Improve detection scoring and expand surveillance OUI coverage#8
Merged
Conversation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Provides per-variant build/upload/flash/monitor targets for all 6 hardware variants, plus LittleFS data upload for variants with audio assets. Uses GNU Make define/eval/call to generate targets from a single template. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Tests compile natively with clang++/g++ — no ESP32 hardware needed. Covers detectors, device tracker state machine, and threat analyzer scoring pipeline (37 cases, 126 assertions) targeting the M5Stick variant's pure-logic headers. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move DetectorTypes.h, Detectors.h, DeviceSignatures.h, EventBus.h, ThreatAnalyzer.h, and TelemetryReporter.h from the M5Stick variant's src/ into a new top-level common/ directory. Update Makefile to pass -I common via build.extra_flags for all variants, update test includes, and fix the M5Stick FQBN (m5stick_c_plus2 -> m5stack_stickc_plus2). Merge AudioEvent (from M5Fire's EventBus.h) into the shared header so other variants can adopt it when migrated. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Delete local copies of EventBus.h, DeviceSignatures.h, ThreatAnalyzer.h, and TelemetryReporter.h from m5fire/src/. Replace legacy ThreatAnalyzer (simple boolean matching) and TelemetryReporter (DynamicJsonDocument with nested objects) implementations with the shared detector-based system. Add ISR-safe deferred event processing with portMUX spinlocks for WiFi, BLE, and threat events. Add ThreatAnalyzer::tick() heartbeat in loop() and shouldAlert gate on triggerAlert(). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Delete local copies of EventBus.h, DeviceSignatures.h, ThreatAnalyzer.h, and TelemetryReporter.h from mini12864/src/. Replace legacy ThreatAnalyzer and TelemetryReporter implementations with shared detector-based system. Add ISR-safe deferred event processing with portMUX spinlocks. Move display notifications (Mini12864DisplayNotifyWifiFrame, ShowAlert) and audio playback to the main loop's deferred handlers. Add tick() heartbeat and shouldAlert gate. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Also fix Makefile build.extra_flags override that was clobbering ESP32 core defines (-DESP32=ESP32 etc). Use build.defines instead, which is included within build.extra_flags and starts empty. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move variant-specific src/ files into sketch directory to follow Arduino convention. Keep Flipper's own TelemetryReporter (line-based protocol for Flipper app). Fix radioType null-check for char array. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Dockerfile builds a debian:bookworm-slim image containing arduino-cli, ESP32 core v3.0.7, all Arduino libraries (version-pinned), doctest.h, and pre-warmed core caches for all 4 FQBNs. Source is bind-mounted at runtime so the image is reusable across branches. Also adds docker-compose.yml (build-all, test, shell, build-variant services), entrypoint.sh (seeds doctest.h into bind-mount), .dockerignore, and Makefile docker-* targets. Fixes a portability bug in test/mocks/Arduino.h: adds <cstdio> for snprintf, which macOS clang resolves transitively but Debian clang-14 does not. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Audit all dependency versions against latest available in the Arduino library index, update where possible, and centralize pins in a single versions.env file consumed by both Makefile (include) and Dockerfile (--build-arg). Version changes: - Base image: debian:bookworm-slim → debian:trixie-slim (Debian 13) - arduino-cli: unpinned → 1.4.1 - ArduinoJson: 7.3.0 → 7.4.2 - NimBLE-Arduino: 2.2.1 → 2.3.7 - M5Unified: 0.2.2 → 0.2.11 - Adafruit SSD1306: 2.5.13 → 2.5.16 - doctest: 2.4.11 → 2.4.12 - ESP32 core: 3.0.7 (unchanged — newer causes IRAM overflow) - U8g2: 2.35.30 (unchanged — already latest in Arduino index) - Adafruit GFX: 1.12.4 (unchanged — already latest) Makefile install-deps now pins library versions from versions.env, matching what the Dockerfile installs. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move duplicated content (setup, architecture, telemetry, configuration, troubleshooting, extending) from 6 variant READMEs into 8 shared docs/ files. Add new docs for build system and testing (previously undocumented). Restructure CLAUDE.md as a scannable agent gateway with dispatch table. Fix incorrect .ino filename reference in portable variant README. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
3 tasks
There was a problem hiding this comment.
Pull request overview
This PR refactors the detection scoring system from numeric thresholds to flag-based alert tiers, adds direct Flock Safety OUI detection (B4:1E:52), expands surveillance camera OUI coverage, and tunes WiFi/BLE scan parameters for improved detection. The changes also consolidate shared headers into common/, establish a comprehensive test suite, and introduce a build system with Makefile and Docker support.
Changes:
- Replaces numeric certainty scoring with flag-based alert levels (CONFIRMED, SUSPICIOUS, INFO, NONE) determined by detector combinations
- Adds dedicated Flock Safety OUI (B4:1E:52) and surveillance camera OUI detectors with curated manufacturer list
- Reduces WiFi channel dwell time to 300ms, increases BLE scan duration to 2s, and adds probe response capture
- Consolidates duplicated headers into
common/directory and adds comprehensive unit test suite with doctest - Introduces Makefile/Docker build system with pinned dependency versions in
versions.env
Reviewed changes
Copilot reviewed 68 out of 71 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
common/DetectorTypes.h |
New detector flag system, alert levels, device tracking types |
common/Detectors.h |
All detector functions including new Flock/surveillance OUI detectors |
common/DeviceSignatures.h |
MAC OUI lists including Flock Safety and surveillance camera manufacturers |
common/ThreatAnalyzer.h |
Complete rewrite with flag-based scoring, DeviceTracker, alert tier logic |
common/TelemetryReporter.h |
Updated JSON output with detector breakdown and alert levels |
common/EventBus.h |
ThreatEvent struct expanded with matchFlags, detectorWeights, alertLevel fields |
test/*.cpp |
Comprehensive unit tests for detectors, device tracker, and threat analyzer |
*/RadioScanner.h |
Scan timing tuned (300ms channel dwell, 2s BLE), probe response capture added |
*/*.ino |
Thread-safe event processing, include path updates, alert logic using new tiers |
Makefile |
Complete build automation for all variants, tests, LittleFS upload, Docker |
Dockerfile |
Reproducible build environment with all dependencies pre-baked |
versions.env |
Single source of truth for all dependency versions |
docs/*.md |
Comprehensive documentation covering architecture, build system, testing, etc. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
4 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Test plan
make testand verify all unit tests pass including new OUI detector tests🤖 Generated with Claude Code