Hi everyone (sorry, big post!). I recently bought a house which came with an alarm, and which as far as I was aware is "non-functional". I dont believe it is completely broken as such, just that it wasnt in service when the house was for sale. Being the curious type that I am, Ive started to tear it down and try to understand how it is wired together and how it all works. Ive learned some interesting things about alarms over the past couple of weeks, including some things which I didnt even realise were things at all.
Anyway...
Im in the process of reverse engineering the PCB of the "alarm panel" (which uses a Renesas H8/3007 MCU/CPU) and there is, for lack of any better explanation from myself, a lot of "voodoo" going on in relation to the power supply circuit, specifically around the battery section. Im mostly a digital guy, I can fiddle bits and hook logic gates together all day long no sweat, but as soon as you start throwing in transistors and analogue circuitry, I really start to feel out of my depth. Save for some really basic stuff, like RC circuits to provide delays etc, Ive never really been into analogue circuits.
The first bit of the circuit, "schematic 1" looks really quite straight forward to me. AC in through a bridge rectifier, big fat capacitor after that for smoothing, and some voltage regulators producing "12V" (actually 13.7 specifically for battery charging using a ST PB137) and 5V (classic 7805) rails. The only two (and a half) questions I have coming out of this part of the circuit are:
1. What is the reason for D5/C4 being in such a configuration? Seems like it wouldnt do anything?
2. I think I already know the answer, but Im unsure why there is a large resistor (R5) with a very small (SOT23) MOSFET(?) across it? Is this simply to provide a "zero resistance" path for current to flow out of the 12V regulator and onwards to the rest of the system? Perhaps this is switched off when the battery is charging such that R5 limits the current to the battery, although R5 is only 0.2ohm if I read the colour bands correctly, so it couldnt be limiting it too much?! There dont appear to be any other traces going off anywhere else that might do current sensing...
3. (half question) I think that R1/R2/C6 is being used to create some kind of resistor divider/RC network that allows the MCU to detect when the AC input has failed - does that seem reasonable? It seems as though if you were to feed in 24V you would get pretty much bang on 5V out.
Second bit of the circuit, "schematic 2" is where Im out of my depth. I'd have loads of questions about this section, but let me see if I can explain what I think some bits of it are doing:
* Some battery reverse polarity protection (F1/D6)
* What seems to be a method to allow battery charging to be enabled/disabled (primarily T1 and a few surrounding components).
* D7 simply allows current to flow out of the battery and supply the 12V rail should AC power fail.
* The LM358 (IC3B) is a mystery to me, given where it appears to be connected in the circuit. Maybe its being used to detect battery voltage. Maybe this is to determine when the battery is sufficiently charged, or perhaps to detect when it is getting too low? But I dont understand why it is connected to the negative side of the battery instead of the positive side if that is the case.
* Q2 seems to be enabling the battery negative to be disconnected from the ground rail of the rest of the circuit?
* K/S might stand for "key switch", but what is it achieving? (Perhaps the manual would contain some hints if I go looking for it...)
I feel a bit like Im shooting in the dark... Otherwise the other bits are really so far from my knowledge that I look at it and wonder how people come up with this stuff (assuming I have reverse engineered it correctly I suppose!)
Final bits, "shematic 3" are various other little bits and pieces of circuits.
The alarm circuit... There are two CD4051's which enable the 8 different alarm circuits to be selected from. The output of each feeds one half of a LM358 implementing a buffer which heads off to a pin on the MCU. This, as I read on a website, may be to "overcome impedance mismatches". Perhaps driving an MCU pin off a long piece of wire snaking around a house is not such a good idea? I dont really know why they chose two 4051's when one could have probably done the job (give then 4051 has 8 channels), but given the circuitry seems to be essentially duplicated as two lots of 4 alarm circuits, maybe they use this to scan the status of two zones at a time.
One of the things I learned about alarms is there are a multitude of ways that alarm circuits can be implemented, from simple NO/NC circuits, to others involving different configurations of resistors which provide the alarm circuit plus tamper detection.
The tamper circuit is interesting. It kind of looks to me like the MCU pin would be set as an output to charge up C15, and then perhaps reconfigured to an input to detect if there is any voltage present. If there is no voltage present then the tamper circuit is broken and an alarm can be raised. I think the implementation of this tamper circuit is simply to test for continuity, rather than anything fancy involving resistance, since it seem to hook straight up to an MCU pin. Interesting that this doesnt connect to an op amp buffer like the alarm circuit above though?
Ive also attached a couple of other pictures, one is the whole alarm panel PCB, and the other is where I was tracing bits of the circuit out.
I may re-use this board if I can reset and reconfigure it, or if Im feeling really adventurous (and I am...) maybe I'll design and build a new one.
Would be interested to hear others thoughts, whether Im way off, etc. Thanks!
Home
Help
Search
Login
Register
