Thinking CNC

Here we go.

I’m planning to build an X-Y table to allow me to drill printed circuits, from designs I’ve prototyped with an Arduino and created circuit designs for using CadSoft Eagle.  It’s basically a small metal slab, about a sixth of a dinner table size, that will slide left and right, forward and backward, very very precisely, under computer control. I’d clamp a printed circuit board to it, and use my notebook to control it and a small drill, to poke holes in the board for later component soldering.

Now, I’m basically a programmer with some units in mechanical engineering that I didn’t see through. There’s a terrible lot that I don’t know about machine design, component sizing, power transmission, tolerancing – but I do know which of these dogeared and dusty University textbooks on my deskshould contain low level details, if I need them. Also, there’s a wealth of information on machinists’ websites that contain ideas that we can cobble together to synthesize a workable design. All that, plus a bachelor’s wherewithal with his weekends and some spare cash, we’re going to go design and build this thing.


I live in Mandaluyong City, Manila – full stop. That’s it right there.  This is not a Maker Faire friendly city – at least not for the type that can’t be bothered to take a 50-minute commute and walk to go 8 kilometers and visit merchandise shops in the Binondo area. Insane import tariff schedules, and a weak domestic hobbyist market for basic electromechanical components, mean getting hold of anything more complex than prebuilt Arduino boards and common discrete ICs is going to be very tedious – or expensive, if you decide to go take the Radio Shack route. Purchasing a simple ball thread screw and nut online will set you back anywhere between PhP 4,700 to well over 20K – which can be most of a technepreneur’s monthly paycheck.

So there’s going to be some engineering tradeoffs that will hit hard, and early in the design phase. Forget about using 8020 aluminum extrusions for your X-Y table frame – nobody stocks those. You’ll have to use raw metal stock – bars, rods, and simpler, generic extrusions – to impart stiffness and rigidity to your design.  Much of the control electronics will need to be built using through-hole soldered components – nobody runs a PCB fab house for hire who’ll run a few boards for your project, as everyone uses imported photosensitive copper-clad FR4 boards. Any small shops that do PCB photolithography in Mandaluyong, Caloocan, Makati, Paranaque or Marikina cities aren’t advertising that. Forget about SMD pick and place machines – you’ll be using tweezers and a lens to put tiny chip resistors and capacitors, and a fine-tipped soldering iron.

That said, the hunting and thinking and working with your hands is just so much fun.

We’ll tackle the project in two huge chunks, and just break those chunks down as we go along.

Step zero is identifying the problem we want to solve:

  • Build a motor-controlled, 2-axis milling table using the maximal amount of locally-sourced raw stock and parts, that will permit drilling, milling, and possibly routing operations on printed circuit boards made of copper-clad fiberglass-reinforced epoxy laminate.


If you’ve seen a pen plotter in action as it draws even just a monochrome floor plan or machine design, you’ve probably also thought – man, that is beautiful.  It simply moves a pen along two axes, and triggers pen plunge and withdraw at exactly the right places to, well, draw a thousand words. Pictures of buildings or cars or a Mandelbrot set window, directed by a computer.  That pen plotter is your basic 2-axis table, with a spindle that holds a pen (or set of pens), instead of a machine tool or metal/plastic spray head; the third axis of movement, being constrained to raised/lowered to discrete positions, makes it a 2.5-axis table. A three-axis table would permit continuous motion in the third (also ‘z’) direction.

(Hm. Come to think of it, designing this table as a three-axis build might be useful for solving our own problem, as we could plunge a drill bit fast, and just sloooooow down in the last few millimeters or so before making a controlled drill cut. So heck, why not. The rotational degree of freedom in the spindle drill or milling head makes it a 4-axis table, as the spindle drill velocity will no doubt need to be controlled in continuous increments as well, to adjust to cutting conditions and material properties.)

In addition to drilling holes precisely (to within 1/1000 of a drill hole diameter, or better, in both the X and Y directions), we’ll also want the capability to perform routing and milling operations using this table. Typically, a hobbyist circuit design will be small – a few dozen traces, possibly twice as many holes – and so the circuit board will not occupy a whole precut plate.  The etched circuit board need to be trimmed to it’s final dimensions. It would be useful to be able to switch between drilling and routing, where the tool bit is made to cut “sideways”, instead of down into the board. The spindle head must be made capable of bearing significant sideways load, up to the buckling strength of the bit.

