Embedded CPU/Computer
22
3.3.2 Arduino Development Series 24
3.3.3 MSP430
29
3.3.4 ARM Microcontroller 31
3.4 Switch
35
3.4.1 Standard Relay
3.4.2 BJT 37
3.4.3 MOSFET
37
3.4.4 SCR 38
35
3.5 LCD/Touch Screen
40
3.6 Enclosure
43
3.6.1 Mechanical Mount
3.6.2 Magnetic Mount
43
44
3.7 Software UI/ System
44
3.7.1 Database Options
45
3.7.2 UI Platforms 46
3.7.3 Software Requirements
47
3.8 Possible Architectures and Related Diagrams 48
3.8.1 Database Structure 48
3.8.2 Device Communication Network
3.8.2.1 STAR Topology 51
3.8.2.2 IOT Style Topology
52
3.8.3 Circuit Diagram
53
3.8.4 Power Path 53
51
3.9 Possible Architectures and Related Diagrams 54
3.9.1 Database Structure 54
3.9.2 Device Communication Network
3.9.3 Circuit Diagram
55
55
i
4.0 Related Standards
58
4.1 Design Impact of Relevant Standards 58
4.2 PCI Compliant Standards
59
4.3 Data Security Standards
60
5.0 Relistic Design Constraints 64
5.1 Economic Constraints 64
5.2 Time Constraints
65
5.3 Environmental, Social, and Politcial Constraints
5.4 Safety and Security
65
66
5.5 Ethical and Health Constraints 67
5.6 Manufacturability and Sustainability Constraints
68
6.0 Project Hardware and Software Design Details 70
6.1 Initial Design Architectures
70
6.1.1 Initial Design Block Diagrams 70
6.2 Hardware Design Details
74
6.2.1 Switch Design
74
6.2.2 Microcontroller Circuit Design 79
6.2.3 Access Control Devices
82
6.2.4 Embedded Computer 85
6.2.5 LCD Touch Screen System 86
6.2.6 Enclosure Design
87
6.3 Software Subsystem
88
6.3.1 Target Platforms
89
6.3.1.1 Windows IOT
89
6.3.2 Specific Hardware Requirements of Target Device
6.3.3 Payment Processing/ Invoicing
90
6.3.3.1 Authorize.net
90
6.3.3.2 Stripe
90
6.3.3.3 Intuit Payments
91
6.3.3.4 Payment Conclusion
91
6.3.3.5 Invoicing 91
6.3.4 Data Structure
6.3.5 Report Designer Softwares
92
7.0 Project Prototype Construction and Coding
7.1 Project Acquisition and BOM
96
7.2 PCB Vendor and Assembly
97
7.2.1 PCB Manufacturers
7.2.1.1 Express PCB
7.2.1.2 Advanced Circuits
7.2.1.3 OSH Park 98
7.2.2 PCB Summary
7.3 Final Coding Plan
89
96
97
97
97
98
98
ii
8.0 Project Prototype Testing
100
8.1 Hardware Test Environment
100
8.2 Hardware Specific Testing
100
8.2.1 LCD Touch Screen Testing
8.2.2 Access Control Testing
8.2.3 Switch Testing
104
8.2.4 Microcontroller Testing
100
101
105
8.3 Software Test Environment
106
8.4 Software Specific Testing
108
9.0 Administrative Content
112
9.1 Milestone Discussion
112
9.2 Budget and Finance Discussion
113
Appendices 121
Appendix A: Copyright Permissions
Appendix B: Table of Figures
122
Appendix C: Table of Tables
123
Appendix D: Sources
121
124
iii
1 Executive Summary
This project is aimed at creating an asset control and tracking system. It is a low
cost solution that we are seeking with the ability to implement functionality of high
end systems available. We first discovered the costs associated with custom
systems can vary but be quite expensive. With this system we hope to allow for
expandability and provide a robust backend system that will allow for expansion
of assets and data. The system we are proposing is a more customized form of
access control. Honywell for instance, has 3 different solutions for access control.
All three are specifically for door entry and logging. Our system will look to
expand the reach of this to controlling the actual hardware or appliances. Instead
of restricting entry we will restrict the use of assets within the area controlled.
This approach will allow for many people of different access levels to enter the
same areas and still be restricted to what they are entitled to use. This control will
also track the use of the assets and could submit reports to a project
management system.
The idea of a system like this could be expanded to further capabilities in network
logons and server access. But the main goal of this project is to create an
inexpensive version of customizable security systems. At the forefront of this
project is scalability. In order for this system to be feasible it needs to allow for
the addition of units and personnel. We want to ensure that the system can be
setup with any number of units and people in the database. We also want to
ensure that we can take units away or add more to the system. All of this will be
done without compromising the integrity of the system. We will implement a
security around the database and also around the login system. This is to
prevent any unauthorized access to the user database that will govern access to
everything in the system.
There is a level of compatibility issues that may arise when interfacing with some
equipment. Due to this issue we will need to resolve a best approach in an
attempt to make the system universally acceptable. We will create this system
using three separate control devices for demonstration purposes. If there are any
unforeseen obstacles to the approach we use to control access we may need to
augment the approach.
We hope to achieve a maximum level of performance and usability with this
system while keeping the cost low. There is a need for a more affordable solution
for companies and entities that cannot use big budget spending to secure their
assets. At the same time a professional polished look and feel to the system
must be present. Our budget for this project is not funded or sponsored so the
1
team will need to finance the system development. We hope to achieve our goals
for the system while keeping expenditures below the $1000.00 threshold.
2 Project Description
The project will encompass 3 main components. The main component of the
system will be the database and communication hub. This system will provide
communication between the relay devices and the database system. Each relay
device will be comprised of a power switch and a control circuit. Each relay
device will also include a display for status and sensor for RFID or NFC
technology. Finally each relay will send and receive data wirelessly. For viewing
and report of activity a user interface will be used as the final component. This
component will be software mainly and will be independent from the main system
software. It will be dependent upon the device used to access the system. In
figure 2.0.1 is a basic illustration of the project components and interaction
between them.
Figure 2.0.1 – Basic project flow chart
2.1 Project Motivation and Goals
The motivation for the project came from an offering by the college of
engineering for a system that encompassed a control of assets with a tracking a
billing software for departmental billing. We evaluated the demands of Dr. Reza
and found them to not be compatible with the demands of a senior design
2
project. After consultation with Dr. Ritchie we decided to go ahead with a plan but
under our own specifications. If the system proves to be desirable to Dr. Reza we
will consider the licensing of the system to the college. We further will consider
the possibility of the system being purchased by any possible vendors or
interested parties to recover and possibly gain revenue. Originally we had a
different project in mind but as we became familiar with the needs Dr. Reza put
forth we saw the possibility a project that would allow us to utilize the skills we
have learned over the course of the degree and also produce a product of
considerable value at a low cost. The team was interested in the fact the project
was scalable and dynamic in nature. The hardware parts of the system will allow
us to fulfill the requirements of PCB board creation for the course. We will also
be able to gain experience in board design tools for the creation of the 3 separate
units. In evaluation of other existing systems one fact holds true throughout all of
them. The cost associated with these customizable systems is quite high. Even
with the high cost of these other systems ranging in excess of $3000.00 each
system seems to be basic with the option to add onto it with an added expense.
More importantly they all seem to focus on door entry with no real control over
the appliances inside the room. This is where we want to emphasize our system.
Another motivation for this project is to make it portable to mobile devices which
will allow for authorized users to open up their account and view their usage
which can help to verify usage was in fact authorized. Mobility may be
implemented at other levels as well; as we see the convenience of being able to
utilize mobile functionality to acquire access to assets can provide a means of
centralized control. However administrative activities will be best suited for a web
based interface to ensure detailed user manipulation of the system. This system
will break through some of the barriers of secured access compatibility. We hope
to bring the features of compatibility, scalability and stability to a low cost
platform.
Goals of our design team project span across many aspects of our project. The
following bullet points will describe the individual goals of the project we hope to
achieve:

Login security - login functionality should be reliable and secure.

User interface readability- the user interface should provide information in an
organized and easy to read format.

Administrative ability - The system should provide easy manipulation of the
system for the addition of users and the addition of devices to the tracking
system.

Report capability - The user should be able to access user level appropriate
reports on activity with the possibility of billing attributes if billable activities
are occurring.
3

Mobile access - We hope to provide the ability for users to access system and
open access to devices. We also hope to provide data on activity through this
medium.

Tracking accuracy - The goal here is to ensure ( with testing ) the accuracy of
the data recorded by activities. We want the data to be reliable and coherent.

Access integrity for devices - The devices should only allow for operation
when proper credentials are assigned to the device. The system should not
allow unauthorized users to access the device.

Database integrity - The database should provide a collection of data that can
be accessed efficiently. It needs to allow for queries that are effective and
absolute. Redundant data should be mitigated to ensure performance.

Termination of user session - There should be an automatic cessation of any
device in use after a certain amount of inactivity. Also if another user attempts
to access the same device the previous user should be terminated from the
session.

Device control integrity - The devices will be governed by small devices that
will allow operation or restrict it. Since the control is paramount to the system
our goal is to ensure these small control devices meet any standards
necessary.

Exporting of data - Since there are many formats data can be assembled into
we want to provide a standardized data format that could be utilized by
external systems.

System status - Users should be able to see current activity status and if a
system is ready for use or in use.

User feedback - A possibility of user feedback on a devices needs (
maintenance required, supplies needed etc…) so as to alert administrators for
any possible issues.

Standards - We will utilize predefined standards for the system

Durability - We hope to achieve a durability with the control devices.
Longevity of operation may not be able to be tested within the scope of this
project but the overall durability can be evaluated during building and testing
of the devices.
2.2 Objectives
The objectives of the Asset Control system are to monitor assets, or tools. The
reason why monitoring the assets is important is because in some atmospheres
it is necessary that some tools are not allowed to be accessed by some people.
Some users are not allowed to access any tools, either because they do not have
4
the proper safety training or because they have no paid for the time they have
used on different tools. There is a need at schools and in the workplace to track
who is using which tools and in some cases charge users based on time used.
The goal is to produce an inexpensive option that can be deployed to allow or
deny access to specific items and track the usage so there is a capability to bill
the user for the time they used the asset. The objective is to provide a means of
tracking tools that is efficient and simple that can keep users safe and the entity
supplying the tool paid and happy. The Asset Control System will be designed to
be easy to add and remove tools that are available and who can have access to
those tools so that after the Asset Control System is installed the purchaser can
use the devices and system with ease. The ease of use and addition and
subtraction of items that are allowed or denied access the Asset Control System
is set apart from many competitors.
An alternative objective the system could be used to enable activation of
appliances within a house or office. If devices were connected to lights or
televisions. The app could be used to activate the appliance in the house.
Development of this aspect may be too ambitious for the time frame of this
project but it would make for an interesting addition to a later version.
Considering that you could essentially control your house from a mobile device.
Even more intriguing would be to create control interfaces for air conditioning
units that could also be controlled by the software. This idea is outside the scope
of our initial objectives. But for basic application of the system proposed you
could conceivably turn a light on or off through the use of the application even if
you were not in the room. Security of the system may present an issue of trying
to connect it to the internet thus allowing remote access and control from away
from home. This alternative objective would not utilize tracking and reporting
features for the purpose of billing. However, it could be a way to ascertain the
last individual to turn on the light or television. In an office setting this would
indicate authorized persons being in the location. In a home setting this would
provide a parent with the ability to track device usage and control the useage of
children.
With these objectives in mind a grand objective seems to emerge. This grand
objective is that the system should be built in such a way that it can be modified
or customized for different uses. Scalability to expand the size of the device
network and also the range. Function can be fine tuned for use of the asset
control or appliance operation.
5
2.3 Requirements Specifications
Software to be Produced:
This software will provide a means to track and control access to specific
equipment. In the design will be incorporated a database that includes all
authorized personnel and log entries for what systems were accessed. An
interface for users and an interface with superuser rights for project manager.
There will be display of project steps and where the current standing is as well as
a estimated time for steps and projected completion.
Hardware to be produced:
This Hardware will involve 3 device that interface with electrical outlets. These
devices will communicate with a main system that will authorize activation and
deactivation of the devices. Each of the devices will contain some sort of circuit
that withdraws the power needed to run the equipment.
Product Overview
Assumptions:
The platforms for the software are to split up among the functionality needed. We
assume the integration of html, php, Mysql and javascript will fulfill the desired
functionality. However we have a particular expertise within the group involved in
asp.net. These platforms are known to perform functions needed for the system.
The relational schema for the database is assumed as we may find the need to
change the structure. We could find the need to expand tables and create new
relations for more efficient and simple query statements.
Hardware needs are assumed to be standard with respect to normal wall outlet
specifications. The interface between the devices and system will be wireless for
easier implementation. The main system will need to send and receive wireless
data and maintain a database for reports and queries.
6
Stakeholders:

Customers - These are the individuals who will pay for the product or try to
acquire the product after its completion. This can sometimes be the same as
the user but not always. Our customers will be managers, professors, and
project leaders wanting to track and control the use of assets. .

Users - These are the ones who will use our system. Each will use the system
in a different way. For example, the administrator access will be allowed to
add units and people to the system.

Engineers - We take into account the people who will be building the system
as well as maintaining and improving it. They will be able to estimate costs
and development time due to their expertise. The software developers for
this system will mainly be us until we grow into a larger company.
7
3 Related Research
While developing any project it very important to consider the existence of similar
products. It is also a necessity to research the other options to determine the
significance of the existing products in relation to the project. It also will behoove
the team to research different ways of achieving the technical specifications of
the project. The different types devices that will meet our specifications will be
researched for the most acceptable option. Most acceptable option should
include these characteristics:

Lowest cost

Most durable

Compatibility

Small size

Lowest optimal power needs
While these traits are the objective some of them may not be absolute. For
instance lowest cost may need to be forgon to achieve most durable and
compatible. This is ultimately what we will find in the research of the parts. We
will attempt to find the closest match to what we need to accomplish the project.
3.1 Existing Similar Projects and Products
3.1.1 KEES (Keyless Electronic Entry System)
The Keyless Electronic Entry System was a senior design project that was
created in Fall of 2013. This project utilizes many different ways in which to open
a door or grant entry. Though our project does not hope to accomplish this task
specifically, we do hope to achieve the similar level of access control that this
project achieved, through the use of several different techniques. Due to this fact
some of our hardware and coding will be close to the arrangement in this project.
Some of the means this group used for access that will be of interest to our
group, as we proceed to research and fully gather our own ideas and plans for
ACS, was how they utilized the RFID scanner, incorporated face recognition, and
mobile app control of the KEES. These 3 features are items we wish to
incorporate into ACS. The RFID they use as a base mean of granting access. If
all else fails they employ the use of basic RFID scanning to allow a person into
8
the room. Through image processing and face recognition KEES, it gives the
user or administrator privileges to create a backlog and database of authorized
users, just as our group plan to do with ACS, although possible not with facial
recognition. However that is an option we are exploring as it would be an efficient
way to keep things highly secure. The mobile app also is an idea that we will be
using, this also creates a database of allowed user or authorized devices that
can be not only be added to and taken away but would allow for an accessible
option, as cell phones and their interface, rather Android or Apple are
commonplace today.
Though there are similarities with this project there are also a slew of differences.
The obvious is that ACS would not be used to unlock and lock doors. ACS plans
to achieve absolute control and security of each piece of equipment on which it is
installed. KEES employs a database to keep authorized entrants registered and
anyone else out, our project not only intends to do this but also log the time they
have access and potentially develop an invoice system so that future use of ACS
could be used to bill for equipment use. KEES also has listening capabilities to
better detect a knock pattern that is stored in memory as a unique knock and
thus authorize access. This is an exclusive feature that would be a major key
feature and trademark of the KEES, but it has no useful purpose on the ACS, nor
would anything similar be employed on it. While the KEES has to be mounted on
a door, the ACS will need to be designed to be mounted on a variety of different
surfaces and it’s footprint would need to be relatively small to avoid needing a lot
of room in a place where space is at a premium, which is not what KEES would
have had an issue with as their application can remain constant.
Despite the differences between systems, the commonalities is what will be
important to us as we attempt to understand and piece the ACS together more;
this first project we reviewed will be more important to understand how some of
their access control devices were working on an embedded level. Important also
is how things were able to communicate seamlessly across different platforms
whether it is Linux to Android or Windows. Using the KEES as a reference point
for the ACS will be a beneficial addition to our research into making the ACS
work flawlessly and in a multitude of means, just as Chris Condella, Josh Baxter,
Sam Demole, and Jason Wagner did for their UCF Senior Design project.
3.1.2 Euchner EKS
The Euchner EKS (Electronic Key System) is a commercially available product
that accomplishes the task of controlling access. This device does not have as
many features as we would like the ACS to have and does not support any form
of mobile application. However the EKS was designed to be a highly portable
access control system that could be applied to many different situations, some of
9
which include PC access, programmable logic controllers, tool cribs, and
standard building access. The versatility of the Electronic Key System is
something that we hope to be able to mimic. EKS is able to communicate
through Serial RS232/RS422, USB, Ethernet TCP/IP, and PROFIBUS DP. Not
only does it have versatility it also comes in a relatively small package that is
designed to be easily incorporated in any space which is a top concern of ours
when it comes to fitting the ACS on workstations that could already be crowded,
needing as much as space as possible. Table 3.1.2.1 entails the dimensions and
also the power usage of the Euchner EKS. Due to the high adaptability of the
EKS and the small footprint Euchner opted to make a variety of different models
depending on the need the EKS would fulfill. Doing so made the current
consumption vary, as well as voltage. The values listed in Table 3.1.2.1 are the
listed typical values found for the EKS.
Typical Power Supply (V)
24
Current Consumption (mA)
100
Dimensions (mm)
68x33x50 (LxWxD)
Temperature Rating (ºC)
0-55
Enclosure Rating
IP67
Table 3.1.2.1 – Euchner EKS Specifications
The EKS uses programmable keys that are set for specific functions and even
rates. These keys work wirelessly and communicate though induction means and
includes a 116 byte programmable E²PROM, plus an additional 8 bytes. The
programming of the keys is done through a user friendly program on a PC that
allows the administrator to set all kinds of unique parameters including the rate at
which a machine is used for the set user. It also grants the administrator at
anytime to edit, create new, or delete old and lost keys. The ACS hopes to
incorporate this kind of accessibility to our design. Though we do not wish to
regulate the rate at which a device is used we do intend to monitor how long the
device was used which is not as involved as the monitoring level that the EKS
has. The EKS does also provide us with more motivation to be thorough in our
design as there is an established market for such access control methods. ACS
hope to be as versatile and accessible as the EKS, if not more so, with our
incorporated support of mobile platforms and possible incorporation of biometric
scanning devices that will reduce the need to purchase and track keys or tags.
10
3.2 Access Technologies
Access technologies refers to the Means by which the system will approve or
deny authorization. The passing of the credentials will need to utilize one of these
technologies in order to provide an easy way for a user to interface. This will
eliminate the need of logging into the system and also provide a way track the
usage activity. There are a few options available that will satisfy this requirement.
These are :

