Wireless Control That Simply Works

ZigBee Technical Overview

Wireless Japan
Tokyo, Japan July 23, 2008
Copyright 2008 ZigBee
TM

Alliance. All Rights Reserved.

Presented by:
Drew Gislason President and CTO San Juan Software Former ZigBee Alliance Secretary to the Application Framework Group E-mail: drewg@sanjuansw.com

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

ZigBee Technical Overview

Latest Version of the ZigBee Specification: ZigBee-2007 The ZigBee-2007 Specification contains definition of two feature sets:
ZigBee feature set ZigBee PRO feature set

The ZigBee and ZigBee PRO feature sets interoperate, network wise, in a limited way within a single network:
ZigBee devices may join PRO networks as an end device ZigBee PRO devices may join ZigBee networks as an end device

ZigBee and ZigBee PRO devices fully interoperate at the application level on the same network ZigBee and ZigBee PRO devices fully interoperate if standard security mode is used on the network
ZigBeeTM Alliance | Wireless Control That Simply Works
Copyright 2008. All Rights Reserved.
3

ZigBee Feature Set

ZigBee Feature Set Ad-hoc self forming networks
 Mesh and Cluster Tree  Unicast, broadcast and groupcast

Logical Device Types

 Coordinator, Router and End Device  Optional Network Manager for PAN ID conflict and frequency agility

Standard Application Services

 Device and Service Discovery  Optional acknowledged service  Optional fragmentation/re-assembly service  Cluster Library support to standard definition of application messages  Mechanism to support mix of Public and Manufacturer Specific profiles in the same network, all supported by standard ZigBee network and application features

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

ZigBee Feature Set

ZigBee Feature Set (continued) Security
 Authentication and Encryption at Network and Application levels.  Symmetric Key with AES-128  Key Hierarchy: Network Keys and Application Link Keys (optional)

Qualification
 Platform Conformance Certification  Manufacturer Specific Product Certification  Public Profile Product Certification  Regularly Scheduled Interoperability Events

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

ZigBee PRO Feature Set

ZigBee PRO Feature Set Ad-hoc self forming networks
 Mesh only  Many to One and Source Routing Enhancements  Network layer multicast

Same Logical Device Types as ZigBee feature set (ZC, ZR, ZED)
 Network Manager for PAN ID conflict resolution and frequency agility

Same Application Services as ZigBee feature set Two security modes:

 Standard security compatible with ZigBee feature set  High security

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

ZigBee PRO Feature Set

ZigBee PRO Features (continued) Security
 Symmetric Key with AES-128  Authentication and Encryption at Network and Application levels.  Key Hierarchy: Master Keys (optional), Network Keys and Link Keys (optional)

Qualification
 Platform Conformance Certification  Manufacturer Specific Product Certification  Public Profile Product Certification  Regularly Scheduled Interoperability Events

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

ZigBee and ZigBee PRO Protocol Stack

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

Stack Architecture
A pplication (A PL ) L ayer A pplication Fram ew ork

A pplication O bject 240

A pplication O bject 1

E ndpoint 240 A PSD E -SA P

E ndpoint 1 A PSD E -SA P

ZDO Public Interfaces

Z igB ee D evice O bject (Z D O )

E ndpoint 0 A PSD E -SA P

IE E E 802.15.4 defined ZigB ee T M A lliance defined E nd manufacturer defined Layer function Layer interface
ZigBeeTM Alliance | Wireless Control That Simply Works
Copyright 2008. All Rights Reserved.

Security M anagem ent

M L D E-SA P

M essage B roker

R outing M anagem ent

N etw ork M anagem ent

M L M E-SA P

M edium A ccess C ontrol (M A C ) L ayer

PL M E -SA P

PD -SA P

Physical (PH Y ) L ayer

2.4 G H z R adio 868/915 M H z R adio

NLME-SAP

S ecurity S ervice P rovider

A PS Security M anagem en M anagem ent t

N L D E -SA P

A PS M essage B roker

R eflector M anagem ent

N L M E -SA P

N etw ork (N W K ) L ayer

ZDO Management Plane

9

APSMESAP

A pplication Support Sublayer (A PS)