How about Z-axis precision? Precision costs: A solenoid is cheaper than a ball threaded screw. There are ways to energize a spring-loaded solenoid electromagnet to control acceleration that are fairly inexpensive (by control of current), but achieving accurate positioning with just current control is not so easy, without going into more analog electronics than I’m comfortable getting into. So, we refine the problem details a little further: We need to drill clear through a piece of laminated fiberglass and a few mils of copper that’s about 1/16th of an inch thick, with no real need to punch accurately to an intermediate depth. So we’ll consider controlling depth of cut via solenoid current, limited by mechanical travel stops, and perhaps use a spring-loaded plunger to pull the spindle up when the maximum travel limit has been reached. The lower plunge depth limit can be sensed with a simple contact switch, and is an attractive alternative to achieving [costly] full, three-axis motion precision.

How about transforming rotary motion to linear motion in the other two axes: What are the options?

A slider linkage would be pretty inexpensive. This might use a DC servomotor with position encoders to tell our circuits how far the driving crank is along its’ arc, from which we can compute the absolute position of the sliding link (which gives us the table position). This won’t give us constant accuracy along the plane of travel, though, unless we only use a small portion of the travel path as our working path (in the vicinity of 45° +/- 15 degrees, say). Or we make the crank arm pretty long, and size up the motor accordingly.

Somebody could probably synthesize a straight line path with a 4-bar mechanism. We don’t really care about intermediate inertia forces, as the table will typically be stopped during a plunge cut – when drilling. But this precludes a simple position control algorithm, (which we’ll obtain after synthesis of the straight line path), as we apparently need to control velocity and torque (cutting edge forces) consistently during routing cuts. This velocity constraint imposes an additional path generation constraint that we can transform into a fixed motor speed limit input varying by material, or make into a continuous-valued speed control parameter. I suspect this is possible, stepper motors are said to exhibit large torque driving capability at slow stepping speed. If we can’t synthesize a path generator with closely spaced, discrete stepping points,  we’ll almost certainly see jams, bit breakage, or oscillation while a side cutter is running.  The shift from point to point on the cutting cylinder would represent tiny jumps in tooth tangential velocity as the stepper is rotated through small discrete angles. This means that we’d need to use a reduction drive and/or microstepping. Interesting.

Then there are timing belts and chain drives, with or without a reduction gear (or gearbox) on each of the steppers; ball screw and nut linear drive with rigid coupling to the axis stepper; rack and pinion drive (with the rack fixed rigidly to the workpiece stage); a conveyor roller (which eliminates the rack and uses friction contact between the workpiece stage and a stepper-driven roller). All these methods are direct drive methods that don’t require pneumatics, for which we won’t need to get into hydraulic drive and the requisite pumps and tubing. We’ll get into those another day.


Ear to the Edge of Time

They sent up a dog in the Sputnik, once

in the interests of science.She didn’t know that there was only

six days air inside.

And so what – dogs die everyday. Give one over.

Put down in kennels. Neglected.

So why, now, am I so haunted by

this whimpering canine, locked in a cab,

and shot into space?


Did they give her a window, at least?

Some evidence of where all that blasting rocket fuel was taking her?

Did it break the heart of the scientist who had told her

to sit nice and still – and did his training work?

Or when the rubbish dropped back to earth,

was the inside of the ship covered In deep grooves

and marked with scratches?


– Excerpt from the play Ear to the Edge of Time

BBC Science in Action podcast (22:54)

Slim Maker’s Pickings

Finished ooohing and aaahing at finds from the day’s walk, to wind down with a somber thought: This “comparative advantage” thing, that crowds out tiny entrepreneurial shops’ product in favor of imports, has a teeny unintended side effect – the bottom falls out of the demand for basic components.Want to build a computer-controlled lathe? Good luck. At best – at best! – you get to start your construction practically ex nihilo – well, not really out of nothing, as it turns out little boutique junk shops sell leftover cuttings from steel plate slabs, for example. And the ideas you need are out on the Web to seek out, arrange and pick from. But the raw material you need will be difficult to come by.