RFID

NFC

Face Recognition/ Biometrics

Magnetic strip

Barcode scanner
3.2.1 RFID
RFIDs have been in production for more than fifty years (Technovelgy.Com) and
have recently with technological advanced been considered a disposable
technology. The price of RFID technology has become increasingly inexpensive
as time goes on, similar to most technologies, some of the retailers are listed in
Table 3.2.1.1 with the price and capacity information. RFID tags are either
passive or active, active tags are powered by battery and passive tags get
energy from receiving RF energy from a reader.
Table 3.2.1.1 RFID Passive Readers
11
A Radio Frequency Device (RFID) is capable of transmitting a maximum of 2,000
bytes of data (Technovelgy.com) using a chip and an antennae. The size of a
RFID chip is the size of a grain of rice, the smallest in history was created by
Hitachi, a Japanese technology giant ( TFOT.COM). The measurements are a
mere 0.15x0.15 millimeters, with a thickness of 7.5 micrometers thick
(TFOT.COM), in order to write data on the chip Hitachi uses semiconductor
miniaturization an electron beam, writing to such a small device requires this
method. The market sells a wide variety of RFID devices that include flexible and
waterproof. Because of the small nature of the RFID design, the technology can
be imprinted on a label. Using a special ink a device can be printed on paper and
some are less than half a millimeter square (Technovelgy). The extremely small
size works makes affixing the RFID imprinted on a label to any object simple and
convenient. A comparison of passive RFID devices on the market is shown in
Table 3.2.1.1. The ACC-809 RFID is expected to work within less than a foot of
the signal reader, whereas GR-1.5-915 can reach at maximum thirty feet.
Comparing RFID technology to Barcode or Near Field Communication (NFC)
method of detection RFID has a much broader detection range.
There is a disadvantage of using RFID that commonly occurs which is known as
reader and tag collision. Reader collision is when two or more reader’s signals
overlap. The RFID tags are not capable of handling multiple queries
simultaneously. Tag collision is when numerous tags are in a small area and the
signals need to be read one at a time because simultaneous reading causes
reader collision. There are not set global standards on RFIDs and due to this
RFIDs have been implemented in various ways.
RFID systems can be easily disrupted or intercepted. You do not want to store
sensitive information on RFIDs, anyone with a reader can intercept the signal
from a distance without the knowledge of the RFID carrier. Data storage
capabilities range from holding as little as a social security number or as much as
several pages of data (fda.com). Using RFIDs can pose risk to electronic medical
devices that can be affected by electromagnetic disturbances (fda.com).
3.2.2 NFC
Near field communication (NFC) occurs between two electronic devices that can
communicate when they are within approximately two inches of each other. The
small range of a few centimeters of transmission would infer safer data, but the
communication between devices is not ensured to be secure. NFCs are still
subjected to the man-in-the-middle-attack, which is when a conversation
between devices occur and there is something intercepting information that is
happening in that conversation without permission of the devices communicating.
12
In most cases one device is transportable, like a cellular device, where the other
device is stationary. A common example of NFC technology is smart pay at
grocery stores where you can use your cellphone to pay for your purchase. The
communication takes place on the radio frequency ISM band of 13.56 MHz using
electromagnetic induction between two loop antennae(cite).
There are three working states of NFCs, card emulation, peer to peer, and
reader/writer states. The card emulation state, allows the users to use their NFC
enabled device as a credit card. Amongst NFCs capabilities of holding secure
data, PIN numbers, loyalty card data, and contacts can be stored. The safety of
NFC technology is dependent upon the user, if you were to lose your wallet with
all the credit cards, loyalty cards and identification there is nothing to protect that
information. A smart phone however can be protected with a password, adding
an increased level of security to storing your card’s data on your cellular device.
NFC Standards require that the channel that data is sent from one device to
another is secure and implements the usage of data encryption. Standard
ECMA-340 Near Field Communication Interface and Protocol (NFCIP-1)
describes the restrictions and mandated protocols that must be followed. Table
3.2.2.1 lists some these standards that near field communication must follow.
13
ECMA Protocol
Description
ECMA-356
Specifies tests for ECMA-340 which defines RF test
methods for Near Field Communication devices that fit
in an area of 40mm x 50 mm
ECMA-373
Requirements for the interface between a transceiver
and the front end.
ECMA-362
Specifies Test Methods
ECMA-352
Radio Frequency requirements (prevents collision),
specifies the frequency to not interfere with any
communication on the 13, 56 MHz range.
ECMA-391
Defines modulation schemes and conditions that are
mandated to prevent collision when initialization occurs
as well as exchanging of data.
ECMA-390
Denotes commands required for ECMA 373, and
control the exchange of control and state data between
the two wires.
ECMA-340
Defines standards relating to passive and active
communication devices, modulation schemes, and
agreements that happen between the accepting and
transmitting parties.
Table 3.2.2.1 ECMA Standards Descriptions
Near Field communication coincides on smartphone devices with bluetooth
communication. Bluetooth communication however has a longer range and
subsequently uses more power to operate than NFC. Bluetooth can connect to
another device that is within thirty two feet on the device, NFC has the ability to
transmit data to another device within four centimeters. NFC is simple to use,
and can transmit data quickly with the swipe of your device, and the reduced
range reduces the odds of a man in the middle attack occurring, where someone
is basically listening in on the communication you are initiating or receiving.
14
Near field communication has the ability to transmit data, and even power
between two devices using induction. During near field communication two
devices that are powered on transmit a magnetic field to each other the
transmission of data takes less than one second to complete using minimal
power.
Figure 3.2.2.1 - Protocol Arrangements
3.2.3 Face Recognition and Other Biometrics
Facial Recognition and biometric scanners, such as fingerprint scanners and
voice identification systems, have been a fast growing market and a lucrative
feature for any security or access control device to have. Before looking into
incorporating any such devices, it would need to be looked at which would be the
most feasible and reliable for use in the environment the ACS is bound to be in.
Accuracy will play a huge role in the selection of the proper biometric scanner as
we hope to make ACS as accessible as possible; without the user needing to
repeat or otherwise use a “back-up” option such as a magnetic stripe card
reader, if the scanner fails to recognize the parameter that we are employing. It is
the goal of ACS to make a highly straightforward device and the addition of
biometric access control would be apt.
There are several different open source codes and API’s for facial recognition
software, including OpenCV’s FaceRecognizer. This code can use several
different algorithms including Eigenfaces, Fisherfaces and Local Binary
15
Histogram Patterns. Eigenfaces incorporates the Principal Component Analysis
(PCA) which was independently proposed by Karl Pearson (1901) and Harold
Hotelling (1933) to turn a set of possibly correlated variables into a smaller set of
uncorrelated variables. The idea is, that a high-dimensional dataset is often
described by correlated variables and therefore only a few meaningful
dimensions account for most of the information. The PCA method finds the
directions with the greatest variance in the data, called principal components.
Fisherfaces utilizes the Linear Discriminant Analysis maximizes the ratio of
between-classes to within-classes scatter, instead of maximizing the overall
scatter. The idea is simple: same classes should cluster tightly together, while
different classes are as far away as possible from each other in the lowerdimensional representation. This analysis does differ from the PCA method
employed by Eigenfaces which finds a linear combination of features that
maximizes the total variance in data. Of course this is surely a strong and certain
way to analyze data, however it does not consider a good deal differentiation and
a lot of discriminative data might be lost when components are thrown out during
calculations. Using either of these algorithms would involve a database of around
8 to images per authorized user to get about 96% recognition rates according to
an analysis of working code on OpenCV.org. To achieve the same results with
fewer images Local Binary Patterns (LBP) could be implemented. The basic idea
of LBP is to summarize the local structure in an image by comparing each pixel
with its neighborhood. Take a pixel as center and threshold its neighbors against.
If the intensity of the center pixel is greater-equal its neighbor, then denote it with
1 and 0 if not. You’ll end up with a binary number for each pixel. By doing this
you stop looking at the whole image as a high-dimensional vector, but instead
break it down into low-dimensional objects. While this is useful in being able to
discern the image from lighting issues, it does also make it sensitive to other
areas such as scale. This algorithm actually was able to compete with state of
the art results for texture classification. Due to all these source codes being
available, it might be best to experiment a little with each though it would seem
most appropriate to go with LBP as it does not need as many images per
authorized user and not as sensitive to lighting which might not be dependable
where the ACS will be implemented.
Electronic fingerprint scanners have quickly risen in prominence since they were
first being implemented by the FBI in 1999. The technology has grown and made
them increasingly accurate. Overall there are 4 main types of hardware
associated with the fingerprint scanners; they are optical, capacitive, ultrasound,
and thermal. An optical sensor takes an image of the finger, and is perhaps the
most widely used sensor. A capacitive sensor determines each value of the pixel
based on capacitance measured, due to the fact that air would have less
capacitance than an area of skin. Ultrasound sensors rely on the prisms that are
reflecting light that would be related to a fingerprint. Thermal scanners often need
a swipe of the finger to evaluate the difference in temperature over time to create
a digital image. Once these images are captured there are two different
algorithms that are widely used today to compare fingerprints. There is Pattern
16
matching, which is comparing two images and seeing how well they match. The
more widely used and more accurate method is minutiae-matching, this relies on
matching minutiae points that were scanned using the sensors. Minutiae in
biometrics are the major distinguishing features of a fingerprint. Fingerprint
scanners have been proved to be fairly accurate; according to the NIST (National
Institute of Standards and Technology) the one finger scanners have been
proven to be accurate 98.6% of the time. There are several open source codes
as well that would be available to be able to utilize and manipulate as ACS needs
to work seamlessly. There are numerous one finger scanners available for use
and integration into a system, they also happen to be inexpensive as well.
Voice recognition is another fast growing field as it has been determined to be
another key feature that is unique to one person and is generally accessible by
everyone. The equipment needed for this is just a basic microphone that will take
in the analog speech and convert it digitally to be analyzed by an algorithm.
There are 2 forms of analyzing speech data; one being text dependent in which a
user has a fixed word or phrase they have to repeat and the other being text
independent which is more flexible as it analyzes rhythm and intonation among
other factors.
The problem with voice recognition is not that it is not accurate, as with the text
dependent method systems have proved to be quite accurate. It is the fact that
voice recognition devices have been shown to be bypassed by having a
recording of the user’s voice, and that depending on the environment; it could be
very hard to get a clean sample to be analyzed. This would be extremely difficult
to determine in the case of the ACS as it could be installed on a device that is
located in a very noisy machine shop. While this might be the lowest cost
implementation of a biometric scanning device it might also prove to be the most
problematic.
After researching these various means of biometric recognition devices, it seems
that facial recognition and fingerprint recognition are the best options for a secure
and reliable alternative for controlling access with the ACS. However, due to the
cost effectiveness of voice recognition, it might be worth looking into making it
work in a test environment if our timing constraints are not stretched as well as
our fiscal constraints. Implementation of a biometric device would be a great
experience for all involved in this project as biometric devices are only continuing
to rise in use, whether it is in mobile applications for consumers or it is being
used for professional means to grant access or keep logs of activity. Table
3.2.3.1 gives a quick price breakdown of each piece of hardware needed for the
operation of the biometric device.
17
Biometric Device
Hardware
Cost
Face Recognition
Logitech HD C270 Webcam
$20.32
Fingerprint
Recognition
Fingerprint Reader Sensor $29.90
Module
Voice Recognition
KY-037 Microphone Sensor $3.66
Module
Table 3.2.3.1
As shown in Table 3.2.3.1 and mentioned previously the cost of hardware voice
recognition is quite inexpensive, however the cost of the other devices are
relatively similar. While they are higher in cost they potentially will be more
efficient.
3.2.4 Magnetic Strip
Magnetic Stripe technology has been used since the 1960s (Hightechaid.com) ,
the first usage being in the London Underground in the UK, and within a decade
the US had adapted the technology for Bay Area Rapid Transit. The magnetic
stripe simply stored a value that could be read by the reader. After the advent of
magnetic stripe was standardized it began being used for financial institutions for
debit and later , credit cards. The University of Central Florida has magnetic
stripe technology used for Student Identification cards, which have capabilities of
working like debit cards in some vending machines and copy machines.
Advantages of Magnetic Stripes

Simple to Use

Widely Implemented Technology

Inexpensive to Produce

Easily Write/Read numerous times

PIN numbers can protect data

Student Identification/Credit/Debit Cards Use this Technology
18
Disadvantages of Magnetic Stripes

Limited Storage Capacity

Can be duplicated cheaply (security issue)

Magnetic Fields can damage stripe

Thieves can easily retrieve data
The magnetic stripe is composed of magnetic particles that are contained within
a resin and applied to a card, which is generally made of plastic but could be
made of any material. The process of changing the data stored on Magnetic
Stripes is as simple as the first encoding of data and can be done an unlimited
amount of times. Data is stored as binary digits where the polarity of the
Magnetic Stripe section depicts if the bit is a one or a zero. The range of a
Magnetic Stripe is minimal and direct contact is generally necessary to get data.
Magnetic stripe cards can be bought blank, you may purchase them online
through Amazon, or technology retailers, they are also found in store at Staples
costing seventy five dollars for five hundred blank cards that are ready to be
encoded.
There are standards for magnetic stripes, the current and commonly used being,
ISO/IEC 7810,11,12 and 13 ( hightechaid.com). The standards are shared
between Japan and the US , so cards adhering to these standards can be used
in either vicinity. The standards only adhere to the banking systems, so when
creating a magnetic stripe there are no mandated standards if the usage is
outside of banking.
Many retailers are straying away from magnetic stripes because data can be
easily read and reprinted, making counterfeit cards a bountiful problem. The
alternative is using a chip, the reason chips are safer is that you can not clone a
card’s chip , where magnetic stripes can be cloned easily (stackex.com).
The following table 3.2.4.1 shows the average cost of some common readers
that are available for purchase. Though using the data from the table it is easy to
see that the cheaper options do not fearure the ability to write on the magnetic
stripe card itself. Though, this might not be necessary for the ACS to operate if
we intend to magnetic stripe cards that are already encrypted with Infomartion,
such as employee ID cards or student ID cards. These could also be preprogrammed “guest cards.”
19
Name
Retail Price
Retailer
Reader
Writer
MSR605
$175
mag-stripe
Yes
Yes
ELO E757859
Magnetic Stripe
Reader
$50
Staples
Yes
No
Square Reader
$0 Percentage
Fees Apply
squareup
Yes
No
Table 3.2.4.1 Magnetic Stripe Reader/Encoder
3.2.5 Barcode Scanning
Barcodes are a widely used technology and have three different scanning
methods. A wand scanner implementing LED can be used to light up the dark
bars and empty spaces, and capture the pattern in order to decode the pattern to
obtain information. Using LED technologies will a wand scanner requires the
wand to come in physical contact with the barcode in order to read it. ChargeCoupled devices may also be used to read a barcode.
The Charge-Coupled device (CCD) is used to denote a single row of photocells
that reside on one semiconductor chip, the benefit of s CCD reader is the ability
to read the entire cross section of a barcode instantaneously without a swiping
motion that required by a wand scanner that uses LED. Laser scanners have
longer range of readability and have the potential of reading a barcode from as
far as 12 inches away.
All readability ranges can be found in Table 3.2.5.1. Laser scanners have a
higher precision over LED and CCD readers and it can handle larger barcodes if
the barcode is moved away from the laser to accommodate for the size. The
quickest type of laser scanner uses an interlocking pattern to increase probability
of capturing a scan.
20
Scanning Technology
Readability Range (min)
Readability Range (max)
LED
X
X
CCD
0.25 inches
1 inch
LASER
1 inch
12 inches
Table 3.2.5.1 - Range of readability
The ease of obtaining a barcode is as simple as going online to a barcode
generator, inputting desired data and printing the barcode on either a label,
packaging or a piece of paper. The data that can be stored on a barcode is
variable depending on which type of barcode is used. The ease of creating and
printing barcodes make it extremely cheap, costing less than any other reader
technology such as RFID or Near Field Communication (NFC).
OnlineLabels.com sells labels for printing barcodes on, 100 sheets can be
purchased for less than twenty dollars, and one sheet can be purchased for four
dollars, each sheet has 154 labels.
Advantages of Barcodes

Inexpensive to generate and print

Widely Used (user familiarity)