Application Device Type Model

Application Device Type

e.g. Light Sensor

e.g. Lighting Controller

...
Logical Device Type
ZigBee Coordinator ZigBee Router ZigBee End Device

Distinguishes the type of device from an end-user perspective Distinguishes the Logical Device Types deployed in a specific network Distinguishes the type of hardware platform

802.15.4 Device Type

FFD Full Function Device

RFD Reduced Function Device

ZigBee products are a combination of Application, Logical, and Physical device types Profiles may define specific requirements for this combination, but can also leave this up to manufacturers
ZigBeeTM Alliance | Wireless Control That Simply Works
Copyright 2008. All Rights Reserved.
10

ZigBee and ZigBee PRO Network Communication Model (Mesh Routing)

ZigBee Coordinator (FFD) ZigBee Router (FFD)

ZigBee End Device (RFD or FFD) Mesh Link

Note: Mesh networking is a bandwidth and RAM efficient routing method. Mesh is supported by both ZigBee and ZigBee Pro networks.
ZigBeeTM Alliance | Wireless Control That Simply Works
Copyright 2008. All Rights Reserved.
11

ZigBee Network Communication Model (Cluster Tree Routing)

ZigBee Coordinator (FFD) ZigBee Router (FFD)

ZigBee End Device (RFD or FFD)

Note: Cluster Tree Routing is the backup routing method in ZigBee (SP1) networks, used if mesh is busy.
ZigBeeTM Alliance | Wireless Control That Simply Works
Copyright 2008. All Rights Reserved.
12

ZigBee PRO Network Communication Model (Many to One and Source Routing)

ZigBee Coordinator (FFD) Concentrator ZigBee Router (FFD)

ZigBee End Device (RFD or FFD) Mesh Link

Note: Concentrators may be any router in the network (not just the ZC). Source routing allows scaling in large networks with limited RAM in most nodes.
ZigBeeTM Alliance | Wireless Control That Simply Works
Copyright 2008. All Rights Reserved.
13

ZigBee and ZigBee PRO Network Topologies and Routing

Mesh network routing permits path formation from any source device to any destination device via a path formed by routing packets through neighbors
Table routing employs a simplified version of Ad Hoc On Demand Distance Vector Routing (AODV), an Internet Engineering Task Force (IETF) Mobile Ad Hoc Networking (MANET) submission Used in both the ZigBee and ZigBee PRO feature sets

Cluster tree network routing directs packets up and down the tree structure created through network formation until they reach their destination
Must use netmask type tree routing (up and down the parent/child links) Fails if parent/child links are not usable over time Used only in the ZigBee feature set

Many to One and Source Routing features address limitations in Mesh network routing where table size requirements are large in certain data transmission scenarios
Many to One allows any device in the network to route data to a well known concentrator through a single routing table entry in every device Multiple concentrators in a single network are possible Source routing allows a concentrator to route responses back to each device supplying a Many to One data request without additional route table entries

End Devices are low power in either feature set since they dont participate in routing and only communicate through their parent (routers or coordinator) at application specified times
ZigBeeTM Alliance | Wireless Control That Simply Works
Copyright 2008. All Rights Reserved.
14

ZigBee Application Model

Devices are modeled through Application Objects Application Objects communicate through the exchange of Clusters and Attributes Each Profile Object can contain single or multiple Clusters and Attributes Binding mechanism ensures interoperable exchange of Clusters/Attributes Clusters/Attributes are sent Directly to destination application objects (thereby to target device) Generic ZigBee device functions are provided through ZigBee Device Objects

ZigBee Device Objects (e.g. ZigBee End Device)

Light Switch Object

Light Switch

On-Off Light Controller

ZigBee Device Objects (e.g. ZigBee Coordinator)

Lighting Control Object

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

15

ZigBee Application Model

Application Profiles are an agreement on a series of messages defining an application space (for example, Home Automation or Smart Energy) Endpoints are a logical extension added to a single ZigBee radio which permits support for multiple applications, addressed by the Endpoint number (1-240) Key Relationships:
Maximum of 240 Endpoints per ZigBee Device (Endpoint 0 is reserved to describe the generic device capabilities and Endpoint 255 is reserved for broadcasting to all endpoints, Endpoints 241-254 are reserved for future use) One Application Profile described per Endpoint

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

16

Security Services Provider (SSP)

Security at each layer:
Network (NWK) layer security for network command frames (route request, route reply, route error) Application (APL) layer security for Application Support Sub-layer (APS) frames

Two Security Modes

Standard Mode (ZigBee and PRO feature sets) Two NWK keys, APL security via NWK key. Ability to switch NWK keys. Optional use of Application Link Keys for pairs of communicating devices at APL. High Security Mode (PRO feature set only) Two NWK keys, separate Link Keys for pairs of communicating devices at APL. Master Keys with the Trust Center for key transport and key establishment. Ability to switch NWK keys. Entity authentication between all pairs of communicating devices.