Take this afternoon’s quick three kilometer walk down to Kalentong Street. Down that three kilometer stretch of commercial store fronts, there were exactly four shops that made aluminum and glass frames, five Internet shops, two hairdressers, three grocery stores, three (four?) automobile parts stores, six hardware and construction supply shops, three banks, a couple of junk shops, five fast food outlets, three carinderias, a city college, and one machine shop. Of those six hardware shops, exactly one sold power tool cutting bits – the business end of drill presses and milling routers. The machine shop I’d asked apparently didn’t know someone just 200 meters away sold tool parts, and appeared to reuse and resharpen their own high speed steel bits on a cutter straight out of a 1960s small machine shop floor.


What got me thinking was that chat I’d got into with the fellow who sold me the countersink bit for my router. I’d noticed that his shop, all perhaps 40 square meters with wooden shelves crammed floor to ceiling with carpentry and plumbing and machinist’s odds and ends, all hung about with the lngering smell of light machine oil, stocked some pretty scarce bits. NSK bearings. Hand taps. Wire filters. All manner of brass fittings sitting in worn cardboard boxes like jewelry for Edward Scissorhands. I’d wondered, did they stock these odd looking aluminum extrusions, that I could maybe use for a machine bed frame?


Ah, it’s not the kind of thing we’d stock, and he’d warned I have a hard time coming by these particular bits I was looking for. It turned out that this hardware store was also something that let him scratch a hobby itch of his – he assembles solar panels, and apparently this shop let him access to parts and fittings for that kind of DIY job. Uy, that’s cool!  He’d warned me that I’d find that importing components would wind up being more expensive than buying completed assemblies. The taxes (by which I think he meant tariffs) that would have to be paid for import duties typically kill off small enterprises trying that sort of thing.


I agreed, recalling finding Radio Shack listings for exactly the parts I was looking for. Absolutely ridiculous prices. Something like 8,000 pesos for a 50 centimeter ball threaded screw; and a ludicrous 37,000 for this end thrust bearing, and 16,000 for a pillow block to support the screw midway. All told, sixty-one thousand pesos for three pieces of metal to slide a small tool plate back and forth 50 centimeters. That’s more than my net monthly income, dammit.


There used to be a time that there were small machine shops that made those small bits of metal, he recalls. I’d forgot to mention the small machine shop I’d passed, which owner had given me directions to Yale Hardware, a full hour’s walk further away. That’d be another place to try on the first coming weekday, he’d agreed. But there’s no demand from others for what you’re looking for. Except perhaps for those carbide milling bits.


I’d had an uneasy chuckle, saying that perhaps I ought to rethink this project of mine. Oh no, he’d said, you should go ahead and try build it, but it won’t be easy to put together, much less find the stuff you need locally. Gagawa ka.


Ahh. It won’t be easy.  I fancy thinking someone will find it entertaining that I’ll finally make a milling tool frame out of high density hardwood, or medium fiberboard. There’s problems that can be engineered around, certainly, but it doesn’t seem particularly appealing to make a 100 kilogram wood frame when what the job calls for is metal.


My problem is that we don’t make that metal, and that really, really pisses me off.


Gagawa ka, Toff.

Gatdula’s Obscurantism is Dangerous

I’d originally posted this as a comment to the CBCP article, RH bill deprives Filipinos of Constitution-guaranteed freedom — lawyer (9 February 2012), which was a curiously twisted read to wrap my head around. And a bleepingly irritating read, at that.

Your friend, the lawyer Gatdula presumes too much, that the “tenets of our lawmakers’ faith” should hold primacy in deciding a moral path in the matter of the RH Bill. The moral path along which you are guiding your flock is a dangerous one, not least for the sophistry it engenders in your advocates. The argument Gatdula wishes to promote pushes, through our fallible politicians, the entire nation toward an ecologically, not to mention quite possibly economically, precarious future.

Consider the impact of your pro-death position, which leads to loosing bounds on population growth. If you succeed in blocking this RH bill in it’s entirety – and, likely, others to follow it – you will have removed an important instrument with which to contain the growth of the Philippine population. This will have effects several generations down the line, far removed from the political climate which surrounds the present debate.