Numerous Barcode Varieties Exist

Disposable
Disadvantages of Barcodes

No Security

Data is easily read by thieves

Reading Scratched/Crumpled barcodes

Must be in line of sight to be read

Erroneous functionality possible
There are many types of barcodes, including QR codes which hold a website
URL. Code 128 has a high data density which makes it ideal for shipping and
21
packaging barcodes it has an unlimited length capability of holding ASCII
characters. Data Matrix is used for holding text or binary data as well as numbers
ranging from 1 - 255 and is widely used for labeling produce or electronics.
3.3 Embedded CPUs/ Microcontrollers
3.3.1 Embedded CPU/Computer
We are interested in the embedded Broadcom SoC chipset, this chipset often
comes with ARM architecture and are often integrated with an embedded
computer already. We are going to need a small embedded computer to provide
communication to from the point of access device, to the database, and to then
to microcontroller that will be in charge of turning on the access controlled
equipment. The Raspberry Pi is an inexpensive embedded central processing
unit, created in England by the Raspberry Pi Foundation. It is a very popular
product for hobbyists and students alike. The form factor is relatively small, about
the size of a credit card (85mm x 56mm), which would be important for the size
of the enclosure needed. The power rating on the Raspberry Pi is low as well
with values ranging from 0.8 to 4.0 watts. This would be perfect for our project
use as we do not want to draw a lot of power. There are several form factors the
Raspberry Pi comes in. Finding the right embedded computer is very crucial to
this project as we want to explore as many features as we can without getting too
complicated for the system to perform its essential task of allowing only
authorized users the permission to operate the equipment. All the processors
that are utilized in the Pi’s, use the variations of the ARM architecture, which
creates a very easy environment to create and transmit data as a possible use of
ARM microcontrollers might be used to control the access to the equipment.
Raspberry Pi’s all will run using Linux and the newer models use Windows 10 IoT
(Internet of Things), which is the new version of Windows Embedded. The
versatility of being able to run either OS is beneficial as Windows is a more
marketable OS and user friendly, but Linux is better for a development
environment. It should also be noted that these CPU’s are not known to run hot
enough to have any thermal considerations, i.e. heat sinks or any active cooling
applications. Though if a processor was needed to be over clocked it would not
be for certain that the normal thermal considerations would not be guaranteed
thus a heat sink would possibly be needed. All of the Raspberry Pi boards
involve the same GPU (Graphics Processing Unit). The incorporated GPU is
Broadcom’s VideoCore IV, which supports all standard definition formats, as well
as full HD formats.
The first generation board from Raspberry Pi features a Broadcom BCM2835 32
Bit SoC (System on Chip) and 256MB of RAM or upgradable to 512MB of RAM.
22
Though this amount of RAM is relatively small our utilization of RAM would not
be great for the essentials of our project. The ARM processor operates at
700MHz and does support floating point operation, which will help in more
complicated processing tasks. The board also has 1 to 4 USB 2.0 connectors
that will allow for simple manipulation of peripheral devices as we hope to
integrate more into our project, as well as a place to be able to plug in a mouse
and keyboard so direct debugging can take place, along with the HDMI port
which is compatible with most standard LCD monitors available. The first
generation board does have 1 Ethernet port available. However, the version of
this board that has the higher value of RAM and the higher number of USB ports,
has become more difficult to find as it has been discontinued due to the rising
popularity of the second generation board and the very recent unveiling of the
third generation Pi board. The average cost of this board is about $25 new and
used ones can be found online for as little as $5. This project will not be using
used boards as there might be problems found with them that will hinder our
progress in trying to prepare our prototype in the next semester.
The second generation board comes with all the available features of the first
generation Pi but with a higher clocked CPU that operates at 900 MHz and 1GB
of RAM. This is a Broadcom Single Board Computer (SBC) that’s CPU is a quadcore ARM Cortex-A7. This is also the first generation of Raspberry Pi’s to be able
to run both OS. The hardware differences alone are enough to want to utilize this
board for the purposes of interfacing with the microcontroller and communicating
with the database. The cost is about $10 more which is reasonable enough to
upgrade to a platform that would allow for more versatility and better reliability in
handling all the processing that would be necessary for any extra feature we can
add such as a camera for facial recognition and Open CV. With this added
functionality it does raise the power consumption rating to 800 mA or about 4 W,
which as noted previously would not interfere greatly with our end goal of the
project.
Raspberry Pi has released the third generation of embedded computers in
February 2016. This board features a SoC Broadcom that had an ARM CortexA53 64 bit quad-core processor that operates 1.2 GHz. This board also comes
with 1GB of RAM like its predecessor which is more than enough for our
purposes as we don’t plan on running too extravagant of programs or more than
one at a time. There’s an upgraded switched power source that goes up to 2.5
Amps instead of just 2 Amps, which would help not limit us if we did find a
peripheral that needed more power, such as some of the biometric devices that
may be incorporated to control access. This does create a higher raise in the
power consumption but only if there is a USB device plugged in that utilizes the
higher current draw. Otherwise the power consumption of this board is identical
to the previous generation. The biggest upgrade on this board variation is the
addition of wireless technology built in. The other boards had Ethernet and would
support the small USB adapters that would allow for Wi-Fi, but this board not only
23
has an adapter built in, it also has Bluetooth Low Energy (BLE). These two
available options make this board the optimum choice for this project, with this
technology built into the board we would not have to account for added space
and power to the adapter. The ability to communicate to the database wirelessly
will help in the overall enclosure and placement of the hardware on the
equipment. Bluetooth would help with the option of how to integrate tablets and
smartphones. However due to the fact that it is such a new release, availability
becomes an issue as well as if there are any problems with quality control issues
that have yet to be uncovered. With the board being the nearly the same price as
the second generation it is going to be worth looking into acquiring this board
when we begin to gather all the components needed for this project.
Though the optimum board is the latest iteration of the Pi, the second generation
board might be the best fit, as it is readily available now and is known for being
reliable. This will end up being an opportunity to use the time between now and
the time at which we will be acquiring all the elements required. We can continue
to plan to work with the third generation Pi and all the advantages it will give our
design as far as more options. All of the features that the third generation has
that the second does not have, can be included, either through peripherals,
whether USB or serial, and raising the clock speed through overclocking the
processor.
3.3.2 Arduino Development Boards
Arduino is essentially a name brand of microcontrollers with which they have
many options for various uses. The main characteristics as shown by the
manufacturer for arduino products are as follows : Processor, operating voltage,
CPU speed, Analog in/out, digital io/pwm, eeprom, sram, flash, usb, uart. There
are currently sixteen different models of arduino boards. These variations utilize
different aspects of the characteristics. The first major characteristic of these
boards is the processor. There are several kinds of processors that are used on
the boards. The table 3.3.2.1 below shows the different types of processors and
the voltage associated with them as well as the cpu speed. A few processors
actually have more than one configuration. While some of the processors have
different voltages it should be noted that the voltage is relative to the board they
are seated on. The boards have different memory configurations and ports which
contribute to varied voltage specifications. The board configurations vary but the
language for Arduino is the same throughout. For our purposes we will likely
need low voltage with a lot of ports to test the separate devices.
24
Processor
Cpu speed
Operating/input voltage
Intel® Curie
32MHz
3.3 V/ 7-12V
ATSAM3X8E
84 MHz
3.3 V / 7-12 V
ATtiny85
8 MHz
3.3 V / 4-16 V
ATmega168V
8MHz
2.7-5.5 V /2.7-5.5 V
ATmega328P
8 MHz
2.7-5.5 V /2.7-5.5 V
8 MHz
3.3 V / 3.35-12 V
16 MHz
5 V / 7-9 V
16 MHz
5 V / 5-12 V
8 MHz
3.3 V / 3.8-5 V
16 MHz
5V
ATmega2560
16 MHz
5 V / 7-12 V
SAMD21 Cortex-M0+
48MHz
3.3 V/ 5V
AR9331 Linux
400MHz
5V
ATSAMD21G18
48 MHz
3.3 V / 7-12 V
ATmega32U4
Figure 3.3.2.1 – Specifications on Arduino Development Boards
The Arduino program language can be divided into three main parts. The parts
are : structure, variables and functions. The structures consist of two primary
structures : setup() and loop(). There are control structures as well these are as
follows : if, if...else, for, switch case, while, do...while, break, continue, return and
goto. Further syntax structures are common C syntax such as semicolon, curly
braces, single line or multi- line comments, #define and #include. Arithmetic
operators are the same as the standard operators used in most other languages.
Comparison operators are also in line with other languages like C. Boolean
operators (and, or, not) are the same as C. Referencing operators also known as
25
pointers are the asterix for dereferencing and ampersand for referencing. Bitwise
operators hold to the standards of C for and, or, xor, not, left, right. Compound
operators used to simplify expressions are also reflective of C. The compound
operators are the usual types such as increment, decrement, compound addition,
compound subtraction, compound multiplication, compound division, compound
modulo, compound bitwise or and compound bitwise and. The second part of the
language is variables. In variables we have constants, data types, conversion,
variable scope and qualifiers and utilities. In table 3.3.2.2 we see a list of
variables associated by their categories.
Constants
Data types
Conversion
Variable scope Utilities
and qualifiers
HIGH | LOW
Void
char()
Variable scope
Sizeof()
| Boolean
byte()
Static
PROGMEM
int()
Volatile
INPUT_PULLUP Unsigned char
LED_BUILTIN
Byte
word()
Const
True | false
Int
float()
Integer
constants
Unsigned int
INPUT
OUTPUT
Floating point
Char
long()
Word
Etc…
Table 3.3.2.2 – Variable List
The third and final part of the language is known as functions. There are 14
categories of functions as specified by the Arduino reference material. These
categories are as follows : Digital I/O, Analog I/O, Due & Zero only, Advanced
I/O, Time, Math, trigonometry, characters, Random Numbers, bits and bytes,
external interrupts, interrupts, communication and USB(32u4 based boards only).
Digital I/O
 pinMode()
 digitalWrite()
 digitalRead()
Analog I/O
 analogReference()
 analogRead()
 analogRead() - PWM
26
Due & Zero only
 analogReadResolution()
 analogWriteResolution()
Advanced I/O
 tone()
 noTone()
 shiftOut()
 shiftIn()
 pulseIn()
Time
 millis()
 micros()
 delay()
 delayMicroseconds()
Math
 min()
 max()
 abs()
 constrain()
 map()
 pow()
 sqrt()
Trigonometry
 sin()
 cos()
 tan()
Characters
 isAlphaNumeric()
 isAlpha()
 isAscii()
 isWhitespace()
 isControl()
 isDigit()
 isGraph()
 isLowerCase()
 isPrintable()
 isPunct()
 isSpace()
 isUpperCase()
 isHexadecimalDigit()
Random Numbers
 randomSeed()
 random()
Bits and Bytes
 lowByte()
 highByte()
27





bitRead()
bitWrite()
bitSet()
bitClear()
bit()
External Interrupts
 attachInterrupt()
 detachInterrupt()
Interrupts
 interrupts()
 noInterrupts()
Communication
 Serial
 Stream
USB
 Keyboard
 mouse
The Arduino language is based on C/C++. It allows the use of any functions in
the AVR Libc. With respect to libraries the Arduino environment can be extended
through the use of libraries similar to most programming platforms. Many of the
libraries come installed within the IDE for Arduino. Additional libraries can be
downloaded or creation of a custom library can be done. This makes Arduino
customizable for the needs of the developer. Standard Libraries that are included
are listed below.
EEPROM - reading and writing to “permanent” storage
Ethernet - used to connect to networks
Firmata - used to communicate with applications and serial protocol
GSM - used in connecting GSM/GPRS network
LiquidCrystal - used to control LCD’s
SD - for reading SD memory
Servo - for the operation of servo motors
SPI - used for serial peripheral interface bus
SoftwareSerial - for serial communication on any digital pins
Stepper - for control of stepping motors
TFT - for drawing text, shapes and images
WiFi - used to connect WiFi
Wire - Two wire interface for send and receive of a network of devices or sensors
28
There are many other libraries that have been created for use in different
applications. We will not go into them for their lack of relevance to this project.
With this being said we can safely assume that the Arduino is a feasible solution
to our needs. It possesses the features of low cost architecture with versatile
application. The assessment of other candidates will determine if Arduino is the
favored choice for the needs of this project.
3.3.3 MSP430
The MSP430 was developed by Texas Instruments and is a mixed signal
microcontroller. When developed the goal was to create an embedded
application platform that is typically low cost and power consumption. During idle
mode the MSP430 produces a current that can be lower than 1 microAmp, which
the ability to change between six modes. Because of the rapid wakeup time
associated with the MSP430 the device can stay in sleep mode for longer
periods of time and conserves energy by not needing to be turned on when not in
use.
Microcontrollers in general, are microprocessors that are embedded in a variety
of devices, you may find microcontrollers readily within a car, because they have
the capability of controlling something as simple as the radio and as complicated
as aspects of the engine. Microcontrollers are essentially a less sophisticated
version of a cellular phone.
The benefits of using microcontrollers are their small size, low price and they can
be programmed and reprogrammed to perform tasks. The reusability of the
MSP430 is virtually unlimited and can be programmed hundred of thousands of
times without encountering any issues. Technological advancement over the
years has made microcontrollers that are able to rival or even beat some of the
computers that existed in the seventies through the nineties.
The tools needed to use the MSP430

A programming environment with debugging capabilities

Microcontroller Support Circuitry

Application Specific Circuitry.

Knowledge Needed to Use the MSP430

Assembly Code / C Programming Language
29

Digital Logic
EZ430-F2013 USB Stick Development Tool Utilizes the MSP430 and comes on
in a convenient USB stick which is easy to transport without damage and costs
around twenty dollars. THe EZ430-F2013 houses two boards that are both
secure beneath a plastic casing. The two boards are the programming board and
the target board. The Programming board on the MSP430 is the platform that the
code is run on and the target board houses the MSP430.
The MSP430 is programmed using assembly language which when assembled is
turned into a machine language program. The micro-architecture that is used
with the MSP430 is the size of a flash drive. Microcontrollers are binary
computers and they work by interpreting binary numbers.Because binary is time
consuming to decipher by humans, there is assembly language which is written
in basic english then transformed into binary for the MSP430 to understand.
Writing in C language is then converted into assembly language and finally into
binary.
There are two types of Registers in the MSP430 the CPU registers and the
Module Registers. Registers are a small set of data holding slots, similar to a
filing cabinet that is capable of storing data. These registers are then used to
hold any type of data, from a storage address or computer instruction, to random
values. Module registers are specifically for controlling the peripherals in the
MSP430. Inside the MSP430 there are a variation of both 1 byte and 2 byte
registers.
Some of the qualities that make the MSP430 beneficial to use can also be
considered a downside to using the MSP430, because it is geared for long
energy use and designed to run minimally intensive applications it is inexpensive
and good on power, however memory capabilities are limited as well as
processing capabilities.
Advantages of MSP430:

16 bit processor

Low Power Usage

Simple debugging within IDEs

Low Cost

Readily Available Learning Materials

Small Size
30

Multiple Pins
Disadvantages of MSP430:

4k Limit on the IAR Embedded Workbench

Lower Processing Capabilities
3.3.4 ARM microcontroller
ARM stands for Acorn RISC Machine at its origination but has adapted to be
called Advanced System Architecture. RISC stands for Reduced Instruction Set
Architecture, and is a designed CPU design strategy using a simplified set of
instructions instead of a more complex set which would be titled CISC, Complex
Instruction Set Architecture. RISC architectures use the load and store
architecture, in the load and store architecture memory is accessed normally
through the specific instructions rather than through other instructions such as
add or sub.
The ARM Module allows for saving electricity with is quicker reboot time but also
saves energy because in general it is an energy efficient device. The ARM
architecture is inexpensive to manufacture, you can purchase the entire ARM
platform which has the companion chip and a processor and the total will be
about fourteen percent less expensive than the 86 bit processor.
The ARM Architecture has an elaborate support system in place. The support
systems that are in place are considered efficient and effective. The ARM
Architecture allows for a processor to run seamlessly with it, and you should not
anticipate a delay. The small size and minimal configurations required, it is
regarded as a great option for creating mobile applications. The flexible design
also makes it a viable option for mobile devices. The development time is
expected to be short because they are easy to configure.
Over a period of time the ARM Architecture has transformed to meet the
expectations that the market desires. In order to keep up with the times
technology companies like the ARM developers have had to create devices that
are quicker, have flexible technology and enhanced features. There are three
profiles for the ARM Architecture. The ARM ISA is always improving but has
backwards compatibility making the ARM Architecture extremely versatile.
ARM Architectures
31

ARMv8-A Architecture

ARMv8-R Architecture

ARMv8-M Architecture
Of the three ARM Architectures they all have very different purposes. The
ARMv8-A Architecture was developed with high performance in mind, they are
generally used in mobile devices and enterprises. The ARMv8-R was developed
with embedded applications in mind as well as usage in the automotive industry.
Lastly the ARMv8-M architecture was designed for both embedded technology
but also to be used with the Internet of Things and other similar applications.
The ARMv8-A includes 64 bit general purpose registers as well as a stack
pointer and a program counter. The ARMv8-A supports processing and virtual
addressing. The two main execution states that are included are the AARCH64
and the AARCH32 where both are execution states with an exception model,
programmers model and instruction set for that state, the only difference between
the two is the bit size. Respectively AARCH64 and AARCH32 are 64 bit and 32
bit. The two execution states are A32 and T32, A32 is called ARM and is 32 bit
instruction set. The T32 is called Thumb and is a 16 bit architecture set.
We will explore the ARMv8-A in depth as it suits the needs of the Asset Control
System’s design. The ARMv8-A is a 64 bit support system for the ARM
Architecture, and the company boasts an excellent power efficiency.
Compatibility between the ARMv8-A and existing 32 bit architecture is seamless.
There is availability of larger registers if desired, and cryptography instructions
are available, the ability to use cryptography on the ARMv8-A Architecture is
extremely valuable.
ARM DS-5 is the Development Studio used for ARMv8-A, it includes a toolbox of
all the necessary tools required to develop on the ARM processor. There are a
couple different development studios available, the ARM Compiler 6, ARMv8
Fixed Virtual Platform. The DS-5 development studio is used in conjunction with
ARM Fast Models to develop and debug as well as optimize designs and
efficiency.
The ARM has 37 registers that all are 32 bits in length those register dedications
are shown in table with their respective uses. Table 3.3.4.1 shows the seven
basic operating modes and a brief description of each of the operating modes.
32
Table 3.3.4.1 - Operating Modes and Descriptions
Table 3.3.4.2 Seven Basic Operating Modes
Depending upon whether you are operating the ARM state or in the Thumb state
the number of instruction size changes. The instruction size for the ARM state is
32 bits wide where all instructions are required to be word aligned. During the
operation of the Thumb state the instructions are only 16 bits wide with the
alignment needing to be halfword aligned. Halfword is 16 bits wide and word
aligned is formatted into 32.
33
Table 3.3.4.3 Conditional Code Chart
ARM Cores are used for devices like smartphones, the technology is easy to
learn and use. Not only are ARM cores considered simple to use, they also are
considered more cost effective, when comparing the ARM architecture to an
eighty six bit processor the price difference is staggering. The ARM Architecture
has a faster boot loader guaranteed, this will make turning off a machine and on
the hardware when necessary in order to save electricity easy. Long periods of
not using the software can trigger the device controller to be turned off, and
because of the quick reboot feature it is not an inconvenience to save electricity.
3.4 Switch
The switch is the component that will be necessary to regulate and control the
power to the assets with which we want to control. There are four types of
switches that we are considering. These four types are as follows :

Standard Relays

BJT

MOSFET

SCR
In the following subsection of section 3.4 we will evaluate each of these for their
plausibility in the system. The switches main function is to limit the flow of power
to a device. This however is not as simple as it sounds because some factors
need to be taken into account. First standard outlet energy comes in the form of
120 VAC. with this in mind we will need to preserve the source signal while
34
controlling output. The switch will need to be durable enough to withstand such a
high level of energy. The convenient property here is that we will not need to
convert the signal to DC. This we will leave to the individual asset’s power
regulation mechanism. This will ensure that the asset does not experience any
unwanted effects of the power intervention. Another convenient property is that
since the device will be connected to an energy source there will be no need to
acquire a source for operation of the device. Therefore we can build the device
with a parallel circuit to the power regulation switch. The circuit will allow for the
activation of the switch as needed and will also power the display on the device.
The switch will provide power to asset when activated and will meet the
standards of electrical outlets as well as relay the same standards to output.
Switching power can be damaging to some assets so it is considerable that we
may implement a switching procedure that doesn’t actually terminate power but
lowers the voltage to prohibit functionality. This may not be desirable for all types
of assets we could connect. It may be necessary to provide warnings as to the
effect the switch will cause in order to prevent asset damage. Each switch will
need to be durable enough to handle the load. Also it must be of high quality to
ensure longevity and mitigate component failures.
3.4.1 Standard Relays
Standard power relays are a basic electro-mechanical switch that allows for
control of power or signal to be passed through without the user needing to
physically throw a switch or otherwise provide a path for conduction. This is done
through a small electric signal that when applied to the relay forces an
electromagnet to close a switch, thus causing the high current output to be
allowed to be pass through. Relays have been a main component of power
control systems for a long time; they have proven to be very accurate at
providing consistent power. Below is a Table 3.4.1.1 which shows the
specifications of the TE Connectivity PCB relay with a 5 VDC coil.
Coil Voltage
5
VDC
Operation Voltage
3.5
VDC
Release Voltage
0.5
VDC
Contact (Output) Voltage
250 – 400
VAC
35
Contact (Output) Current
10-16
A
Operating Temperature
0-85
ºC
Dimensions
29x13x16
(LxWxH)
mm
Contact type
Through-hole
Table 3.4.1.1 – TE Connectivity RT1 PCB Relay
This relay, based on the values in table 3.4.1.1, have the specifications the ACS
needs for the switch. The RT1 relay costs $4.24 each, from Mouser Electronics
and the availability is not plentiful. There are other options that have the similar
ratings such as the K10 series from TE Connectivity, however, these relays are
more than double the cost as the contacts are able to withstand more power and
come in many different varieties. Relays are a standard when it comes to
electronically switching power; however they have been known to fail due to their
mechanically moving parts that make it susceptible more to wear due to
temperature and constant use. The advantage of using a standard relay comes
from its simplicity to implement. It is a straightforward design that works and has
been used in a variety of applications from automobiles to radios. The ACS does
want to be a product that uses the most up to date technologies, but it also needs
to be proven to function during all conditions. Standard relays are going to be our
most rugged option, which is why standard relays will still be considered as the
ACS solution to switching power to the device.
3.4.2 BJT
The use of BJTs as switches is a very common practice, to accomplish this all
you need to know is the cutoff and saturation regions of the BJT you wish to use.
Using the cutoff level this would make sure whatever the load on the emitter is
not getting any of the source power from the collector. This would be the case for
an NPN BJT. When the saturation threshold had been crossed, BJT would allow
source current to the load, turning it on until the threshold current is no longer
available. Transistors of this type generally are used in smaller applications such
as controlling lamps and miniature dc motors. They have even been used to
control and switch on standard relays. Such small applications would not be
applicable to the ACS. We hope to be able to use our project to control bigger
pieces of machinery, which is possible using transistors just not a single one.
36
Darlington Pairs are a combination of two transistors that when configured
correctly will be able to control both larger current and larger voltage. Darlington
Transistors simply contain two individual bipolar NPN or PNP type transistors
connected together so that the current gain of the first transistor is multiplied with
that of the current gain of the second transistor to produce a device which acts
like a single transistor with a very high current gain for a much smaller Base
current. The overall current gain Beta (β) or Hfe value of a Darlington device is
the product of the two individual gains of the transistors. However due to the
output current being driven by the base, the circuit then begins to become more
complex as current is not something that is easy to remain constant. This value
would also need to be changed constantly depending on the load that the ACS is
hooked up to. Due to the cost and reliable performance from BJTs this option is
still one that will be weighed with the others so that the ACS will have the
appropriate switching mechanism.
3.4.3 MOSFET
MOSFETs like BJTs are quite commonly used as switches in PCB applications,
used to turn on channels due to their fast switching nature. The main difference
between BJTs and MOSFETs is that while BJTs are controlled by current,
MOSFETs are controlled by voltage. This makes the circuitry easier to design
around because voltage is maintained more feasible than current. However,
when using a MOSFET or any type of field effect transistor for that matter as a
solid-state switching device it is always advisable to select ones that have a very
low RDS(on) value or at least mount them onto a suitable heatsink to help reduce
any thermal runaway and damage. Power MOSFETs used as a switch generally
have surge-current protection built into their design, but for high-current
applications the bipolar junction transistor is a better choice.
With the main limitations of MOSFETs being that it cannot handle the higher
current functions, this appears to be not a good answer for the ACS. However it
is entirely possible to put MOSFETs in parallel, this would give the ACS the
ability to handle the high voltage and high current loads. This is another feature
over the BJTs that MOSFETs have. Though this will inevitable take up more
board space on our design it might be worth the cost of space to have a solid
state electronic device that is easily controlled by voltage as an option for the
ACS. Just as our other selections, we will make an educated assessment of what
we will use that will best fit the purposes of the ACS.
3.4.4 SCR
37
A silicon controlled rectifier or semiconductor-controlled rectifier (SCR) is a fourlayer solid-state current-controlling device. One of the biggest benefits of using
the SCR over a standard relay is the elimination of the relays biggest failure and
source of delay. This is the fact that the SCR is a solid state electronic device,
where the standard relay is an electromechanical device, that often makes for a
noisier circuit. The name "silicon controlled rectifier" is General Electric's trade
name for a type of thyristor. The SCR was developed by a team of power
engineers led by Gordon Hall[1] and commercialized by Frank W. "Bill" Gutzwiller
in 1957. Some say silicon controlled rectifiers and thyristors as synonymous,
other sources define silicon controlled rectifiers as a proper subset of the set of
thyristors, those being devices with at least four layers of alternating n- and ptype material. According to Bill Gutzwiller, the terms "SCR" and "controlled
rectifier" were earlier, and "thyristor" was applied later, as usage of the device
spread internationally. SCRs are unidirectional devices as opposed to TRIACs,
which are bidirectional. SCRs can be triggered normally only by currents going
into the gate as opposed to TRIACs, which can be triggered normally by either a
positive or a negative current applied to its gate electrode. SCRs are typically
used in high voltage and high power conditions. This is due the use of its PNPN
structure that allows for this use of high current.
The method of securing SCR conduction is called triggering, and it is by far the
most common way that SCRs are latched in actual practice. In fact, SCRs are
usually chosen so that their breakover voltage is far beyond the greatest voltage
expected to be experienced from the power source, so that it can be turned on
only by an intentional voltage pulse applied to the gate.
When looking to use SCRs we need to be sure that the turn on voltage or current
is low enough to be able to utilize the signal from the microcontroller we have
selected. The other critical part is making sure that it can handle the current and
voltage needed by the typical machines we will be controlling access to. If we
select a part that just meets the average standard then ACS will end up having
critical failures as soon as the average is exceeded. Keeping this in mind,
Littelfuse has a line of branded SCR thyristors called Teccor that are sensitive to
control current and do have high voltage and current ratings. These SCRs also
will fit into our budget as they are under $1 for one in most cases. The Table
3.4.4.1 gives a breakdown of the specifications we can expect from a Teccor
thyristor.
Gate Current
0.2 to 15
mA
Gate Voltage
0.8 to 1.5
V
38
Max RMS Current
6
A
Max Voltage
400 to 1000
V
Operating temperature
-40 to 110
ºC
Peak Gate Current
2
A
Peak Surge Current
100
A
Power 0.5
W
Average
dissipation
gate
Dimensions (Surface mount)
9.5x6.5 (LxW)
mm
Table 3.4.4.1 – Characteristics of Teccor SCRs
Using the data from table 3.4.4.1, we can see that the ACS should definitely be
able to operate with an SCR. This would also facilitate our goal of having less
electro-mechanical devices in our design. The power ratings are consistent with
what we would need for most devices to which we would be controlling access.
The Teccor SCRs are often used in the control for power tools including high
voltage welding equipment. Though these SCRs might need the higher
specification gate voltage, it is still possible to accomplish a 1.5V signal to turn
the SCR on. Due to its surface mount package and dimensions this also would
make the final version of the ACS a more consolidated product that would save
space for the enclosure and thus smaller footprint that we seek.
3.5 LCD/ Touch screen
Touch screens are comprised of two flexible coated sheets that are both coated
with a resistive material, in between the two layers there is an area composed of
air, or something called microdots. The two types of metallic layers are called
Matrix and Analogue. The analog metallic layer is made up of clear electrodes
that do not have a pattern, where the Matrix’s electrodes are made of glass or
plastic and they are mirroring each other in a pattern. As of late analogue has
been declining in price, making it more affordable than the matrix design. The
pressure of a finger or stylus presses two sheets together and allows the
39
completion of a circuit which can be traced down to x and y coordinates. Touch
screens allow for only one touch input at a time, unless the touch screen is
extremely complex and expensive.
Resistive touch screens have a technology that measures the amount of
resistance occurs when a point on the screen is touched. The standard touch
screen is analog resistive. When a user touches the screen the two sheets come
in contact and the lines that are running horizontal and parallel within the sheets
are capable of registering and understanding the location at which the user
touched.
A resistive touch screen can be activated with the hand or with using a stylus to
the screen. Both analog and matrix use the grid system of an x coordinate and a
y coordinate that is pinpointed when the two screens are pressed so they come
in contact with each other. A resistive touch screen has the advantage of being
used with gloved hands, which is not something every touch screen can do,
because it only requires pressure and not temperature from the object pressing
the screen.
One common problem with non-resistive touch screens, or capacitive touch
screens for examples is the disadvantage of needing a capacitive object to
activate sensors. A capacitive object is your finger, or would require a special
pair of gloves with a capacitive surface to register a touch to the screen. Cellular
devices use capacitive touch screens because they do have the advantage of
putting your phone in your pocket and not having it accidentally dial a number, or
open a folder because of the pressure from your pocket. Resistive screens have
a lower pressure threshold which can make light touches go unnoticed. Today’s
market for touch screens is predominantly rooted in capacitive screens.
In general there are a couple advantages of using touch screen technology. One
of the main advantages are a professional looking display that bears little cost to
the manufacturer. A disadvantage that may occur with touch screen usage is a
phenomena called drift, drift is when the calibration of the touch screen becomes
distorted naturally over time, it is easy to calibrate, however would be something
you would need to be aware of as this can be an annoying problem.
The touch panels technology are limited to a stiff surface as bending will cause
breakage and scratching is another issue that happens because touch screens
are not strong enough to use a sharp object to apply pressure. If too much
pressure is applied or bending occurs with a touch screen device that is not
designed to be bended, a dead spot can occur on the screen and that area will
40
become unresponsive to input because the electricity will not be able to flow
through those points.
Devices that require touch screens are limited to the size of casing, as most
touch screens are considered larger, and customers desire slimmer devices. The
reason for the bulkier than desired design is the air gap that is necessary to
separate the two planes. The reason why in direct sunlight it can be hard to see a
touch screen display has to do with the air separating the two panels. High
ambient light is a problem because the light will go through the first layer on top
and then a bending will occur when the light enters the air gap, that bending of
light causes a reflection that is pushed out through the front display. The
combination of reflecting the light causes the display to be nearly impossible to
read.
Unlike resistive touch screens, P-Cap is a solid state device that instead of
interpreting electrical resistance it take input from electrical capacitance. This PCap technology uses capacitance to detect objects within an electromagnetic
field. The act of touching the screen allows for the painless passing of an
electrical charge from your finger to the screen. The P-Cap technology makes
the implementation of multiple touches at the same time simple. The
sophistication and enhanced capabilities of P-Cap make this touchscreen
technology more expensive. Also the input cannot be detected if you are using
your fingernail or wearing gloves.
Liquid Crystal Displays, or LCD screens require two layers of glass, and OLED
screens only requires one layer of glass, the single layer of glass also has an
advantage over LCD because it is thinner and lighter than the LCD’s layer. In the
LCD liquid crystals are used because their light modulation allows for a visual
display of images. The crystals in the LCD themselves are not emitting the light,
the emission of the light is coming from a source instead of inherently. The wide
usage of LCD occur in computer monitors, televisions and sign displays, the
common usage equates to a decreased price tag for this technology. The
predecessor to LCD was the Cathode Ray Tube or CRT.
LCDs are prone to an issue known as image persistence. Image persistence,
also goes by the alias image retention and describes a temporary burning of an
image into the screen. In order to combat image persistence a screen saver can
be used so the screen does not display the same image for a long period of time
allowing for a burning to happen to the screen. An alternative to LCD is a plasma
screen, however even plasma screens are not impervious to image persistence.
41
The energy efficiency of LCD screens are a benefit, and disposal is simple
whereas using a CRT needs precautions when disposing. To connect the LCD
screen to other surfaces the LCD panel has thinly coated metal pathways that
are placed on a glass panel that forms the circuit that makes it possible to
operate. Soldering is not a technique that is used on the LCD panel because you
have to use interfacing instead. Interfacing is applied using a plastic ribbon that
has an adhesive. The adhesive and ribbon used contain a slight conductivity.
OLED stands for Organic light emitting diode. As the name suggest there is an
organic component to an OLED. The device is similar to an LED, but the film of
emissive electroluminescence is composed of an organic compound which is
used to display light when an electric current is applied. The organic substance is
sandwiched between two electrodes. The design of an OLED makes it a thinner
and lighter option for a display, and does not require a backlight to work. OLED
of course has a higher cost because it is a comparable technology to LED, but it
is thinner.
The combination of touchscreen and LED displays are the high popularity making
it user friendly, easy to learn, and it comes with a lower price point. Touchscreen
technology makes the need of a keyboard and mouse obsolete, which will save
space and reduce parts required. LCD touchscreens are light enough to easily
transport and they are durable.
3.6 Enclosure
Enclosure is the hardware we can use to contain the device we create to perform
the asset control. There is really only two options in this area we can choose
from. They are:

Mechanical Mount

Magnetic Mount
These are simply put and self explanatory with regards to how the function as an
enclosure. Cost and capacity are the only real factors here. The possibility of it
being installable or concealable would be advantageous as well.
42
3.6.1 Mechanical Mount
The idea for the enclosure for the system is fairly basic. It needs to be rugged
and secure, yet easy enough to perform maintenance on by an authorized
person. This can all be done simply and with an off the shelf product like an
enclosure fit to our design from Hammond Manufacturing. They offer a variety of
plastic and metal enclosures that are rated at IP68 and up. However, the main
issue is finding the space to place it that would be functional not only for the end
user but for the ACS as well. The idea of mechanically mounting the device is the
most secure as this would make removal of the device deliberate and possibly
damage the equipment it was installed on. The first type of mechanical mount
would be a placement of a few bolts through the enclosure and fastened to the
equipment. This would result in direct modification of the user’s equipment, which
could be an issue in some instances. Another option would be to install a clamp
on the back of the ACS enclosure making it a bit less secure as far as ease of
removal, but would provide the solution to the ACS not being in the way or
damaging the user’s equipment. The major downfall of this option is the cost of a
reliable clamp that will hold the ACS in place and require a hex or torx head
screwdriver to loosen it. These clamps cost anywhere from $20-50 each,
depending on how big and the strength of a clamp. The last option for a
Mechanical mount would the use of securing straps. These would go through our
enclosure and wrap around the user’s equipment. While this would not appeal
aesthetically, it would cover the entire basis we need it to. The cost is low for
these straps, $20 for a package of 100 and it would not be damaging the
equipment while making the ACS impossible to remove without deliberate action
to do so.
3.6.2 Magnetic Mount
The idea of the magnetic mount is not necessarily about making the device
secure as much as it is about accessibility. These are 2 options that are being
weighed as it is a debate as to whether the ACS enclosure needs to be more
secured to the equipment or more accessible and easy to customize its location.
The assumption also is then that the equipment we will be encountering will be
encased in a metal that magnets can stick to. Though this will probably be the
case it is not certain that we always will have that option. The other problem with
this solution is if the magnet would happen to cause any inference not only with
the ACS but with the user’s equipment as well. Due to the versatility of the ACS it
has the potential to be incorporated into an area where there is sensitive
equipment and having magnets could disrupt other measurements being taken or
even processes that are being automated.
43
However, if we can prove that there would be reason enough to go through with
a magnetically mounted system, it would be cost efficient way of mounting the
ACS in a way that would benefit the user’s ability to customize the location as
they see fit. The costs of magnets that are used to mount are up to $10 for a
package of 10. These would be placed on the enclosure and secured in place
with an epoxy, making sure that they would not transfer over to the user’s
equipment. This method might even work in conjunction with the mechanical
mounts making it even more secure, this way we might lose the ease of use with
magnets but our overall security would be that much greater.
3.7 Software UI/System
This section will discuss the various options for software needed to build the
system. The main software components of the system can be categorized like
this:

