copyright © 2008 zigbee tm alliance. all rights reserved. wireless control that simply works zigbee...

Copyright © 2008 ZigBeeTM

Alliance. All Rights Reserved.

Wireless Control That Simply Works

ZigBee Technical Overview

Wireless Japan

Tokyo, JapanJuly 23, 2008

Wireless Control That Simply WorksZigBeeTM Alliance |Copyright © 2008. All Rights Reserved.

2

Presented by:

Drew Gislason

President and CTO

San Juan Software

Former ZigBee Alliance Secretary to theApplication Framework Group

E-mail: [email protected]


3


■ Latest Version of the ZigBee Specification: ZigBee-2007

■ The ZigBee-2007 Specification contains definition of two feature sets:

►ZigBee feature set

►ZigBee PRO feature set

■ The ZigBee and ZigBee PRO feature sets interoperate, network wise, in a limited way within a single network:

►ZigBee devices may join PRO networks as an end device

►ZigBee PRO devices may join ZigBee networks as an end device

■ ZigBee and ZigBee PRO devices fully interoperate at the application level on the same network

■ ZigBee and ZigBee PRO devices fully interoperate if standard security mode is used on the network


4

ZigBee Feature Set

■ ZigBee Feature Set

►Ad-hoc self forming networks Mesh and Cluster Tree

Unicast, broadcast and groupcast

►Logical Device Types Coordinator, Router and End Device

Optional Network Manager for PAN ID conflict and frequency agility

►Standard Application Services Device and Service Discovery

Optional acknowledged service

Optional fragmentation/re-assembly service

Cluster Library support to standard definition of application messages

Mechanism to support mix of Public and Manufacturer Specific profiles in the same network, all supported by standard ZigBee network and application features


5

ZigBee Feature Set

■ ZigBee Feature Set (continued)

►Security Authentication and Encryption at Network and Application levels.

Symmetric Key with AES-128

Key Hierarchy: Network Keys and Application Link Keys (optional)

►Qualification Platform Conformance Certification

Manufacturer Specific Product Certification

Public Profile Product Certification

Regularly Scheduled Interoperability Events


6

ZigBee PRO Feature Set

■ ZigBee PRO Feature Set

►Ad-hoc self forming networks Mesh only

Many to One and Source Routing Enhancements

Network layer multicast

►Same Logical Device Types as ZigBee feature set (ZC, ZR, ZED) Network Manager for PAN ID conflict resolution and frequency agility

►Same Application Services as ZigBee feature set

►Two security modes: Standard security compatible with ZigBee feature set

High security


7

ZigBee PRO Feature Set

■ ZigBee PRO Features (continued)

►Security Symmetric Key with AES-128

Authentication and Encryption at Network and Application levels.

Key Hierarchy: Master Keys (optional), Network Keys and Link Keys (optional)

►Qualification Platform Conformance Certification

Manufacturer Specific Product Certification

Public Profile Product Certification

Regularly Scheduled Interoperability Events


8

ZigBee and ZigBee PRO Protocol Stack


9

Stack Architecture

IEEE 802.15.4defined

ZigBee TM Alliancedefined

End manufacturerdefined

Layerfunction

Layerinterface

Physical (PHY) Layer

Medium Access Control (MAC) Layer

Network (NWK) Layer-

Application Support Sublayer (APS)

APS MessageBrokerManagemen

t

APS SecurityManagement

ReflectorManagement

ApplicationObject 240

ApplicationObject 1…

Application (APL) Layer

ZigBee Device Object (ZDO)

Endpoint 240APSDE-SAP

Endpoint 1APSDE-SAP

Endpoint 0APSDE-SAP

NLDE-SAP

MLDE-SAP MLME-SAP

PD-SAP PLME-SAP

SecurityManagement

MessageBroker

RoutingManagement

NetworkManagement

2.4 GHz Radio 868/915 MHz Radio

SecurityServiceProvider

ZD

O P

ublic

Inte

rfac

es

Application Framework

ZDO

Man

agem

ent P

lane

APSM

E-

SA

PN

LM

E-S

AP

NLME-SAP


10

Application Device Type Model

802.15.4Device Type

FFD – Full Function Device

RFD – Reduced Function

Device

• Distinguishes the type of hardware platform

Logical Device Type

ZigBeeCoordinator

ZigBeeRouter

• Distinguishes the Logical Device Types deployed in a specific network

ZigBeeEnd

Device

ApplicationDevice Type

e.g.Light

Sensor

e.g.Lighting

Controller

• Distinguishes the type of device from an end-user perspective...

