Even though the title of the paper reads “Uncovering Vulnerabilities…”, it is very unlikely that the Flipper will ever be able to replay/emulate/clone a Hörmann BiSecur remote. Although the paper shows that researchers were able to discover a weakness, it also says that the weakness has been mitigated by the manufacturer. Also, the researchers show that the BiSecur system is actually pretty elaborate in it’s principles.
I think that Hörmann BiSecur should be considered “dynamic” in the wording of the Flipper for now.
However, I would actually like to contribute what I can to make Hörmann BiSecur Remote Signals identify as such by the Flipper. I have access to a couple of Hörmann Garage Doors and Remotes and I’d be more than happy to provide a number or raw captures, I am confident about the frequency selection, but unsure about the modulation. Can anyone advise ?
P.S.: The non-BiSecur System of Hörmann gates and remotes on 868MHz is already implemented (flipperzero-firmware/hormann.h at dev · flipperdevices/flipperzero-firmware · GitHub) and named “Hörmann HSM”, which I am not so sure that this a correct/unique name (I am able to find Hörmann remotes with the name “HSM” that work in the other frequency ranges/systems, therefore I believe HSM is not the name of the system/protocol).
It’s a bit unusual, but Hörmann customers can actually identify their system by the color of the keys on the remote. In that schema, the above mentioned non-secure Hörmann system on 868MHz would be identified by the color blue, maybe hormann.h etc. need to be renamed to hormann_blue.h.
I was not able to find documentation in english language about the button color mapping (german manufacturer), but in german, I have two resources. Luckily, thanks to pictures, they should be understandable in any language: