While I might not have the best opinion of the system as a whole due to its "black box" approach, weak security and even some misconfiguration, one positive thing that can be said for the vendor is they give out their software tools freely and are happy that their users expand upon it. (If they can understand it first, heh.)

I was lucky to find their implementation of a remote access server in a form of a Raspberry Pi image online just in time - after a year or so the site went down. I studied it and figured out what steps needed to be done to make a fresh install on the latest (then) Raspbian OS.

I learned that the Android smart apartment app could function in two modes - locally it uses a custom UDP protocol to talk to the PLCs directly but it also supports HTTP communication for remote access.

The software running on the vendor provided Raspberry Pi image comprises a python service that translates HTTP calls to UDP commands and also a Django based web interface where one can make a custom UI for controlling the PLCs and even set up some basic data logging and graphing of the sensor measurement (temperature, humidity, air quality,...).

I was quickly able to configure it for my apartment, my RPi acting as a bridge between the internal network (connected to its ethernet port) and the internet (connected via Wi-Fi). The only trick was to change the local IP subnet of my internet router to a new one because the apartment stuff used a very common one which conflicted with it and could not be changed. I had to of course also open up port 80 so the Android app installed on my smartphone could access it.

It worked quite well - I managed to copy all the UI configuration for the Android app from my wall-mounted tablet and after fixing a bug in the Django/python code that only allowed data to be read (ie. status of the lights) and not written to (ie. turning on the lights) it worked well.

However, the security of the whole setup bothered me and I knew I couldn't offer this to my neighbors as a proper solution:

• The Django version was hopelessly outdated and I was not in the mood to learn how to migrate the code to the latest one - it later also turned out that I could just remove the Django web interface altogether and just focus on the python HTTP-UDP service
• There were security/privacy issues with the web app built on top of Django - for one, reading data from the apartment was not password protected at all with no facility to protect it! It seems that the original purpose of the software was such that the security model was designed only to protect write access. I don't like the idea of strangers knowing whether I'm home (lights probably on) or not.
• Only HTTP was supported. In the era of Let's Encrypt, this is unforgivable. Unfortunately the original software solution only allows for the server side to be upgraded from HTTP to HTTPS - the Android app has http:// hardcoded right in and there's no point in HTTP redirection if the credentials are first leaked in plain, is there? :)

More effort was needed.