Database

U/I interface
These two components will combine to create our client server architecture. The
server side will contain the database and the web page interface. The HTML site
will utilize scripting and style sheets to perform functions and maintain a
consistent polished look. We will most likely program the query and insert
functions of sql in php scripts which we will embed into the web applications. The
use of framework such as jquery is not at all out of the question as it would make
things easier with regards to programming tasks.
3.7.1 Database options
The top five databases that are used today are all very competitive in their
design. The most well known database is SQL. Another major database system
is Oracle’s 11g. IBM’s DB2 is now at version 10.5. SAP’ Sybase adaptive server
enterprise (ASE) is another majorly know databases. PostgreSQL is an open
source system. Another open source system is Maria DB Enterprise. MySQL
which is part of Oracle’s now is a well known and used webbased database.
TERADATA is which is known for its very large and expansive scale of database
system. Amazon’s Simple DB is also a well used option. Of all of these options
the primary interest of the team is functionality versus cost. We do not
44
necessarily need a massive capacity for the DBMS we choose but it does need
to be easily accessible from a mobile or web based platform.
First DBMS system we analyze will be the well known and trusted SQL by
Microsoft. This DBMS is a cornerstone of what standards a DBMS should
possess. Known as SQL it’s acronym styled name is Structured Query
Language. The structure of SQL is known as a relational database (RDBMS)
SQL also has a structure for data streaming which is also relational (RDSMS).
The scope of SQL is ease of use it works well within windows environment. This
system however is designed for a more large scale database application.
IBM DB2 can run on multiple operating systems such as linux, UNIX, Windows
and IBM mainframes. It is a large scale enterprise database system. While it is
an impressive system we do not need the cost or the complexity. The system can
be manipulated from a command line statement or a GUI. It can be integrated
into eclipse or visual studio and has API’s for a large variety of languages.
Support for SQL and XQuery does exist in DB2 and there is implementation of
XML data storage.
SAP’s Sybase system is another massive database product that is available.
Sybase is actually a compilation of database products. Typical application of this
system is with companies and their infrastructure. There is a multiple of mobile
products that could be of use to this project. One particular one is known as SQL
Anywhere. This is a relational database with a small footprint which is designed
for mobility or cloud based service. This system does not come in a low cost form
which is not in line with the needs of this project.
MySQL is an impressive database system with mobility and portability aspects.
This system is open sourced and does not represent any big costs for
development. It is an RDBMS (relational database management system) that is
highly compatible with web based systems. There is no GUI interface
accompanied with MySQL which makes it mainly a command line database
system. The is a MySQL workbench application that can be used as well as
many third party GUI tools that are open source as well. This system presents a
viable open sourced option for the project.
Amazon’s Simple DB is another database system that is focused on availability.
It is distributed as part of amazon’s cloud services. This system will be accessible
in this nature by any access point and all without the need for an additional
server. There are data limits with the cloud service a domain created cannot
exceed 10 GB in size. An entity cannot have more than 256 attributes and each
45
attribute cannot be larger than 1 Kb. With the size limit of the attributes we will
need to restrict from using images in the database and use only raw data.
3.7.2 UI platforms
The User Interface or UI, describes the view that the user interacting with the
device has. The Platform of the UI is in charge of what occurs during the
runtime. The components of the User Interface can include a display screen,
mouse, keyboard and anything that the user interacts with and the software and
hardware responds to.
Microsoft platform offers two runtime environments that each utilizes different
technologies for creating elaborate user interfaces. Microsoft uses the .NET
framework and also has a subset of .NET called Silverlight. Silverlight allows for
the developer to cross platform between windows and mac browser.
Adobe AIR, Adobe Integrated Runtime, operates outside of the browser security
sandbox which allows for offline usage that will enable the program to store data
on the user’s computer. Adobe Integrated runtime allows the program to be built
using Adobe Flash , Ajax , HTML or Adobe flex and can be used to create a
desktop application.
Google UI is implemented using the browser and JavaScript, and Google is
currently focusing on creating a faster and more efficient experience with the
technology. Even by just using Google Chrome you are expected to see a
quickening in JavaScript execution time. One useful feature in the Google User
Interface is Gears, Gears gives the software the ability to run offline and upon
connection to the internet gather the retained information that was stored while
offline.
The popular libraries used by Google are jQuery, EXTJS and JQuery UI. A noted
disadvantage of using GWT is that even though you have the ability to build a
responsive web application certain basic framework aspects are missing making
development time longer and more challenging. The low usage rate of the
Google User Interface makes it harder to get help while learning the UI because
documentation is sparser.
3.7.3 Software Requirements
46
The Asset Control System is required to perform a set of tasks that include
allowing or disabling access to the set of tools available for usage or checkout
and billing the user for the time they have been using the tool. The software must
have login and logout capabilities, or be associated with a barcode, magnetic
strip, near field, or any other form of authentication.
The database standards required for storage of project data and user login are
as follows and depicted in Table 3.7.4.1 Example Variable Naming Prefixes. We
will use symbolic naming in which the first letter of entities will denote type of
variable. For SQL standards we will create entities and relations utilizing primary
keys and foreign keys to maintain the integrity of the data. Their schema will
allow for efficient collection of information for the different tasks.
Entity
Pefix
Schema
User
U
Uid
Manager
M
Mgrid
Tool
T
Tid
Report
R
Rid
Log
L
Lid
Table 3.7.4.1 - Example Variable Naming Prefixes
Management is required to have the capabilities of adding new tools and
removing tools from the database of available tools for checkout. The software
must limit access to users that have a past due balance for a period longer than
one week. Users must have the ability to create an account and the user account
must be approved with the tool’s manager discretion.
The length of time the user is accessing a tool will be monitored and stored in
order to bill the user. A report must be created in order to charge the user for the
time used. The software must restrict access through some sort of mechanism to
control power or login to the tool. Access must be restricted if user is not signed
up with an account or if user is past due on a balance owed. The software must
47
have capabilities for the user to disable account and submit payment for time
used.
The software must authenticate users and not allow a user to access tools that
they are not trained to use. The tools will be broken into categories that have
clearance levels assigned to them. For the administrators a report will be
required to show the usage stats of certain tools so the administrator knows
which tools have a higher demand or higher usage time. Users must only have
access to their own data of usage and charge statements therefore a pin must be
required to access sensitive information.
The system software will include framework and scripting languages that aid in
the execution of commands through a web interface. While C++ is the main
software that we will use in the system we will most likely utilize jquery as an
alternative framework. This section will have subsections of the languages we
will be utilizing for the project.
3.7.3.1 C++
C++ is an object oriented language that is allows for generic programming
purposes. Originally C++ was developed for usage in embedded or system
programming. The C++ language is considered efficient and flexible and it can be
used in either small or larger systems while maintaining ease of use in design.
ISO, the International Organization for Standardization gave standards to C++
and has a current revision as early as two thousand fourteen. C++ is derived
from the C language and was developed to be an extension to C. There are a
plethora of standard libraries available and C++ has been a large influence in
other programming languages like C#, and Java.
Object storage in C++ is similar to C, but C++ allows for an object oriented
approach. There are classes which allow for the use of encapsulation,
polymorphism, inheritance and abstraction. Encapsulation is act of concealing
information in order to ensure security is maintained. The way encapsulation is
used is by declaring a member as either public, protected or as private. As the
name suggest public members are able to be accessed by any function where a
private member can only be seen within its own class, or a class that is granted
access to the class where the private member resides. While programming it is
recommended from a security standpoint to make everything a private member is
possible.
The use of inheritance in C++ enables one data type to inherit, or obtain the traits
from a different data type. Unique in comparison to many languages C++ has the
ability for multiple inheritances which as the name suggests is the capability for a
class to be derived from multiple classes. Polymorphism is the capability of
allowing one common interface for a myriad of implementations, but still allowing
48
an object to behave different depending on the current circumstances the object
is under.
Lambda expressions are provided in C++ which allows for an anonymous
function which is a unique feature. Overall C++ is considered a versatile
language that employs the ability to code in an object oriented method or in a C
like style, or both simultaneously. The most regarded features available in C++
are the versatility and ability to program in both methods but also the usage of
classes and functions. These features make it a viable option for programming
the Asset Control System.
3.7.3.2 JQuery / Javascript
JavaScript coincides with HTML and CSS to create content for the World Wide
Web. JavaScript is widely used and nearly all websites support it. The JavaScript
language supports an object oriented approach, an imperative style and a
functional programming style. There is an API available that makes JavaScript
code able to work with text, arrays and even regular expressions. However unlike
C++, C#, or Java, JavaScript does not employ the ability to use any I/O, which
means no networking or storage. Network, storage or any type of I/O is done on
the embedded host environment.
JavaScript is executed on the client side, which means that bandwidth is saved
on the web server side. Even though the code is executed on the user’s
computer it still is relatively fast and occurs almost instantly because the entire
process takes place on user’s computer and excess communication between the
browser and the computer is unnecessary to perform the task. Because
JavaScript has syntax that is written similarly to English it makes JavaScript
relatively simple to learn.
The structure for JavaScript is a derivative of the C programming language.
JavaScript is not limited to only web based applications and can even be
implemented in a PDF document. JavaScript, as a derivative of C, shares most
of the structured programming syntax with C, including but not limited to, while
loops and switch statements. Dynamic typing is a useful feature applied in
JavaScript. Dynamic typing is a feature that does not confine a variable to a
specific type, it allows the type to change freely. The standard for JavaScript is
ECMAScript.
The HyperText Markup Language, referred to as HTML, is the standard markup
language that is used to develop web pages in conjunction with CSS and
JavaScript. Cascading Style Sheets, CSS, is the portion of the software’s code
that formats the way the web page will look. The benefits of using a combination
of HTML, CSS and JavaScript is that it is widely used and quick to learn because
of the similarity between English and JavaScript as well as the C Language and
JavaScript.
49
JQuery is a JavaScript Library that is petite and feature rich. It provides a cross
platform library of JavaScript. JQuery is the most popular JavaScript library that
is in utilization today. The popularity of JQuery stems from is being a vast
quantity of useful tools but it remains free as well as open source. One of
JQuery’s advantages is that is simplifies the act of creating and navigating a
document. With JQuery it is easier to handle events and create Ajax applications.
JQuery has been adapted and pulled from in order to create other frameworks
such as YUI version three and Dojo. JQuery is actually included with Microsoft’s
Visual Studio, which makes using it when programming in ASP.NET, both AJAX
and MVC frameworks it has already been integrated into the platform. The
features of JQuery is listed in Table 3.7.3.2.1 and describes the useful features of
JQuery.
The Document Object Model, or DOM, is a cross platform convention used for a
variety of languages. It describes the interaction and represents the interaction of
object in HTML, XML and XHTML.The DOM model includes creating a tree ,
called a DOM tree. In JavaScript DOM supports navigation in a variety of
directions which makes it convenient.
Table 3.7.3.2.1 JQuery Features
Features
DOM
Events
Effects and Animations
AJAX
JSON Parsing
Feature Detection
Multi-Browser
AJAX, is short of asynchronous javascript and XML and it is used in conjunction
with the languages mentioned to create a client side asynchronous web
application. An asynchronous web application is one that uses a form of input
and output that allows for numerous components to be processed at the same
time. The asynchronicity allows for Ajax to send and retrieve data from a server
and it will not interfere with the display on the existing page. Basically everything
is happening behind a curtain and the user is not disturbed during some loading.
50
In short, the development of the web began in the early to mid 1990s and web
pages were comprised entirely of HTML pages, now there are many languages,
CSS, HTML, JavaScript, JQuery etcetera that all work together to produce a
powerful display and functionality.
Java was designed to allow for creating a program on the java platform then
being able to run the program anywhere that runs java without having to write
another line of code. As of late Java has become implemented more and more
into operating systems and is becoming pervasive in the technology world. Java
is also integrated into popular web browsers which allows for a high level of
versatility between platforms.
During the creation of Java it was designed with keeping security measures in
mind. A safety feature in effect is the ability to download code that may be from
an untrusted source and basically test run that code in a safe environment where
it is not capable of harming the user’s computer. Java allows a developer to build
a dynamic and extensible program. Java is an object oriented programming
language that utilizes classes. The classes in Java are kept in separate files that
will be loaded upon need.
Table __ Java vs C++
Speed
C++
Java
Hierarchy
Inheritance tree can be created Only one inheritance Tree
anywhere and there can be
multiples
Deconstructors
Required to manually garbage Automatic garbage collector
collect to free memory
exists that operates in
conjunction with a cleanup
method
Primitive Types
Same as Java
Same as C++
Examples: Int, long, double,
char, byte
Method
Overloading
Same as Java
Same as C++
It is okay to have the same
name as long as there are
different inputs or outputs.
Pointers
Supported
Exception
Handling
A call to a function is made Exceptions are dealt with
when an exception is thrown
during runtime and are
enforced at that time as well
Not available
51
Hardware
access
Superior to Java because it can Access to hardware is not a
run and compile directly with direct path
hardware without excess code
required
Goto method
Not Available
Goto functionality exists and
allows you to use it to go to
other places in the code
The performance of Java is slower than the C and C++ language, but is faster of
course than compiling machine language. Although the runtime of Java is slower
than C++ it should be noted that the Time-To-Market with Java coding is the
reason why some programmers favor it. The Java language was developed with
a strong architecture of APIs that are designed well. Results are found quickly
while programming with Java. There are studies that show that switching to java
to develop increases programmer efficiency.
3.7.3.3 ASP.NET and C# Programming Language
C# is described as an object oriented language that was developed by Microsoft
as a part of Microsoft’s .NET framework. Since C#’s initial development it has
been adopted into the ECMA-334 standard. C# is utilized with general purpose
projects and the most recent version was updated in two thousand fifteen. There
are a list of goals that were documented during the creation of C#. The intention
of creating C# was to create a simple and modern language while maintaining
object oriented capabilities.
The C# language is designed to detect array out of bounds and it has automatic
garbage collection. The intended use of C# is for creating software that is
suitable for being dispersed to distributed environments. C# offers a high level of
portability, which is valuable to programmers that have familiarity to the C or C++
language already. There is also a built in support for internalization.
Internalization capabilities mean that there is a simplified way to adapt the
computer software that is developed into a different language. Internalization
occurs during the development process and is the process of creating the
software in a way that allows for it to be easily changed into a variety of different
languages.
The class libraries of C# were developed as part of the .NET Framework and
they were written with a managed code compiler, the compiler used was called
SMC, Simple Managed C. ASP.Net has similar functionality and they compile
down to the same Common Intermediate Language.
52
For the Asset Control Systems requirements and the team members developing
the Asset Control System it appears as though the software should be written
using C# because the team members are well versed with C#. C#’s object
oriented capabilities and it’s high level of portability make it a viable option.
3.8 Possible Architectures and Related Diagrams
3.8.1 Database Structure
This database structure will be implemented by the server and help to log all data
entries made by the ACS. This database will also house the authorized user list
that will be crucial in keeping accessible for modifications as more users will
need to be added or removed depending on the company implementing the ACS
will need. There will be two structures crated in the Asset Control System
database. One will be structured on users, their roles, payments, and their
account info. This is seen figure 3.8.1.1, this will be crucial for allowing general
access and being able to invoice the user later. The other structure will be more
information on the device identification, location, time used, and how it can be
used. This structure can be seen in figure 3.8.1.2.
53
Figure 3.8.1.1 – Database structure for the User
54
Figure 3.8.1.2 – Database Structure for the Device Identification
55
3.8.2 Device communication network
The type of network topology used for the Asset Control System will determine
the minimum requirements for each individual asset controlling device station.
This section will review some of the possible networking configurations that will
ultimately allow for the same finished product, but achieve it in very different
ways. The following figures 3.8.2.1 and 3.8.2.2 show how these different
topologies would work.
3.8.2.1 STAR Topology
Figure 3.8.2.1 – Star Topology when applied to ACS
56
Benefits

Asset Control Device cheaper

Less hardware needed

Less powerful processor needed
Negatives

Extra “Room” controller needed as proxy between Asset controller and main
server

Less secure due to more exposed hardware

If “Room” controller goes down, entire room is inoperable instead of single
device
3.8.2.2 Internet of Things Style Toplogy
Figure 3.8.2.2 – IOT Topology when applied to ACS
57
Benefits

Fewer number of total devices

More secure due to fewer network hops

Each Asset controller is independent of one another
Negatives

More powerful hardware needed at each Asset controller
3.8.3 Circuit Diagram
The main circuit that will need to be designed is the one that is associated with
granting access to the device we are controlling. This circuit will involve not only
the microcontroller that we choose as the best option, but it will also show how
the data will be transferred from the embedded CPU to the microcontroller. This
circuit will also need to demonstrate that the signal provided by the
microcontroller will be able to change the status of our triggering device to allow
the load device source power and turn on. Being able to showcase these circuits
and their abilities will require the use of two different programs. The first program,
EagleCAD, will allow us to build and model our circuit using the actual pins that
will be in use when practically designing the circuit. This program will also let us
design a PCB for possibly handing off to a PCB vendor if we decide to use that
method which will be discussed later. This program can be downloaded and used
for free as long as the file size does not go over the limit, which for our design
should not be the case. The second program is Multisim, this is a circuit
simulation program that will allow us to verify that the circuits are working as they
should when under correct conditions. This program is available on the senior
design and SMART labs; it also can be downloaded and used for free under a
trial license. Using these 2 programs we can better design our circuits to be sure
that they will be working correctly.
3.8.4 Power Path
The path of power for the ACS will be a very crucial aspect of the design. The
user devices we intend to provide control over cannot lose any of the original
power. Figure 3.8.4.1 is a basic block diagram of the power should be split so the
whole system can be powered from one standard power outlet. The AC to DC
power supply can either be designed using a step-down transformer, rectifier,
and filtering capacitor, or it can be bought off the shelf like the Mean-Well RS-2512, this will provide 12 volts power source for any peripherals that utilize 12 volts,
which is a common voltage. From this power converter it will go to a linear
58
voltage regulator that will be low noise and provide 5 volts to the microcontroller
the embedded computer. The microcontroller is then connected to the trigger on
the switch; this switch is also tied to the original source voltage so that load could
then receive required power to function normally.
Figure 3.8.4.1 – Power path block diagram
3.9 Relevant Programming Languages
3.9.1 C++ Programming Language
C++ is an object oriented language that is allows for generic programming
purposes. Originally C++ was developed for usage in embedded or system
programming. The C++ language is considered efficient and flexible and it can be
used in either small or larger systems while maintaining ease of use in design.
ISO, the International Organization for Standardization gave standards to C++
and has a current revision as early as two thousand fourteen. C++ is derived
from the C language and was developed to be an extension to C. There are a
plethora of standard libraries available and C++ has been a large influence in
other programming languages like C#, and Java.
59
Object storage in C++ is similar to C, but C++ allows for an object oriented
approach. There are classes which allow for the use of encapsulation,
polymorphism, inheritance and abstraction. Encapsulation is act of concealing
information in order to ensure security is maintained. The way encapsulation is
used is by declaring a member as either public, protected or as private. As the
name suggest public members are able to be accessed by any function where a
private member can only be seen within its own class, or a class that is granted
access to the class where the private member resides. While programming it is
recommended from a security standpoint to make everything a private member is
possible.
The use of inheritance in C++ enables one data type to inherit, or obtain the traits
from a different data type. Unique in comparison to many languages C++ has the
ability for multiple inheritances which as the name suggests is the capability for a
class to be derived from multiple classes. Polymorphism is the capability of
allowing one common interface for a myriad of implementations, but still allowing
an object to behave different depending on the current circumstances the object
is under.
Lambda expressions are provided in C++ which allows for an anonymous
function which is a unique feature. Overall C++ is considered a versatile
language that employs the ability to code in an object oriented method or in a C
like style, or both simultaneously. The most regarded features available in C++
are the versatility and ability to program in both methods but also the usage of
classes and functions. These features make it a viable option for programming
the Asset Control System.
3.9.2 Java Programming Language
Java was designed to allow for creating a program on the java platform then
being able to run the program anywhere that runs java without having to write
another line of code. As of late Java has become implemented more and more
into operating systems and is becoming pervasive in the technology world. Java
is also integrated into popular web browsers which allows for a high level of
versatility between platforms.
During the creation of Java it was designed with keeping security measures in
mind. A safety feature in effect is the ability to download code that may be from
an untrusted source and basically test run that code in a safe environment where
it is not capable of harming the user’s computer. Java allows a developer to build
a dynamic and extensible program. Java is an object oriented programming
60
language that utilizes classes. The classes in Java are kept in separate files that
will be loaded upon need. Table 3.9.2.1 Shows the comparison of C++ to Java
Speed
C++
Hierarchy
Inheritance tree can be Only one inheritance Tree
created anywhere and there
can be multiples
Deconstructors
Required to manually garbage Automatic garbage collector
collect to free memory
exists that operates in
conjunction with a cleanup
method
Primitive Types
Same as Java
Same as C++
Examples: Int, long, double,
char, byte
Method
Overloading
Same as Java
Same as C++
It is okay to have the same
name as long as there are
different inputs or outputs.
Pointers
Exception
Handling
Hardware
access
Goto method
Java
Supported
Not available
A call to a function is made Exceptions are dealt with
when an exception is thrown
during runtime and are
enforced at that time as well
Superior to Java because it Access to hardware is not a
can run and compile directly direct path
with hardware without excess
code required
Not Available
Goto functionality exists and
allows you to use it to go to
other places in the code
Table 3.9.2.1 - Java vs C++
The performance of Java is slower than the C and C++ language, but is faster of
course than compiling machine language. Although the runtime of Java is slower
than C++ it should be noted that the Time-To-Market with Java coding is the
reason why some programmers favor it. The Java language was developed with
61
a strong architecture of APIs that are designed well. Results are found quickly
while programming with Java. There are studies that show that switching to java
to develop increases programmer efficiency.
3.9.3 ASP.NET and C# Programming Language
C# is described as an object oriented language that was developed by Microsoft
as a part of Microsoft’s .NET framework. Since C#’s initial development it has
been adopted into the ECMA-334 standard. C# is utilized with general purpose
projects and the most recent version was updated in two thousand fifteen. There
are a list of goals that were documented during the creation of C#. The intention
of creating C# was to create a simple and modern language while maintaining
object oriented capabilities.
The C# language is designed to detect array out of bounds and it has automatic
garbage collection. The intended use of C# is for creating software that is
suitable for being dispersed to distributed environments. C# offers a high level of
portability, which is valuable to programmers that have familiarity to the C or C++
language already. There is also a built in support for internalization.
Internalization capabilities mean that there is a simplified way to adapt the
computer software that is developed into a different language. Internalization
occurs during the development process and is the process of creating the
software in a way that allows for it to be easily changed into a variety of different
languages.
The class libraries of C# were developed as part of the .NET Framework and
they were written with a managed code compiler, the compiler used was called
SMC, Simple Managed C. ASP.Net has similar functionality and they compile
down to the same Common Intermediate Language.
For the Asset Control Systems requirements and the team members developing
the Asset Control System it appears as though the software should be written
using C# because the team members are well versed with C#. C#’s object
oriented capabilities and it’s high level of portability make it a viable option.
4 Related Standards
62
4.1 Design impact of relevant standards
The PCI compliance standards help mold the pathway that is needed take for
storing data, in order to store data in a safe way our programming will need to
include encryption. Sensitive data cannot be stored in a location that does not
have monitored access of whom is accessing it. A security management system
needs to be in place that will deal with any unauthorized situations that may
occur.
To follow standards from PCI it is necessary to implement a firewall and keep the
firewall up to date to protect sensitive cardholder data. The payments for time
used with a tool must be placed over a secure network and the information must
be encrypted. Sensitive data includes card numbers and addresses, the last four
digits of a card’s numbers are allowed to be kept but the remaining are not
allowed.
The hardware chosen to encase the Asset Control System must be connected in
a way that cannot be stolen and if the user interface portion is stolen the
cardholder data must be inaccessible to thieves. The economic constraints point
in the direction of choosing a housing option that is simple and can be produced
at one of the University of Central Florida’s machines. Economic constraints also
impose upon the Asset Control System the type of scanning and tool checkout
equipment that must be chosen. A more expensive option like facial recognition
is not recommended and something less expensive like barcodes and barcode
scanners with a combination of magnetic strips to authenticate the user.
The time constraints that the Asset Control System is under require a simple
hardware design and a simple software design. During the summer semester
there are only twelve weeks instead of sixteen, so the development time of the
product is crammed into a smaller time period. The economic constraints we
have require that if we are accepting credit card or debit card payments that we
are fully compliant with the PCI standards or the Asset Control System will incur
fines and potentially be disallowed accepting payments in person or online.
The software portion of the Asset Control System needs to contain a password
changing ability, in order to maintain PCI compliant it is necessary to have
passwords that are updated on a regular basis, customers may not be allowed to
use a default password and only a customer with an assigned identification
number can access the data associated with records with that identification
number. Software testing must be performed in order to test that the software
follows the PCI standards and keeps user information safe.
63
4.3 PCI Compliance Standards
PCI compliance stands for Payment Card Industry, and is used to protect a
consumer’s sensitive information such as their debit, credit, prepaid card or any
personal information. These PCI security standards are developed by the
Payment Card Industry Data Security Standards. PCI compliance ensures a
safer way to transmit cardholder data.
In order to accept credit card payments there are a myriad of PCI standards that
must be met to ensure the customer’s data safety. The PCI basic requirements
are broken into twelve requirements that have adjoining requirements associated
with each requirement.
The process implemented must be built and maintained to be secure.
Maintenance must be performed on existing firewalls that are installed in order to
protect data. Passwords to any running systems on your software and computer
must be something unique and not left as the vendor supplied default password.
It is recommended the passwords are changed regularly to maintain security.
The cardholder’s data must be protected, and wherever that data is stored must
be protected as well. Encryption must be used to protect valuable information
that is passing through public networks. Where encryption is used it is
recommended that the encryption key is stored in a segmented area away from
the data that is encrypted.
There must be a management system put into place that will deal with
vulnerabilities. The management system is usually comprised of an anti-virus
software that is kept up to date. The software system must be developed to be
secure and any applications that comes in contact with sensitive information.
Strong access control measures must be implemented. To implement these
strong access control measures you must restrict access so data you handle or
share is on a need to know basis. The PCI security mandates that each person
with computer access must be assigned an ID and there must be a restriction to
card holders data based on individuals IDs.
There must be monitoring of networks as well as testing of said networks to track
and monitor access to network resources and the customer’s data. The tests
must be designed to ensure that access to sensitive data is protected. Finally the
software must maintain an information security policy. The systems Information
64
Security Policy must address all the policies that are being maintained to protect
information.
Under no circumstances may credit card information be transmitted or received
through email, and only the last four digits of the credit card is allowed to be
visible. If the cardholder data is stored on a physical piece of paper, that article
must be locked away in a secure area. The area in which the papers are locked
must only be allowed to be accessed by an authorized individual.
In order to bypass any of the aforementioned policies there is a process in which
you must write a written request. If any other these requirement standards are
not met it may result in suspension of the ability to obtain physical or electronic
payments and the infraction may result in a fine. Regardless of company size the
PCI compliance requirements must be met and maintained.
4.4 Data Security Standards
The ISO/IEC 2700 group of standards are designed to help companies or
organizations keep information about consumers or employees secure. The
group of standards were developed to protect many kinds of secure information,
from intellectual property to simple details about an employee or any sensitive
information that you possess that should not be viewed by an unauthorized
individual. ISO/IEC 27001 provides the standards that are necessary for
maintaining data security for your security management system.
The International Electrotechnical Commission IEC, along with the International
Organization for Standardization the ISO, created the system to unite the world
with one system for standardization. The national bodies that are encompassed
within the IEC and the ISO are responsible for developing and participating in the
development of these international standards that we use.
In general the standards were engineered to provide requirements needed to aid
in the creation, implementation and the management of an information security
management system. The ISO/IEC standards have been around since two
thousand and thirteen, it was an update to the two thousand five version.
Clause 6.1.3 is an overview of how a company can respond to certain data risks
by using a treatment plan that the organization develops. There are one hundred
and fourteen controls in the newer standards which is eighteen less than the
previous set of ISO/IEC standards. A few policies that are relevant to us include:
65