• ZigBee products are a combination of Application, Logical, and Physical device types• Profiles may define specific requirements for this combination, but can also leave this up to

manufacturers


11

ZigBee and ZigBee PRO Network Communication Model (Mesh Routing)

ZigBee End Device (RFD or FFD)

ZigBee Router (FFD)

ZigBee Coordinator (FFD)

Mesh Link

Note: Mesh networking is a bandwidth and RAM efficient routing method. Mesh is supported by both ZigBee and ZigBee Pro networks.


12

ZigBee Network Communication Model (Cluster Tree Routing)


ZigBee Router (FFD)

ZigBee Coordinator (FFD)

Note: Cluster Tree Routing is the backup routing method in ZigBee (SP1) networks, used if mesh is busy.


13

ZigBee PRO Network Communication Model (Many to One and Source Routing)


ZigBee Router (FFD)

ZigBee Coordinator (FFD)Concentrator

Mesh Link

Note: Concentrators may be any router in the network (not just the ZC). Source routing allows scaling in large networks with limited RAM in most nodes.


14

ZigBee and ZigBee PRO Network Topologies and Routing

■ Mesh network routing permits path formation from any source device to any destination device via a path formed by routing packets through neighbors

► Table routing employs a simplified version of Ad Hoc On Demand Distance Vector Routing (AODV), an Internet Engineering Task Force (IETF) Mobile Ad Hoc Networking (MANET) submission

► Used in both the ZigBee and ZigBee PRO feature sets

■ Cluster tree network routing directs packets up and down the tree structure created through network formation until they reach their destination

► Must use “netmask” type tree routing (up and down the parent/child links)► Fails if parent/child links are not usable over time► Used only in the ZigBee feature set

■ Many to One and Source Routing features address limitations in Mesh network routing where table size requirements are large in certain data transmission scenarios

► Many to One allows any device in the network to route data to a well known concentrator through a single routing table entry in every device

► Multiple concentrators in a single network are possible► Source routing allows a concentrator to route responses back to each device supplying

a Many to One data request without additional route table entries

■ End Devices are low power in either feature set since they don’t participate in routing and only communicate through their parent (routers or coordinator) at application specified times


15

ZigBee Application Model

■ Devices are modeled through Application Objects

■ Application Objects communicate through the exchange of Clusters and Attributes

■ Each Profile Object can contain single or multiple Clusters and Attributes

■ Binding mechanism ensures interoperable exchange of Clusters/Attributes

■ Clusters/Attributes are sent ►Directly to destination application

objects(thereby to target device)

■ Generic ZigBee device functions are provided through ZigBee Device Objects

Light Switch

ZigBee Device Objects(e.g. ZigBee End

Device)

Light Switch Object

Light Controller

ZigBee Device Objects(e.g. ZigBee Coordinator)

Lighting Control Object

On-Off


16

ZigBee Application Model

■ Application Profiles are an agreement on a series of messages defining an application space (for example, “Home Automation” or “Smart Energy”)

■ Endpoints are a logical extension added to a single ZigBee radio which permits support for multiple applications, addressed by the Endpoint number (1-240)

■ Key Relationships:► Maximum of 240 Endpoints per ZigBee Device (Endpoint 0 is reserved to

describe the generic device capabilities and Endpoint 255 is reserved for broadcasting to all endpoints, Endpoints 241-254 are reserved for future use)

► One Application Profile described per Endpoint


17

Security Services Provider (SSP)

■ Security at each layer:► Network (NWK) layer security for network command frames (route request, route reply, route

error)

► Application (APL) layer security for Application Support Sub-layer (APS) frames

■ Two Security Modes► Standard Mode (ZigBee and PRO feature sets) – Two NWK keys, APL security via NWK

key. Ability to switch NWK keys. Optional use of Application Link Keys for pairs of communicating devices at APL.