Security Implementation
Trust Center Creates and distributes the Network Keys. Manages switch from active to secondary Network Key (Standard and High Security Modes). Optionally supports Master Keys and Trust Center Link Key establishment and transport (Optional in Standard security mode and mandatory in High Security mode)
ZigBeeTM Alliance | Wireless Control That Simply Works
Copyright 2008. All Rights Reserved.
17

Security Services Provider (SSP)

Key Hierarchy
Master Key (could be programmed in or provided *in the clear* from the Trust Center) High Security mode only Network Key (used for all NWK commands from any device and for APS messaging) Standard and High Security modes Link Keys (used for each pair of communicating devices) Standard and High Security modes

Features in either Security Mode

Authentication and Encryption Freshness (frame counters) Message Integrity

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

18

Security Service in Standard Mode

Unsecured key-transport Factory or out-ofband installed

NWK Key Basis of security between two (or group of) devices
NWK key is used as basis of security services

Key-Transport Service Unsecured key-transport of NWK key

Authentication Service Secure authentication that a device shares a NWK key.

Frame Security Service Secures all frames (except key-transport)

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

19

Security Service in High Security Mode

Unsecured key-transport

Factory installed SKKE protocol or Link Key/NWK Key Key Transport Basis of security between

Master Key Basis for long-term security between two devices

Secured key-transport from trust center

two (or group of) devices

Link key is used as basis of security services

Frame Security Service Secures all frames (except key-transport)

Secured key-transport of group link keys

Key-Transport Service Secure key-transport of master keys

Authentication Service Secure authentication that a device shares a link key.

Key-Transport Service Secure key-transport of group link keys

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

20

Wireless Control That Simply Works

Feature Sets and Application Deployment

Copyright 2008 ZigBee

TM

Alliance. All Rights Reserved.

Feature Sets
Agreement of stack parameters, settings and policies for a family of application profiles (including manufacturer specific application profiles) Current feature sets:
ZigBee (mesh routing+cluster tree routing)
 Beacon-less, mesh network  Supports any application profile

ZigBee PRO (mesh routing with enhancements)

 Beacon-less, mesh network  Enhanced support for large networks  Enhanced security mode  Application layer compatibility with ZigBee feature set

Feature set identifier supplied in beacon payload. Devices join appropriate networks supporting desired feature set.
ZigBeeTM Alliance | Wireless Control That Simply Works
Copyright 2008. All Rights Reserved.
22

Deployment
Commissioning
Devices are programmed for a specific feature set or to join specific alternate feature set networks
 If multiple networks with the same feature set are present, the application needs mechanisms to help the device select the correct network

Provision security keys (unless they are provided over the air) Establish command/control relationships in the network (binding) Commissioning can take place via a dedicated commissioning tool (laptop or PDA) or via installation key presses on a remote control or the device itself

Common Maintenance Operations requiring application support

Adding new devices to an existing network Combining networks Replacing devices in a network

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

23

Summary
The ZigBee and ZigBee PRO feature sets provide an ad-hoc, self forming network topology supporting mesh routing ZigBee and ZigBee PRO feature sets provide an agreement on specific configuration parameters and network settings to create multi-vendor interoperable networks ZigBee application profiles are an agreement on message formats and command/response exchanges which provide a documented method to create interoperable device types Current status on the ZigBee Ecosystem:
45 product listings for the ZigBee and ZigBee PRO feature sets on 21 platforms provides application developers with a rich environment to deploy interoperable products. 28 Smart Energy and Home Automation product manufacturers at last months interoperability event!
ZigBeeTM Alliance | Wireless Control That Simply Works
Copyright 2008. All Rights Reserved.
24

ZigBee Technical Overview

Questions?

ZigBeeTM Alliance | Wireless Control That Simply Works

Copyright 2008. All Rights Reserved.

25