A.5: Information security policies

A.6: Organization of information security

A.7: Human resource security

A.8: Asset management

A.9: Access control

A.10: Cryptography

A.11: Physical and environmental security

A.12: Operations security

A.13: Communications security

A.14: System acquisition, development and maintenance

A.15: Supplier relationships

A.16: Information security incident management

A.17: Information security aspects of business continuity management

A.18: Compliance; with internal requirements, such as policies, and with
external requirements, such as laws.
The National Institute of Standards and Technology, also known as NIST has a
Computer Security Resource Center, CSRC, which actively shares information
security tools and the practices necessary to maintain data security. NIST helps
by providing resources to schools, government and organizations to maintain
security for data protection. NIST Cryptographic Standards and Guidelines
Development Process describes the procedures that are necessary for
maintaining the cryptographic standards that need to be applied.
Authentication is a major step in security. There are three types of authentication
factors that should be met with authenticating a user. The first being something
the user knows, this can be a password or a pin along with their username. The
second is something the person owns, like an access card or a key. The third is
biometrics which is the most costly form of authentication, it utilizes fingerprint
recognition or voice recognition. To be considered a strong form of authentication
there must be two of the three authentication factors. Passwords are the least
expensive form of authentication and they require extra security.
When a thief wants to get someone’s password there are a variety of attacks
they can perform, therefore it is important to be mindful of them and how to
prevent them from occurring. Electronic monitoring is described by listening to a
66
network’s traffic and trying to gather information. If the file that stores the
password is not protected the hacker will try and get into a file that contains all
the passwords. The way to prevent unwanted access to the password files is to
encrypt and use access control mechanisms to prevent unauthorized access.
To keep user’s password and subsequently their sensitive data stored within their
account safe encryption is used, as well as setting passwords that are
considered difficult in strength level. After a password is encrypted a popular
technique is then hashing the password. When a password has not been
changed for a substantial period of time a user is vulnerable to attack, therefore it
should be implemented that passwords will expires after a certain amount of set
time.
If a system does not limit the amount of times a user is allowed to attempt to
login then there is an increased risk of attack by a computer randomly entering
thousands and thousands of attempts in order to eventually, enter the correct
combination of words and letters. One time dynamic passwords are used for
authenticating a user for a service that would only be used one time, and it is
used for extremely high level security measures. Cryptographic keys use private
keys along with a signature that is digital, it is considered better than a simple
password.
Encryption is used for passwords, entire files and query strings as well in order to
conceal information that is required to maintain hidden to ensure a user’s security
is not placed at risk. The encryption does not prevent unauthorized access to a
file or piece of data, but it does make it more difficult to understand. When
encryption is used it is necessary to have the encryption key to turn the string of
unintelligible numbers and characters into useful data. The government and
military has been using encryption for a long time in order to communicate in
private. Currently encryption is used to protect files and data that are in transit
using a network, mobile phone or a Bluetooth device.
The act of encryption is only as secure as the encryption scheme that is being
used. To generate an encryption scheme it requires. In some circumstances the
encryption key is then encrypted to add another layer of security. There are two
forms of encryption, symmetric and public key encryption. Symmetric key
encryption is when the encryption and the decryption keys are identical. In order
to communicate from one party to another it is required that they both obtain the
same key. Public key encryption is when the key is published to anyone can
utilize the key to encrypt messages, however the receiving party is the only one
with access to the decryption key. Another term for symmetric key is private key
encryption, it was the first form of encryption and then Public Key encryption
stemmed its usage in 1973.
67
There are a few types of symmetric key algorithms because they can either
utilize block ciphers or stream ciphers. A block cipher uses a fixed length portion
of bits that are referred to as blocks in order to perform an algorithm upon it.
Block ciphers are useful for encrypting large amounts of data. Using just a block
cipher alone is not considered a strong form of security, however it may be used
in conjunction with a universal hash function. The stream cipher is a little different
because a set of plaintext digits are joined with a pseudorandom stream of digits.
For a stream cipher to be secure it must be a large period and it is necessary that
is it completely impossible to get the encrypted string from the keystream.
Benefits of Public Key Encryption, before the introduction of public key
encryption, in order to have a secure and confidential communication between
parties it was necessary for both parties to obtain the same key. The difficulty
with needing the same key is that the key would have to be given to the
recipients which allows for a chance of the key getting intercepted by an
unauthorized party. Public Key Encryption is safer than symmetric key
encryption.
Using encryption is a necessity in order to keep sensitive information out of the
hands of unwanted people. Encryption must be done on passwords at minimum
and the network must be secure if sensitive data is being passed through it.
5 Realistic Design Constraints
68
5.1 Economic Constraints
The cost of the design needs to be minimized as there is no outside funding from
a third party. The hardware components will be chosen based on price and
performance, and fortunately the coding portion does not come with an actual
price tag, only time. To avoid costly fines for not implementing cyber security
standards it is important to ensure everything is PCI compliant. Each record
stolen by a hacker or unauthorized access to account details can result in a fine
on average of one hundred and seventy five dollars.
The design must cost less than four hundred dollars because the cost will be split
between four individuals and the cost needs to be less than one hundred dollars
each. The hardware options vary in price depending on the type of technology
used.
User Authentication Options and tool recognition options are the primary
economic constraint for the Asset Control System the average price per unit of
these items are available in Table 5.1.1 Hardware Components and Average
Cost.
Table 5.1.1 Hardware Components and Average Cost
Access Restriction Options for allowing and disallowing users to checkout or use
tools will be one of the main costs of the Asset Control System. Software
Economic Constraints, some database software will require a monthly
subscription or a onetime fee. Software development does not have an economic
constraint because we will be working together to write the code. The more
software intensive the project the more cost consciences we will be.
69
Using options like Barcodes to read which tools the user wants to check out is a
very inexpensive option for the tool checkout. By utilizing the magnetic strip that
is already embedded in every student’s user identification card, the Asset Control
System would only need to build a reader to gather information from the student
identification card.
5.2 Time Constraints
The time allotted for assembly of final design and coding is twelve weeks. During
those twelve weeks there are a lot of things that need to be accomplished. The
coding is expected to be performed during the assembling of the hardware and
the team shall work in unison on parts that can be performed at the same time
and are independent. As a team the Asset Control System will be developed,
hardware and software are two different sections that can be started at the
beginning of the semester.
In order to maximize available time the programming we do must be efficient, in
order to meet our time constraint planning and delegating tasks using a software
engineering approach is mandatory. Creating a list of tasks is imperative to stay
on track. The system that is implemented needs to be simple to manufacture
because of the time restrictions. Overall the time for deploying the Asset Control
System is tight, there is a software and hardware portion of the Asset Control
System is limited and the constraint of time is real and a pressing thing to remain
aware of.
5.3 Environmental Constraints
In order to be environmentally conscious it is required that the Asset Control
System uses environmentally friendly materials for labeling the tools that can be
checked in and checked out. It is necessary to use a labeling device such as
RFID or barcode labels that are durable so they will not need to be replaced
often. One thing to keep in mind environmentally is the use of RFID cards, if
access to the lab holding the tools is done through a RFID card reader the
system is using a lot of extra plastic that could be avoided if entrance could be
granted using an identification card that the customer would already own.
5.4 Safety and Security
70
There are safety concerns associated with the Asset Control System, users that
are not trained on certain tools will not be allowed to access those tools, and
when access is requested for a tool that is considered to inherently have danger
the user will need to sign a safety agreement to say they understand the risks
associated with using the tool improperly.
Credit and debit card security standards are described with PCI compliance
standards. In order to follow PCI compliances we must make sure the
cardholder’s data is stored and accepted in a secure manner.
PCI Compliance Checklist:
Build and maintain a secure network

Firewall must be installed and up to date

Passwords must not be default, and must be changed regularly
Protect User’s Card Data

Restrict access, only authorized individuals can view data

Encrypt Data

Do not allow sensitive information to be sent or received through email

Physical papers must be stored in a lock area with restricted access
Maintain a management program to ensure vulnerabilities are taken care of

Anti-Virus software must be used and up to date

Standards must be maintained and created for secure applications and
systems
Require strong access control measurements

Cardholder data is restricted on a need to know basis

An ID needs to be assigned to each user
Track and monitor test networks

Regularly perform tests on systems in place for security systems
71

Regularly perform tests on processes relating to security systems

Test security systems to ensure correct functionality
Maintain and information security policy

A policy must be in effect that explains the how information security is being
kept
Security constraints will limit our device to store credit card or personal
information on a secure storage device, if payments for tools will be accepted
online or in person the PCI compliance standards will need to be implemented to
ensure fines are not accrued. If the display chosen to interface with the guests
holds data about users and their address or card data, security measures must
be taken to ensure that if someone were to steal the device that they would not
have access to user data. A design constraint for the hardware will be making
sure the device is not easily stolen and data can not be accessed excessively or
accessed by unauthorized individuals.
5.5 Ethical and Health Constraints
The ethical constraints deal with security and privacy to the users and their
profiles. The privacy of information provided by users is of utmost concern. User
profiles will have contact information and possibly financial account liability.
Because of this there must be great care taken to ensure security of a user
profile data. In order to eliminate some liability of the system we can limit data to
only necessary information. We can also encrypt the password and username
using a hash method. This will prevent the data from being deciphered and used
to access the account. It will also help to stop unwanted activity logs due to the
user log being obtained.
Another ethical concern will be with the authorship and development credit of the
system. This system will be credited to all members of this design team. This
means all team members will retain rights to the use of the system and / or
further development and adaptation of the system. Since there is no sponsor we
will not need to credit any other support. The rights of the system to be given or
“sold” to a third party will be at the sole discretion of the team and should be
considered to have equal share in any revenue generated. Since there are four
members of the team any revenue generated from this product will split evenly
among the members.
72
Data integrity is another ethical concern. We do not want the system to make
incorrect entries into the activity table. We also do not want to allow users to edit
the activity data for a log. This would not suit the goals of the system. Reports
would not be considered representative of the actual activity. One of the primary
objectives of this system is to track and report activity of assets by user. There
will be many tests of the data entry methods to ensure that this data is precise
and reflective of actual usage. Two factors dominate this concern. The usage
time and the user associated with it those factors. Both present a threat to
integrity so great care must be taken in assuring the data is accurate.
Health constraints are not are not very prevalent with this project. The main
safety concerns are the project being safe from shock or damage of assets. The
relay switch devices will need to be enclosed and also will need to meet safety
standards with respect to electrical standards. The devices will also experience
some heat which will need to be assessed for possible temperature dangers. If it
is determined that the devices are getting too hot we will opt to add in a cooling
method to mitigate the problem.
5.6 Manufacturability and Sustainability Constraints
In order for the Asset Control System to stay viable for many years to come,
careful precautions must be taken to ensure successful manufacturing and ease
of sustainment for not only the current development process, but also for the
future. Depending on the type of device made in a manufacturing environment, it
is quite common that many components become obsolete before the first device
rolls off the manufacturing floor. Sometimes this cannot be avoided due to
unforeseen company shutdowns and/or bad economic conditions. Nevertheless,
each component that is part of the device BOM should have its lifetime verified
before use in the finished product. Furthermore, no components shall be used
during the design time that are not currently released.
The main manufacturing constraints posed on the Asset Control System are
those that relate to the project budget (since the project is self-funded, which is
explained in section 9.2 Budget and Finance). The other constraints can be
minimized by following the guidelines set out in the
IPC STANDARDS FOR
ELECTRONICS MANUFACTURING. This is an exhaustive guidelines list for
electronics manufacturing that is accepted by professionals across the world.
Some basic takeaways for manufacturing guidelines that shall be used during
the manufacturing process are:

Surface Mount Devices (Active or Passive) shall be limited to standard
package sizes
o No custom size package devices will be used
73

All components shall be sourced from a reputable vendor (local or online) that
has been in the field for at least 5 years
o Also vendor must have a relatively short lead time (under 6 weeks,
depending on the part type)
The sustainability aspect of the Asset Control System may be more difficult. Due
to the constant changing nature of security standards (because of advancing
technologies and vulnerabilities discovered in current technologies), there is no
way to “future-proof” any device that utilizes electronic payments and/or thirdparty authentication services, such as Facebook, Google+, etc. An example of
this would be the relatively recent conversion from the OAuth authentication
standard to the OAuth2 standard. Many services that utilized OAuth for thirdparty authentication had to refactor their code structure to accommodate the
forced change to the OAuth2 standard. The actual use of the third party
authentication services is still not finalized because of this ever-changing nature.
Since a fundamental aspect of the Asset Control System is to charge users for
their usage of the controlled devices, electronic payment transactions is a basic
requirement that cannot be avoided. The electronic payments processing will be
evaluated twice a year (as long as the project is active) to ensure it complies with
the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is
a set of requirements established to ensure that all merchants who process,
store or transmit credit card information maintain a secure transaction
environment. This will not prevent obsolescence of the currently used
technology, but will, however, ensure that the Asset Control System will stay
proactive regarding electronic payment transactions.
6 Project Hardware and Software Design Details
74
6.1 Initial Design Architectures
6.1.1 Initial Design Block Diargrams
75
76
77
78
6.2 Hardware Design Details
6.2.1 Switch Design
For the circuit design of the switch we wanted to utilize the capabilities of the
SCR. Figure 6.2.1.1 shows the simulation from Multisim of the designed circuit.
However, due to the SCR being only able to cover half wave of the AC cycle, two
were needed to achieve full power, in parallel, opposite of each other in position.
Then a resistor was placed in series of the standard AC source and the parallel
SCRs to simulate a device load that would require 5 A of current. The adjustable
DC power sources were used to mimic the microcontroller signal being applied to
the gate of the SCRs. There ended up being an issue with having both SCRs
connected and getting them to trigger at the right moment. This caused the
reverse bias SCR to turn on and allow for current to flow to the load when no
voltage was applied to its gate, as shown in the oscilloscope reading in Figure
6.2.1.1. This could result in the device still being used and possibly damaged due
to insufficient current.
Figure 6.2.1.1 – Multisim simulation of the switch design using SCRs
This finding led us to go back to a more simple and rugged design using a
standard PCB relay as the switch. Figure 6.2.1.2 below shows the resulting
circuit simulation in Multisim. The simulated oscilloscope shows that when the
relay gets turned on by about 6 mA of current, the voltage to the load matches
that of the source which is what we need to supply. In the following figures
79
6.2.1.3-5, the data gathered from the simulation shows that the PCB relay does
output voltage and current in a comparable manner that would allow for the load
device to perform at normal conditions. The power output of the relay was also
calculated and for the simulated load would be able to output 1100 W, while the
power needed to turn on the relay would be significantly low at 0.02 W. The relay
remains latched until the current goes below 1.4 mA or 0.7 V. This gives us some
room for any fluctuations in power while the load device is in use. It should be
noted that the relay in the simulation is not the one that will be used on the ACS
but the specifications of the relay simulated and included in the schematic have
similar characteristics of the TE Connectivity relay we wish to use.
Figure 6.2.1.2 – Multisim simulation of switch design using a PCB relay
80
V(coil)
V(load)
I(coil) (A)
I(load) (A)
0
2.19E-04
0
1.05E-05
0.2
2.19E-04
4.00E-04
1.16E-05
0.5
2.19E-04
1.00E-03
1.18E-05
0.9
2.19E-04
1.80E-03
1.15E-05
1.3
2.19E-04
2.60E-03
1.15E-05
1.8
2.19E-04
3.60E-03
1.20E-05
2.3
2.19E-04
4.60E-03
1.20E-04
2.5
1.58E+00
5.00E-03
3.59E-02
2.7
1.9E+02
5.40E-03
4.49E+00
3
2.2 E+02
5.99E-03
5.00E+00
3.2
2.20E+02
6.40E-03
5.00E+00
Table 6.2.1.1 – Results from simulation of switch design
81
Figure 6.2.1.3 – Graphical analysis of load voltage and coil voltage
Figure 6.2.1.4 – Graphical analysis of load current and coil current
82
Figure 6.2.1.5 – Analysis of load power and coil power vs. coil voltage
V(coil)
P(coil)
P(load)
0
0
2.30E-09
0.2
8E-05
2.55E-09
0.5
0.0005
2.59E-09
0.9
0.00162
2.52E-09
1.3
0.00338
2.52E-09
1.8
0.00648
2.63E-09
2.3
0.01058
2.63E-08
2.5
0.0125
5.66E-02
2.7
0.01458
8.86E+02
3
0.01797
1.10E+03
3.2
0.020477
1.10E+03
Table 6.2.1.2 – Calculated power on the load and coil
83
6.2.2 Microcontroller Circuit Design
The circuit of the microcontroller is one of the more crucial parts of our design,
besides the integral software and database that will be developed to make use of
all the hardware. Using the Arduino ATMEGA88 series there are many things to
take into consideration. The first of which is making sure that it has a highly
reliable and noise free power signal which will be coming from the linear voltage
regulator. This circuit is clearly shown in figure 6.2.2.1. This circuit was designed
in EagleCAD like all the circuits for the microcontroller. The input comes from a
12 V DC supply like will be coming from the power converter that is to be
designed or bought off the shelf. The two capacitors that are used in the circuit
are used to decrease noise going into the regulator and coming out. The value
for C4 is 100 nF and the value for C5 is 10 uF. The output of this circuit will be 5
V which will then be used by the microcontroller and the embedded computer.
Figure 6.2.2.1 – Linear voltage regulator circuit
Equally as important as a noiseless dependent power supply, is the need for a
reliable clock that can be used by other devices if needed. For that reason we
decided against using the internal timing provided by the ATMEGA chip. The use
of a larger 20MHz clock allows for more use of it in other applications if we need
it. The capacitors on either side of the crystal are to keep the clock signal free of
noise and for this the recommended value for both C1 and C2 is 22 pf.
84
Figure 6.2.2.2 – Clock oscillator sub-circuit
The following sub-circuits of the microcontroller circuit utilize the ports of the
ATMEGA microcontroller. The sub-circuit, for the LEDs, figure 6.2.2.3, utilize
three ports for each of the three colored LEDs, this way we can give a status for
debugging purposes on the PCB itself. Figure 6.2.2.4 shows the switch which
was simulated in multisim in section 6.2.1. The resistor in line is used to reduce
the voltage in the line as there could be a low amount of voltage present when
the microcontroller is not sending out a signal to the relay. The pins being used in
figure 6.2.2.5 are the communication lines for the embedded computer to the
microcontroller. We plan on using standard RS-232 for serial communication for
sending whether or not the user is authorized access or not. This communication
will rely heavily on the communication in the embedded computer with the
access control option and the database to make sure that there is an approved
user requesting access. This communication will be discussed more in the
software design portion.
Figure 6.2.2.3 - RGB LED sub-circuit
85
Figure 6.2.2.4 – Switch Sub-circuit
Figure 6.2.2.5 – Embedded communication lines
Using the EagleCAD drawing of this circuit, it will be easier to start the build of
this circuit so we can test some of the more important fundamentals to prove that
our basic setup and access control will work. We can even begin testing this
before we get the embedded computer and all the software debugged. The other
benefit to using this software is the ability to build a circuit board. The benefit of
this is that we could then have our circuit board made to our specifications and
have sent back to us to build. Though this will still be determined later, it would
be good to have the board design ready. This microcontroller circuit will be the
same for every version of the ACS we create, the access options will vary
depending on what is most secure and accessible.
86
Figure 6.2.2.6 – The complete microcontroller circuit
6.2.3 Access Control devices
The purpose of the ACS will be to incorporate several means of access control
methods, in this way our product will be customizable to fit in several different
environments. Concluding the research we have made into these devices we
have chose 3 different access control means that will provide the robust design
we are seeking to accomplish. The actual implementation of the database and
logging system of the data these sensors and readers gather will be further
discussed in the software design section. The following figure 6.2.3.1 shows how
the basic data path will be planned from the access control point to the load
device.
87
Figure 6.2.3.1 – Basic flow of data from the Access Device
The first of these means is a combination RFID/NFC reader from HK Elechouse
Electronics Technology Co. This is a USB device that will not only read in
information from most RFID tags and cards, it will also be able to communicate
with most NFC enabled phones, being able to push or pull data from android
devices. Since this reader is USB it will not use any pins on the ATMEGA. The
access authorization data will be sent from the embedded computer to the MCU
through the USART serial lines. The code for this device is open source so
manipulation of the data being used is possible for customization as we need it
for the database and logging system.
GO2NFC141U RFID/NFC reader

Supply Voltage:
5V regulated

Supply Current:
100mA (Max)

Operating distance:
50mm

Operating frequency:
13.56 MHz

Operating Temperature:
0 to 50 ºC

Dimensions:
46.0mm x 48.5mm x 10.5mm

Cost:
$19.00 (ebay)
For an easy and cheap access granting system or to allow for a secure guest
access setup we intend to utilize a magnetic stripe reader that will be able to read
data encoded in the stripe. Just as the RFID/NFC reader will use USB so will this
reader, thus the main database look up and time logging will all take place
directly on the embedded computer. The grant of access would come from the
embedded computer on the USART data line to the microcontroller. Generally
there is no software truly needed for the magnetic stripe readers. The raw data
that is gathered from the stripe would be taken in and cross referenced with our
database and depending on the result of this the card information would be
88
logged and then access granted to the user, whether this is a temporary use
case for guest access or the permanent solution for the load device ACS, we
intend to make sure the option is available to better accommodate the
environment.
OSAYDE MSR90

Supply Voltage:
5V regulated

Supply Current:
40mA (Max)

Operating life:
500,000 swipes

Error Rate:
0.5%

Operating Temperature:
-20 to 70 ºC

Dimensions:
90mm x 27mm x 28mm

Cost:
$12.88 (Amazon)
The last access control device we are going to implement will use biometrics as
the key. We are going to incorporate a fingerprint scanner that will use an open
source API that will allow us to manipulate the data as we need. This will help
with logging the user that wished to gain access and verifying them with our
database. The fingerprint scanner is another USB device so it will be
communicating with our embedded computer directly as the other access control
devices will be. This will provide the embedded computer with direct logging and
granting access.
ZK4500

Supply Voltage:
5V regulated

Supply Current:
170mA (Max)

Resolution:
500 DPI

Fingerprint Sensor:
Optical Sensor

Operating Temperature:
0 to 55 ºC

Dimensions:
53mm x 80mm x 60mm

Cost:
$45.00 (Amazon)
89
6.2.4 Embedded Computer
The utilization of the Broadcom BCM2837 64Bit quad core processor would be
the most beneficial to the ACS. Thus, the 3 rd generation Raspberry pi
development board will serve as our embedded platform as it has more for the
ACS to utilize as far processing power and features. The power is going to be
supplied from the 5 volt line on the microcontroller circuit. Figure 6.2.4.1 shows
which pins will be used for the serial communication lines between the
microcontroller and the embedded system. These lines will need to have a
voltage divider circuit on them as the communication lines for the ATMega
operate on a 5 volt level and the Pi operates on a 3.3 volt line. The database
structure and algorithms needed for this communication will be further explained
in the software design section.
Figure 6.2.4.1 – GPIO Header with UART transmission lines highlighted as well
(Permission Requested from element14)
90
Raspberry Pi 3 Model B

Operating Voltage:
5V

Operating current:
2.5 A (max)

Operating Temperature:
0 to 70ºC

CPU Speed:
Quad @ 1.2 GHz

RAM:
1 GB SDRAM

USB:
4 ports (2.0)

GPIO:
40 PINS
6.2.5 LCD Touch screen
The addition of a touch screen will allow for greater ease of use for the ACS. The
LCD screens will be small and only used for administrative purposes. It will allow
for direct interfacing with each of the ACS systems. The screen is a TFT 3.2”
LCD. IT will utilize the SPI pins on the GPIO of the Raspberry Pi. The exact pins
that will be needed are shown in figure 6.2.5.1. Due to the LCD touch screen only
needing use of the SPI pins, power pins, and a few others for buttons on the
touch screen board itself, the space requirements that we wish to not interfere
with the ACS will not be greatly affected.
Figure 6.2.5.1 – GPIO Header with the pins needed for the touch screen
highlighted (Permission Requested from element14)
91
3.2 Inch TFT LCD Display Module Touch Screen

Operating Voltage:
3.3 - 5 V

Operating current:
1 A (max)

Operating Temperature:
-20 to 70ºC

Resolution:
320 x 240 (pixel)

Touch Screen:
4 Wire Resistive

Size of the module:
85.7 x 64.6 mm

Brightness:
250 Lumens

Illumination type:
Reflective

Cost:
$13.39
6.2.6 Enclosure Design
The ACS will have a custom case that will be purchased from Hammond
Manufacturing. The box will be an ABS plastic enclosure which will make it easier
for the box to be modified if more holes needed to be place in it for clearance or
running wires. This enclosure has internal mounting holes that should help with
stabilizing the printed circuit boards within it. Figure 6.2.6.1 shows the
dimensions of the enclosure which will be fitting the microcontroller PCB, the
Raspberry Pi, and the power converter. Another option that is available with this
enclosure are “feet” adapters that will be an efficient way to mechanically mount
the ACS with the secure straps. Due to it being made out of ABS plastic it will be
easy to mount the LCD touch screen within the cover of the enclosure. The
enclosure also has a seal that goes around it that makes it watertight and helps
meet our goal of being a more rugged design.
92
Figure 6.2.6.1- Hammond Manufacturing enclosure drawing (Reprinted with
permission from Hammond Manufacturing)
6.3 Software Subsystem
The software subsystem will use a client server architecture. We will use a
database server to control and record data. We will have target platforms that we
will use to build the system for. The server will act as the database and the host
for the web page and or mobile application. Due to the load of software we will
use the hardware specifications will be expressed in this section.
93
6.3.1 Target Platforms
The target platform will be raspberry pi. We are considering using windows 10
IOT as the operating system on board the raspberry pi. The main reasoning for
this is that the operating system will need to communicate with a central device.
Since these communications will be using a wireless technology drivers will be
necessary. We will target the android mobile platform for mobile access to the
system.
6.3.1.1 Windows IOT (internet of things)
Universal windows applications are valuable tools for programming and code
portability. Tools like:

Visual studio

Azure

SQL
These can be used in conjunction with windows IOT. These tools will be part of
our development package so this is an obvious choice for operating system
platform. The core of the system will be done in visual studio. This operating
system can run visual studio which can allow us to create clones of system
software directly into each device.
The operating system can perform consistent device management. It utilizes a
modern device management stack which is relative to industry standards. This
capability will allow for peripheral devices to be added for communication and
other recognition devices. Recognition devices include possibilities that are
explored in section
6.3.2 Specific Hardware Requirements of target device
The Asset Control System shall be able to regulate power to its connected piece
of equipment ONLY if the equipment complies with the following requirements:
94

Equipment shall operate on
o 110-120 V AC
o 60 Hz refresh rate
o 20A Max current consumption
o 1-phase line

Equipment shall be UL Listed

Equipment shall contain a _________ electrical connector
o NEMA 5-15 grounded (Type B) (preferred)
o NEMA 1-15 ungrounded (Type A)

The electrical connector physical dimensions shall not exceed
o 3 in x 3 in x 4 in
6.3.3 Payment processing/Invoicing
The main reasoning for the Asset Control System is to limit access to various
pieces of equipment that can have specialized usage requirements (special
training), determine utilization of the equipment, and finally, charge the users a
fair price that will cover equipment maintenance and hopefully have some left
over to expand the equipment available to users. In order to accept payments in
an electronic and automated system, a third-party payment processor is needed.
Unfortunately this service is not free, This section will highlight on some of the
available payment processors and determine which one is a viable choice for use
with the Asset Control System.
6.3.3.1 Authorize.net
Transaction Fee
Credit/Debit
2.9% + $0.30
ACH Bank
0.75% additional
Setup Fee
$49
Misc Fees
$25 for chargeback
Table 6.3.3.1 - Authorize.net Pricing
95
6.3.3.2 Stripe (http://stripe.com)
Transaction Fee
Credit/Debit
2.9% + $0.30
ACH Bank
0.8% ($5 capped)
Setup Fee
(None)
Misc Fees
$4 for failed ACH payments
$15 Dispute fee (if lost)
Table 6.3.3.2 -Stripe Pricing
6.3.3.3 Intuit Payments
Transaction Fee
Credit/Debit (Pay as you go)
2.4% + $0.25
Credit/Debit ($19.95 Monthly)
1.6% + $0.25
ACH Bank
n/a
(None)
Setup Fee
n/a
Misc Fees
Table 6.3.3.3 - Intuit Pricing
96
6.3.3.4 Payment Conclusion
After reviewing the payment processors listed above, the most viable choice for
use with the Asset Control System is Stripe. Overall, stripe is the cheapest per
transaction and it also does not charge fees for customer account issues. The
most important factor was the pay as you go model since most small businesses
do not have enough initial capital to warrant a base pricing model. Furthermore,
Intuit was the “at first glance” choice because of the company’s popular
reputation and other well known products and services. However, at this level of
investigation, it appeared that they did not offer ACH Bank transfer payments,
which was desired because in order for a small business to be successful,
multiple payment types must be available to the customer or else the customer
may not pursue business at this time.
6.3.3.5 Invoicing
Customer invoicing will be integrated into the Asset Control System
administration software (web based application). The calculations are very
simple for equipment usage and invoice statement periods will coincide with the
traditional calendar months. Sample invoice shown in Table 6.3.3.5.
Period
1/1/2016 - 2/1/2016
Tool Unit Cost
Total Period Usage
Total Cost
Tool 1
$5.00/hr
3.23 HR
$16.15
Tool 2
$3.75/hr
2.07 HR
$7.76
Total
$23.91
Table 6.3.3.5 - Sample Invoice
6.3.5 Report Designer Software
97
Before we begin looking at report designer software it is important to list the
requirements for the report that the Asset Control System will be generating for
the user of the system. The report will need to contain the attributes described in
Table 6.3.5.1. Other functionality besides the capability to display the fields below
would be a bonus but not required. Ease of use and cost are the main factors in
making a decision on which report designer will be used for the Asset Control
System.
Attribute
Description
Client Data
Name, Address, Phone Number
Charge Summary
A list of tools used and the amount of time each tool was
being used as well as the price per hour for each asset.
Company Contact
Phone number, address and other related information for
the party that is billing the customer
Graphical
Representations
Ability to provide optional graphical representations
about tools used for the company
Payment Due Dates
Deadlines for each payment and information about how
to make a payment and avoid late fees.
Table 6.3.5.1 Potential Data Attributes Displayed In Report
ComponentOne Report Designer, also known as C1Report designer is a report
creator for .NET programming and it allows for a report that has an access style.
C1Report designer has the ability to implement barcodes as well as design
features like adding a gradient field. Reports can be imported into C1Report
Designer and the capability to generate a PDF or Excel spreadsheet version of
the report is possible with very little extra coding required. The C1Report
Designer software is royalty free and they provide source code which makes
designing the reports and customizing them easier.
Visual Studio offers a Report Designer name Visual Studio Report Designer, (VS
Report Designer). VS Report Designer has an advantage over other report
designers if the Asset Control System development team is already developing
the code using Visual Studios. Besides the easy integration of using Visual
98
Studios to code and VS Report Designer to produce reports it has a phenomenal
ability to accept many formats of data sources. C1Report Designer is not able to
produce a report that includes numerous types of data sources. A disadvantage
of VS Report Designer is that you must be coding in Visual Studio and also have
SQL server Business Intelligence Development Studio installed as well on your
device.
Pentaho Reporting is a resource of open source reporting tools that facilitates the
development of reports from a range of different data sources. Pentaho is
focused on creating vibrant and meaningful reports in a variety of formats and
uses Java as the software platform. To name a few of the formats that can be
produced using Pentaho, PDF, Excel, XML and CSV. For the Asset Control
System a PDF file will be necessary to transmit the user’s bill and usage data
through email. In the Pentaho community there is a large repository of people
whom you can ask question on the forum if trouble arises or questions need to
be answered quickly. Having a support system dedicated to helping create and
use a report designer software will expedite development time.
InetSoft Report Designer boasts an efficient atmosphere for creating flexible and
powerful reports. InetSoft’s business intelligence software allows for a report to
include text and graphics. InetSoft gives the developer a choice between two
different layouts that allow for customer creations as well. The first layout type is
called the flow layout and it resembles a word document format and the data will
flow in the specified direction. The second format that InetSoft offers is a tabular
report and it is unique to Inetsoft when compared to other report designing
software. The tabular layout allows for designers to divide the report amongst
smaller areas called cells. From there the cells can be divided into smaller cells
and data can be placed at any place within the report.
99
Report
Designer
Software
Benefits
Disadvantages
C1 Report
Designer
Royalty Free with many
design options, easily
constructed detailed reports
with from a database of
records.
Must purchase ComponentOne
with a package, ComponentOne
Ultimate or ComponentOne
Studio Enterprise
Visual
Studio
Report
Designer
Multiple forms of data can be
displayed, integrated with
Visual Studios
Must use Visual Studios to
develop code
Pentaho
Report
Designer
Strong online community for
support. Multiple types of
data accepted.
Java Software Platform
InetSoft
Diverse design capabilities,
multiple sub reports
supported
Newer product with a support
system that is not fully developed
Table 6.3.5.2 Advantages and Disadvantages Report Designers
In summary, there are many inexpensive options for report designers. If the
Asset Control System’s code will be developed in Visual Studios it may be
advantageous to utilize the report designer that is coupled with visual studio, the
Visual Studio Report Designer. Each report designer is a viable option as they all
perform the tasks necessary and are capable of displaying the required data that
is displayed in table 6.3.5.2
100
7 Project Prototype Construction and Coding
7.1 Parts Acquisition and BOM
The parts that will be needed for this project are crucial to indentify and find
sources for them. The cost will be split among the members and should be
evenly split among the different ACS devices we will be creating. Table 7.1.1 is
the BOM for the hardware for the entire Asset Control System.
Item
Source
Cost
Quantity
Total
Raspberry Pi
Adafruit
$35.00
3
$105.00
ATMega 88
Mouser
$4.51
3
$13.53
LM2936DT-5.0
Mouser
$1.85
3
$5.55
3.2 Inch TFT LCD Display
Module Touch Screen
Banggood
$13.89
3
$41.67
ZK4500 Fingerprint Scanner
Amazon
$45.00
1
$45.00
OSAYDE MSR90 Mag Stripe
Reader
Amazon
$12.88
1
$12.88
GO2NFC141U RFID/NFC
reader
Ebay
$19.00
1
$19.00
OVSTRGBB1CR8 LED RGB
Mouser
$1.82
3
$5.46
TE Connectivity RT314A03
Relay
Mouser
$2.81
3
$8.43
1554U2GY Enclosure
Mouser
$24.12
3
$72.36
Mean Well AC-DC 12V
Jameco
$11.49
3
$34.47
RFID Tags
Amazon
$1.50
5
$7.50
Various circuit components:
Wires, resisors, capacitors,
breadboard, etc.
Mouser
$15.00
1
$15.00
Total
$385.85
Table 7.1.1 – Bill of Materials for ACS
101
7.2 PCB Vendor and Assembly
This section and its subsequent subsections will investigate pcb manufacturers
based on the design and quantity of pcb we will require for this project. It should
be noted that we will order more than is necessary in order to have spares. This
is a precautionary in the event of board failure or damage. Cost is the primary
concern here and the only real measure for the various producers.
Assembly of the components to the pcb boards will be done by the team
members. We will have to determine the values of components needed for the
circuits. Such values are related to the type of component commonly known as:

Capacitors (farad)

Resistor (ohms)

Inductor (henry’s)

Diode (properties of this component are constant )
Depending on the design will determine the number of resistors used to create
each pcb. As well as capacitors, diodes and inductors. It is not believed that we
will need transistors for the circuit but that may change as development
continues. We will utilize the university facilities to assemble the boards with
components. The assemblage of the unit devices will also be done in facilities on
campus. We do not expect to use outside companies to assemble any parts of
this project except for printing of the boards.
7.2.1 PCB Manufacturers
The following sections compare several available PCB manufacturers in order to
assess which vendor would be the best candidate for supplying our required
PCBs for this project. There are several assumptions that were made in order to
gain a normalized estimation for the PCBs.

Number of Layers: 2

Board Dimensions (Range): 2” x 4” - 3” x 5”

Approximate quantity: 6 (1 for each Access control device, and an extra for
each)
102
7.2.1.1 ExpressPCB

Min Cost: $41 - 3 PCB, 2 Layer

Board size must be 3.8 x 2.5 inches

Provide Free CAD and Schematic software

Located in USA

STUDENT DISCOUNTS

1 day Lead time

https://www.expresspcb.com/
7.2.1.2 Advanced Circuits

Min Cost: $33 per PCB, minimum of 4 PCB order, 2 Layer ($132)

5 day Lead Time

Provide Free Software

Located in USA

http://www.4pcb.com/
7.2.1.3 OSH Park

$5 per square inch, includes 3 copies, free shipping

3 PCB, 2 Layer

Up to 12 day Lead Time
103
7.2.1.4 UCF TI Innovation Lab

This lab is useful for assembly and prototyping
o Lab contains

Soldering kits

Oscilloscopes

Voltage regulators

3D Printers

Many other tools that aid the prototyping process
7.2.2 PCB Summary
ExpressPCB
Advanced
Circuits
OSH Park
Cost
$82
$198
$80
Lead
Time
1 day*
5 days
12 days
Notes
Forced to use specific
PCB size
No free software, but would
not use anyways
Table 7.2.2.1 – Summary of PCB Vendors
7.3 Final Coding Plan
Ultimately, the coding plan solely depends on the features implemented in the
physical device, because the best practice when it comes to software is to use
the correct tool for the job. In this case, the tool refers to the programming
language for each application. Normally, on a target computer such as the
Raspberry Pi, the preferred programming language is C or Python since the
preferred operating system is a distribution of Linux. This would only affect the
Asset Control Device because the remaining of the complete system would
communicate via HTTP commands (sometimes referred to as web services calls,
web API calls, or REST service). This is essential for the main server
architecture to be independent of the clients’ architecture.
104
However, adding more sophisticated authentication features, such as the facial
recognition would require much extra planning and programming to be
successful given the project’s slim timeline. Utilizing Windows 10 IOT and its
facial recognition SDK could drastically reduce the development time. After
researching more into the Windows 10 IOT Core, it would allow a common
language codebase for the Asset Control Device since device-driver like
functionality is already present within and would not require a group member to
tackle these tasks. This is also beneficial to the Graphical User Interface (GUI)
because it would also fall within this common codebase because all Windows 10
IOT applications are referred to Universal Windows Platform (UWP), which are
written in any .NET language that utilizes the Common Language Runtime (CLR)
such as C#, VB.NET, F#, etc, but most commonly written in C#. Another benefit
of using Windows 10 IOT is the built in device drivers for the popular Raspberry
Pi WIFI cards and the Raspberry Pi official touchscreen.
Since human interaction is one of the primary requirements of the project, the
Asset Control Device application shall be written first, at least in the capacity that
will allow interaction with the authentication devices that will be chosen for the
final project build. This part of the complete system should be written first
because it is the first interaction point with the user, therefore, it is essential that
all features work as planned. Once the initial proof of concept is working that
validates correct functionality of the authentication methods, the intermediate
service layer can begin its development process. Since all data passed between
the clients and server will be using the HTTP transport layer, the architectures of
the clients will not be dependent of the server and vise versa. Therefore, the
server can be hosted in any environment. It is more common to see a linux
based server rather than a Windows based server, and hosting price may vary
with architecture also. As long as the server and client utilize a central interface,
the development process can occur concurrently with the GUI. Figure 7.3.1 is a
representation of how our final coding plan should be with regards to REST
service calls.
Figure 7.3.1 – Final coding with REST service calls
105
8 Project Prototype Testing
8.1 Hardware Test Environment
The environment for testing the ACS and its hardware components will initially be
done in the controlled environment of the S.M.A.R.T Lab or the Senior Design lab
on UCF campus. These are lab environments so there should be a limited
number of variables that will cause interference with our testing. Once initial
testing has been complete and successful, we will want to rerun the tests in an
environment that will be less controlled and more noisy, like that of a machine or
wood shop. Each member will be testing separate components of the ACS to
verify that accurate and, more importantly, consistent results are achieved.
Once all components have proven to be consistently successful in both
environments we will then begin full prototype testing.
8.2 Hardware Specific Testing
8.2.1 LCD/Touch screen Testing
Objective:
Correctly be able to use the 3.2” screen to not only view the embedded computer
GUI but also interface with it.
Supplies:
 3.2 Inch TFT LCD Display Module Touch Screen
 Compatible HDMI monitor
 Raspberry Pi
 DC power supply
Preparation:
Using the compatible monitor make sure all drivers needed for the touch screen
are installed.
106
Procedure:
1. Using the pin-out given with the screen connect the pins that match on the
Pi’s GPIO.
2. Unplug compatible monitor and check to see that the display has showed on
the touch screen
3. Once image had displayed on the touch screen begin to interface with the
GUI by using the touch screen
Expected Result:
The touch screen should display the image and be a fairly efficient way to
navigate the GUI for administrative reasons.
8.2.2 Access Control Device Testing
RFID/NFC Reader Test
Objective:
Verify that the RFID reader is working correctly and receiving data from RFID
and NFC sources, also to verify the range of effectiveness.
Supplies:
 RFID card
 Android device with NFC capability
 GO2NFC141U RFID/NFC reader
 Raspberry Pi
 3.2 Inch TFT LCD Display Module Touch Screen or compatible monitor.
 DC power supply
Preparation:
Connect reader to the Pi via USB and be sure to install drivers if needed.
107
Procedure:
1. With reader connected and display on, swipe the RFID card/tag directly over
the reader.
2. Verify that the correct information is displayed from the card. Then using the
android device push data through with NFC.
3. Repeat step 1 at a distance of about 1 cm away from the reader and verify if it
still scans.
4. Repeat step 3 incrementing in 1 cm intervals until inconsistency in data
retrieval is reached
Expected Result:
The reader should read the information from both, the card and the android
device, without any issues. The moment the RFID card data becomes
inconsistently read should be close to the 5 cm mark as that is the limit
established by the reader.
Fingerprint Scanner Test
Objective:
Verify that the fingerprint scanner can gather a print and match prints.
Supplies:
 ZK4500 Fingerprint scanner
 Raspberry Pi
 3.2 Inch TFT LCD Display Module Touch Screen or compatible monitor.
 DC power supply
Preparation:
The Raspberry Pi will need to have the correct drivers installed and either testing
software or ACS software installed.
Procedure:
1. Connect the ZK4500 to the Pi via USB and open up program platform for
testing.
108
2. Log initial fingerprint to program database, by following on screen directions
and applying finger to the scanner.
3. Once logged, apply finger to scanner again to verify that newly scanned print
matches logged entry.
Expected Result:
The fingerprint scanner will successfully log initial finger print in testing platform
database and will return as a match when finger print is scanned again.
Magnetic Stripe Reader Testing
Objective:
Verify that the information on the magnetic stripe card is being read correctly on
the reader.
Supplies:
 OSAYDE MSR90 Reader
 Magnetic Stripe card (UCF ID)
 Raspberry Pi
 3.2 Inch TFT LCD Display Module Touch Screen or compatible monitor.
 DC power supply
Preparation:
Connect the MSR90 Reader to the Pi via USB. Ensure the drivers needed are
installed
Procedure:
1. Swipe the card through the reader and verify the LED on the reader flashes.
2. Look at the resulting data that is printed on the screen and make sure it is
correct.
3. Repeat step 1 and 2, 5 more times, varying cards used, verifying the data is
correct.
109
Expected Result:
With an error rate of 0.5% there should be no problems in corrupted or otherwise
wrong information, no matter the card used.
8.2.3 Switch Testing
Objective:
Verify that the PCB relay will adequately latch and run source power when small
triggering voltage is applied.
Supplies:
 TE Connectivity RT314A03 Relay
 DC Power supply
 Function generator
 Breadboard
 Oscilloscope
Preparation:
Connect the coil leads to the output of the power supply and the contacts of the
function generator to the contact leads of the relay.
Procedure:
1. Let the function generator have a sinusoidal waveform and turn it on. Connect
the oscilloscope across contact of relays.
2. Begin applying more voltage from the power supply until you the generated
function on the oscilloscope. Take note of this voltage.
3. Once having steady response from the oscilloscope begin to turn down the
voltage on the power supply mark at what point the generated function no
longer appears on the oscilloscope.
4. Set the power supply to the noted voltage in step 2 and leave it at that level
and note temperature and oscilloscope response over the next 30 min.
Expected Results:
The relay should start showing source power at 3V and stop when the less than
0.7V is applied. The relay should continue to show source power as long as the
110
coil voltage is between these 2 levels. There should be no adverse effects of
leaving the voltage applied to the coil so that source power is available.
8.2.4 Microcontroller Testing
LED Testing
Objective:
Determine that the LED unit works from the I/O pins of the of the ATMega 88
Supplies:
 OVSTRGBB1CR8 LED
 Arduino UNO development board
 DC power supply
Preparations:
Connect the Arduino UNO to power and program a test code.
Procedure:
1. Verify all components are correctly placed on the pins of the Arduino
development board and that the power supply is at the correct value.
2. Run the program that was created to flash the colors of the LEDs
Expected Results:
The OVSTRGBB1CR8 LED module will flash all LED colors therefore proving the
microcontroller is sending the right amount of voltage to the pins
Switch signal testing
Objective:
Show that the signal given by the microcontroller will be enough to throw the
relay and provide source power. This will also determine if the TE connectivity
Relay will be able to handle a current load for an extended period of time.
111
Supplies:
 Arduino UNO development board
 TE Connectivity RT314A03 Relay
 DC Power supply
 Function generator
 Breadboard
 Oscilloscope
Preparations:
Connect the relay coil leads to the ATMega pin that will be controlling the switch
signal and the contact leads to the function generator. Create a simple program
that will allow for turning on and off the signal.
Procedure:
1. Let the function generator put out a sinusoidal waveform and turn the power
on
2. Connect the power to the Arduino and verify it has the correct level. Then
attach the oscilloscope across the contact leads of the relay.
3. Begin running the program. Turn the signal on and view the oscilloscope read
out.
4. Begin switching the signal on and off and viewing the output of the
oscilloscope response each time.
5. Finally leave the signal on for 30 minutes and check the oscilloscope does not
drop the source signal from the function generator
Expected Results:
Every time the ATMega sends the signal to the coil that the switch should be
thrown the source power should show on the oscilloscope and the opposite when
the signal is off. While the signal is on, source power will continue to show on the
oscilloscope until it is turned off without hindering the source power by any
means.
8.3 Software Test Environment
The test environment for this project will be the same environment in which it is
designed and built. Since this system will be designed to be self contained there
112
will not be a need to create a separate testing environment. This will help to
expedite the testing process and also prove to define the optimal environment in
which the system should operate. The environment will most likely be conducted
using the raspberry pi as the main system. We will decide between two different
environments mainly. The first of the two environments is Windows IOT (internet
of things). The other possible operating system we can use is Linux. Because of
the nature of the system we might need a more compatible operating system for
the use of database that is needed for the system functionality.
In considering the operating system with which to run the system we are creating
we should consider two factors of importance to us. The first factor is that the
cost of the operating system needs to be as low as possible. In the case of Linux
this is the cheapest option available since it is essential open software. Basically
there is no need to purchase a license. With windows both IOT and 10 require a
license. However IOT is not typical of Microsoft windows operating systems. It is
downloadable without purchasing a license unlike windows 10. The operating
system windows IOT envelops the abilities we need to address and communicate
with multiple devices. IOT does not provide a true graphic interface like normal
windows. It does however offer the ability to store data and utilize com ports
which will be an important part of this project. The system does not need a
graphic user interface within it. Instead we will use remote accessing techniques
to configure and test the database functionality. The operating system
requirements include the ability to use com ports and the ability to send
information to remote devices. Another requirement will be security. The
operating system will need to be secure and require security protocols that will
protect the integrity of the system from unauthorized access. The system will
hold a database and process commands and queries from the remote interfaces.
The devices for asset control will require a wireless interface that will receive
activation or deactivation commands from the system. The devices will be
equipped with a touch screen display that provides user feedback to the screen
for actions taken. This means that the devices will send an authorization request
and then display data on usage and status. The operating system will need to
facilitate the requests and provide information to the devices about time and
transaction data. The devices will also provide updates to the database for the
individual events that occur. In order to facilitate this the system will need to track
each device in real time. This will allow for any change in status to be detected
and then subsequently to update the database accordingly. It is imperative that
the system keeps a log of every instance and its corresponding user data since
this is one of the primary goals of the system.
For user interface we will design an application that can be accessed via website
or through a mobile app. The testing of the user interface will be done using a
standard pc with an operating system that current and viable. This operating
system can be any flavor. We can use any operating system that is compatible
with a well known or utilized web browser. The goal is to design the system to
113
meet the html standards of all major web browsers. With the browser
compatibility in mind we will ensure through testing that it is functioning within the
requirements of the system. Since the system acts remotely and accesses the
database the testing environment for the interface side will be a windows based
pc and an android application. The testing of the software on each platform will
be based on the user case associated with the platform. For instance the
administrator level will be accessible through a web browser. The user level
interface will be accessible through web browser or mobile application. The
testing environment for user level will be of two different kinds. The testing
environment for the administrator level will be limited to the web browser.
8.4 Software Specific Testing
Software plays a major role in the success of the Asset Control System,
therefore, software testing is a critical step to ensure the system operates as
designed. In order to ease development and allow for easy unit testing, the
software system was broken up into several abstractions or layers the list below
and Figure 8.4.1 enumerate the basic layers used in the Asset Control System:

Presentation Layer

Service Layer

Data Access Layer
114
Figure 8.4.1 – Software layers present in the ACS
At a high level, this allows for separation of concerns, which in turn enables easy
and independent unit testing. The service layer shall adhere to an interface, or
contract, which the presentation layer shall call these interface methods during
normal operation. What makes this easy for testing is the fact that the actual
implementation is not part of this “contract”, therefore, a mock service can be
used in order to test the presentation layer. In simple terms, this allows a single
developer or development team to create the user interface without the need of a
working service layer. The same concept is applicable for the service layer. This
layer can be tested independently without the need for a working presentation
layer. Figure 8.4.2 shows several testing scenarios that can occur during this
testing phase.
115
Figure 8.4.2 – Software testing scenarios of the ACS
116
Once the individual layer unit tests have passed and therefore satisfied all
requirements, the next step in the software testing process would be integration
testing. This consists of combining the individual parts of the software systems
parts and verifying correct interactivity between the parts and the system as a
whole. The integration of all the testing can be seen in figure 8.4.3.
Figure 8.4.3 – Integration of all software testing on the ACS
117
9 Administrative Content
9.1 Milestone Discussion
The progress on this project will definitely need to be monitored and kept up to a
schedule that will give enough time for any issues that might be encountered.
There could be issues found in acquiring parts and even software that could be
needed. Once the system is together we will want to be sure it operates as
smoothly as possible and that will take time with troubleshooting at the end. In
order to capture all these issues that might be encountered the following figures
9.1.1 to 9.1.2 are being used to give us that timeline and the milestones that will
need to be completed in order to have a working, well thought-out design.
Figure 9.1.1 – Timeline and Milestones first semester
118
Figure 9.1.2 – Timeline and Milestones second semester
9.2 Budget and Finance Discussion
The Asset Control System will be privately funded from each member of the
group. The total cost will be split up equally between all group members (in this
case, 25 percent each). There shall be no exceptions to this capital structure
unless a group member wants to keep part of the project. At this time, the group
will negotiate an appropriate “buy out” price. Furthermore, since this is privately
funded by students, the target budget shall be no more than five hundred dollars
($500 USD) for all inclusive costs.
119
Table 9.2.1 – Project Budget
Table 9.2.2 – Asset Control Budget
120
Table 9.2.3 – Switching Device Budget
Table 9.2.4 – Total Budget Allocation
121
Appendix A Copyright Permissions
 Raspberry Pi GPIO (Figure 6.2.4.1 and Figure 6.2.5.1)
Permission Status: Requested
 ACS Enclosure (Figure 6.2.6.1)
Permission Status: Granted
Appendix B Table of Figures
Figure 2.0.1 __________________________________________________________ 2
Figure 3.2.2.1 _______________________________________________________ 10
122
Figure 3.3.2.1 _______________________________________________________ 11
Figure 3.8.1.1 _______________________________________________________ 49
Figure 3.8.1.2 _______________________________________________________ 50
Figure 3.8.2.1 _______________________________________________________ 51
Figure 3.8.2.2 _______________________________________________________ 52
Figure 3.8.4.1 _______________________________________________________ 54
Figure 6.2.1.1 _______________________________________________________ 74
Figure 6.2.1.2 _______________________________________________________ 75
Figure 6.2.1.3 _______________________________________________________ 77
Figure 6.2.1.4 _______________________________________________________ 77
Figure 6.2.1.5 _______________________________________________________ 78
Figure 6.2.2.1 _______________________________________________________ 79
Figure 6.2.2.2 _______________________________________________________ 80
Figure 6.2.2.3 _______________________________________________________ 80
Figure 6.2.2.4 _______________________________________________________ 81
Figure 6.2.2.5 _______________________________________________________ 81
Figure 6.2.2.6 _______________________________________________________ 82
Figure 6.2.3.1 _______________________________________________________ 83
Figure 6.2.4.1 _______________________________________________________ 85
Figure 6.2.5.1 _______________________________________________________ 86
Figure 6.2.6.1 _______________________________________________________ 88
Figure 7.3.1 ________________________________________________________ 100
Figure 8.4.1 ________________________________________________________ 109
Figure 8.4.2 ________________________________________________________ 110
Figure 8.4.3 ________________________________________________________ 111
Figure 9.1.1 ________________________________________________________ 112
Figure 9.1.2 ________________________________________________________ 113
Appendix C Table of Tables
Table 3.1.2.1 ________________________________________________________ 10
Table 3.2.1.1 ________________________________________________________ 11
123
Table 3.2.2.1 ________________________________________________________ 14
Table 3.2.3.1 ________________________________________________________ 18
Table 3.2.4.1 ________________________________________________________ 20
Table 3.2.5.1 ________________________________________________________ 21
Table 3.3.2.2 ________________________________________________________ 26
Table 3.3.4.1 ________________________________________________________ 33
Table 3.3.4.2 ________________________________________________________ 34
Table 3.3.4.3 ________________________________________________________ 34
Table 3.4.1.1 ________________________________________________________ 36
Table 3.4.4.1 ________________________________________________________ 39
Table 3.7.4.1 ________________________________________________________ 47
Table 3.9.2.1 ________________________________________________________ 56
Table 5.1.1 _________________________________________________________ 64
Table 6.2.1.1 ________________________________________________________ 76
Table 6.2.1.2 ________________________________________________________ 78
Table 6.3.3.1 ________________________________________________________ 90
Table 6.3.3.2.1 ______________________________________________________ 90
Table 6.3.3.3.1 ______________________________________________________ 91
Table 6.3.3.5 ________________________________________________________ 92
Table 6.3.5.1 ________________________________________________________ 93
Table 6.3.5.2 ________________________________________________________ 95
Table 7.1.1 _________________________________________________________ 96
Table 7.2.2.1 ________________________________________________________ 98
Table 9.2.1 ________________________________________________________ 114
Table 9.2.2 ________________________________________________________ 114
Table 9.2.3 ________________________________________________________ 115
Table 9.2.4 ________________________________________________________ 115
Appendix D Sources
http://www.euchner-usa.com/key.asp
http://www2.ece.gatech.edu/academic/courses/ece4007/08fall/ece4007l02/lm3/
http://www.jameco.comPWg
http://docs.opencv.org/2.4/modules/contrib/doc/facerec/facerec_tutorial.html
http://www.nist.gov/public_affairs/releases/computer_fingerprint.cfm
124
http://www.completepowerelectronics.com/comparison-of-mosfet-with-bjt/
https://ghadzhigeorgiev.wordpress.com/2011/08/24/netduino-tutorial-replacingrelay-with-scr/
https://en.wikipedia.org/wiki/Silicon_controlled_rectifier#Application_of_SCRs
http://www.allaboutcircuits.com/textbook/semiconductors/chpt-7/siliconcontrolled-rectifier-scr/
http://www.electronics-tutorials.ws/transistor/tran_4.html
http://www.zkteco.com/product/ZK4500_238.html
http://pinout.xyz/pinout/spi
https://oscarliang.com/raspberry-pi-and-arduino-connected-serial-gpio/
125