► High Security Mode (PRO feature set only) – Two NWK keys, separate Link Keys for pairs of communicating devices at APL. Master Keys with the Trust Center for key transport and key establishment. Ability to switch NWK keys. Entity authentication between all pairs of communicating devices.

■ Security Implementation► Trust Center –Creates and distributes the Network Keys. Manages switch from active to

secondary Network Key (Standard and High Security Modes). Optionally supports Master Keys and Trust Center Link Key establishment and transport (Optional in Standard security mode and mandatory in High Security mode)


18

Security Services Provider (SSP)

■ Key Hierarchy► Master Key (could be programmed in or provided *in the clear* from the

Trust Center) – High Security mode only

► Network Key (used for all NWK commands from any device and for APS messaging) – Standard and High Security modes

► Link Keys (used for each pair of communicating devices) – Standard and High Security modes

■ Features in either Security Mode► Authentication and Encryption

► Freshness (frame counters)

► Message Integrity


19

Security Service in Standard Mode

Unsecuredkey-transport

NWK KeyBasis of security between two (or group of) devices

Factory or out-of-band installed

Frame Security Service

Secures all frames (except key-transport)

Key-Transport ServiceUnsecured key-transport of

NWK key

Authentication ServiceSecure authentication that a device shares a

NWK key.

NWK key is used as basis of security services


20

Security Service in High Security Mode

Unsecuredkey-transport

Link Key/NWK KeyBasis of security between two (or group of) devices

Master KeyBasis for long-term security

between two devices

Factory installed

Frame Security ServiceSecures all frames

(except key-transport)

Key-Transport ServiceSecure key-transport of

‘group’ link keys

Key-Transport ServiceSecure key-transport of

‘master’ keys

Authentication ServiceSecure authentication that a

device shares a link key.

Link key is used as basis of security services

Secured key-transportfrom trust center

SKKE protocol or

Key Transport

Secured key-transport of ‘group’ link keys


22

Feature Sets

■ Agreement of stack parameters, settings and policies for a family of application profiles (including manufacturer specific application profiles)

■ Current feature sets:►ZigBee (mesh routing+cluster tree routing)

Beacon-less, mesh network

Supports any application profile

►ZigBee PRO (mesh routing with enhancements) Beacon-less, mesh network

Enhanced support for large networks

Enhanced security mode

Application layer compatibility with ZigBee feature set

■ Feature set identifier supplied in beacon payload. Devices join appropriate networks supporting desired feature set.


23

Deployment

■ Commissioning►Devices are programmed for a specific feature set or to join specific

alternate feature set networks If multiple networks with the same feature set are present, the application

needs mechanisms to help the device select the correct network

►Provision security keys (unless they are provided over the air)

►Establish command/control relationships in the network (binding)

►Commissioning can take place via a dedicated commissioning tool (laptop or PDA) or via installation key presses on a remote control or the device itself

■ Common Maintenance Operations requiring application support►Adding new devices to an existing network

►Combining networks

►Replacing devices in a network


24

Summary

■ The ZigBee and ZigBee PRO feature sets provide an ad-hoc, self forming network topology supporting mesh routing

■ ZigBee and ZigBee PRO feature sets provide an agreement on specific configuration parameters and network settings to create multi-vendor interoperable networks

■ ZigBee application profiles are an agreement on message formats and command/response exchanges which provide a documented method to create interoperable device types

■ Current status on the ZigBee Ecosystem:►45 product listings for the ZigBee and ZigBee PRO feature sets

on 21 platforms provides application developers with a rich environment to deploy interoperable products.

►28 Smart Energy and Home Automation product manufacturers at last months interoperability event!


25


Questions?

copyright © 2008 zigbee tm alliance. all rights reserved. wireless control that simply works zigbee...

Documents

network zigbee

zigbee devices

zigbee networks

zigbee specification

standard zigbee network

zigbee feature set zc

zigbee pro feature sets

zigbee alliance secretary