Now consider this: Have you thought out what it takes to sustain a population of 250M people? Three hundred million? Five? Does your spiritual technology provide for the kind of ecological and social strains that will create? Do you imagine that the faithful OCW flock can expand to fill a global niche? Or are you hoping for the best? The phrase “pro-death” I’ve used is quite precisely chosen: An unsupportable population size teems with lives which potential will not be realized. What is that, but a living death, to exist in that way?

Be mindful of how you wield your influence in this society – it is a far ranging power, to wield minds and attitudes. The longer you persist in maintaining this stance, the greater of a danger you are becoming in the eyes of more and more in the Filipino nation, including,

Yours truly,

Antonio A Hilario

Fencing the Frontier (II)

After getting over my irritation (and mild embarrassment) that the Senate legislative content server doesn’t even have a proper domain name – and that their cybercrime bill 2796 comes in so close on the heels of the United States’ abortive SOPA and PIPA legislative disasters – my next gut response was “okay, just what have our legislators got up to now?”

I’ve been a consumer of Internet content for over a decade, and a programmer and Web developer for almost a decade; and SB 2796 troubles me in a number of ways. I’ll walk through these sections of the bill that bother me.

Cybercrimes against things

SB 2796 is not about your right to use electronic communication with, say, reasonable expectations of privacy. The Declaration of Policy (Section 2) emphasizes protection of computer systems

from all forms of misuse, abuse, and illegal access by making punishable under the law such conduct or conducts.

It is, straightforwardly, about the State adopting “sufficient powers to effectively prevent and combat such offenses by facilitating their detection, investigation, and prosecution at both the domestic and international levels.”

I dislike the imprecision in their definition of the terms in Section 3. Take one mild example, its definition of a “service provider”:

  • any public or private entity that provides to users of its service the ability to communicate by means of a computer system, and
  • any other entity that processes or stores computer data on behalf of such communication service or users of such service.

Now, am I a service provider, if I operate a weblog where my readers are allowed to post comments, and converse among themselves? How about when I establish a chat service for my friends on my rented web server – are both I and my ISP “service providers”?  I was hoping to set up a site that’s a kind of mashup between Mathoverflow and Wolfram Alpha – will that make me a “service provider?” These questions are relevant to reading Chapter II, “Punishable acts”, where it is lawful for a service provider to intercept, use, or otherwise disclose the content of activity on the service.

There’s a few more bits in Section 3 about electronic interception, subscriber information (basically any information related to a service user’s location, service details, and billing history), and “traffic data or non-content data” (network traffic data ), and that all-important modifier phrase, “without right,” that are germane to the discussion of punishable acts, which I’ll spell out in detail later.

It is Section 4 that defines three categories of “cybercrime” offenses: Those that detrimentally affect confidentiality of data and reliability of computer systems; computer-assisted fraud, and forgery; and content-related offenses.

We Ownses Your Datas

The first category includes two specific offenses: Illegal intercept, and misuse of devices, both of which are of interest to users and, crucially, system administrators.  Illegal interception is

The intentional interception made by technical means
without right of any non-public transmission of computer data to,  from, or within a computer system including electromagnetic emissions from a computer system carrying such computer data: Provided, however, That it shall not be unlawful for an officer, employee, or agent of a service provider, whose facilities are used in the transmission of communications, to intercept, disclose, or use that communication in the normal course of his employment while engaged in any activity that is necessary to the rendition of his service or to the protection of the rights or property of the service provider, except  that the latter shall not utilize service observing or random monitoring except for mechanical or service control quality checks.  [Emphasis mine].

It is striking that nothing is said about restrictions about how that data may be handled or used. There is no provision for how certain kinds of system data should or should not be handled.  Shouldn’t there be something explicitly said about what is broadly prohibited to be done with system users’ data? Shouldn’t information about third parties be protected (i.e. by encrypting it) while it is in the possession of the service provider?

I’ll give you an example: as a computer system administrator I may make a USB flash drive copy of a database table containing my subscribers’ transactions on my site, and transfer it to a different, (perhaps offline) system inside my company as part of my daily routines. Then I can take the flash drive home, can’t I? Nothing wrong there. What if that database table contains our customers’ credit card billing data – and I lose the flash drive? No problem! It’s a sad loss, but completely legal for my company to be operating without data integrity safeguards. Or, I could pass it on to a senior manager, who’ll be converting those tables into mail lists of our highest-spending site users, which we can sell on to e-marketing firms. All completely legal, as this is done as part of my duties as an employee.

(Update, 25 September, 2012: The Data Privacy Act of 2012, specifically Section 11 (General Data Privacy Principles) up to Section 16 (Rights of the Data Subject) address this issue, and specify the scope of responsibility of so-called “personal information processors.”  More on this in later posts.)

There are simply no good business or economic reasons to say that improving the security around citizens’ data is infeasible, too costly, or too complicated. We largely have the software and semiconductor industries to thank for this. While data encryption, for example, is still compute-intensive, it is no longer as costly as it used to be only a few years ago. What I mean by this is that there are programming practices and techniques for, say, writing Web site business logic, or for designing complex desktop programs, that can improve privacy and security using encryption techniques which, only a few years ago, would have required faster processors or more memory. Well, guess what? Today, we have those faster processors and more memory.

Methodology for computing systems design has evolved to both meet time-to-market pressures and attain software quality goals. There are programming and system administration practices which can be put in place to foil casual data theft by system operators and employees, and can be reasonably mandated by a cybercrime law to be a service provider’s obligation to exercise. Societies’ know-how has evolved to the point where we can reasonably enforce responsibilities of third parties that handle citizen data, that they do so with sufficient safeguards to privacy and freedom from unwanted use of that data.

As it stands now, the definition of “illegal access” provides implicit, blanket license to “service providers” to do practically anything they want with the information that enters their domain – which may not be same as what the owner or subject of that data might want.


Possession of ‘ping’ a punishable offense?

This innocuous-sounding definition “Misuse of devices”, Section 4A(5), is as much useless as it is apparently poorly thought out, as it ignores “dual use” capability of most computing equipment and software. We need only point out two phenomena to demonstrate why: commodity software (including open source software), and malware.

The main point about software being a commodity (free or paid for) is simply that software is ubiquitous, and the crucial thing about commodity operating systems is that there is a whole bucket of tools in each of them – be it Windows, OS X, or Linux – that can be used to find out things about other networks or computers, usually by interacting with them in some way. These tools can be used to analyze, for example, an Internet site target to find out whether it’s visible on the `Net, learn what software the site is running, learn it’s vulnerabilities, and so on – and thence, defend, or attack it. Many software tools used by IT professionals can be used both ways: as diagnostic tools, for instance, or for illegal intercept. The picture processing tool Photoshop, a favorite of web designers and graphic artists the world over, is also able to be used for digital image forgery.

Worse, there are inevitable defects, particularly in new software, that make them prone to being used to attack the machine on which they are used. This is why the newest software isn’t always the best thing to have running on your computer, and why Windows XP is still a better choice for privacy and security conscious computer users (at least if you have no choice) – it’s simply been through a lot more “consumer testing” and has more bug fixes than the newest iteration of that Microsoft operating system.

Which brings us to software that’s been written for purposes that a computer owner does not intend – malware. Anybody who’s been bit by malware knows the signs: Odd behavior from the trusty desktop; increased traffic and reduced Internet access speed; possibly even lost or corrupted files.  It is very likely that many more computer users have been afflicted by these pieces of rogue software that may have been passed on to them by a coworker’s USB stick or, more commonly, by downloading it from the Internet, and who aren’t aware that their computer has been compromised.

It would be more useful to specify creation and dissemination of malware as a punishable act. Otherwise mere possession of a computer containing ping, telnet, nmap, wireshark, dig, or tcping, let alone socat (a general-purpose network socket tool) puts the holder at risk of falling foul of the law. The committee that drafted this Bill needed to go get a clue, perhaps starting with watching a TED Talk or two, and getting a grip on this simple idea: Electronic communication devices and software are “dual use” tools. If government intends to be up to the task of prosecuting misuse of these tools, they would do well to specify the who and what needs protecting, perhaps more than specifying a broad class of dual-use technology.  They could have done better by identifying, generically, breaches of information systems that put life, property, and rights at risk, rather than the tools with which these risks may be created.